PROCIRCULAR BLOG

Educating your business on the importance of cybersecurity

Aaron R. Warner

Aaron R. Warner is the founder and CEO of ProCircular, an information Security and Privacy firm focusing on midsized businesses. A former CIO and CTO of Integrated DNA Technology, he’s spent more than two decades working in IT and InfoSec. Mr. Warner is a Certified Information Systems Security Professional (CISSP) and certified Securiity+ engineer, and a full member of the FBI/DHS Infragard partnership. Mr. Warner has earned an MBA from the Tippie School at the University of Iowa, and enjoys cave diving, playing music, a good bottle of wine and above all time with his family.
Find me on:

Recent Posts

Legality of Ransom Payments

Posted by Aaron R. Warner on Feb 1, 2022 3:44:30 PM

As clients begin to recognize and prepare against the threat of ransomware attacks, one tricky question keeps coming up. Is paying a ransom “illegal yet?”. No company is champing at the bit to make unplanned payments, especially not to potential terrorists on the OFAC list, but the legality of the matter depends on a few factors. *Please note that ProCircular does not provide legal advice, rather, we disseminate guidance from the top legal authorities.

As a cybersecurity professional and business owner, I keep a close eye on the everchanging recommendations surrounding ransomware attacks and incident management. I found the following document to be one of the more up-to-date (at least by government standards) and straightforward pieces available on the topic. Here's the short version:

“In the context of hostage-taking, for example, DOJ clarified in 2015 that it “has never used the material support statute to prosecute a hostage’s family or friends for paying a ransom for the safe return of their loved one.”67

Basically, there is a low likelihood of prosecution for making ransom payments, even when it is paid to a known threat actor on the OFAC denied persons list. I would only expect to see legal action taken if a very large company went through with the payment while it was expressly illegal. Even then, the punishment would be intended to make an example rather than punish the victim.

Read More

Topics: Incident Response, Ransomware

Cybersecurity is a Team Sport: Peter Drucker on Cyber Attacks

Posted by Aaron R. Warner on Oct 11, 2021 10:48:44 AM

When Peter Drucker produced his seminal work, “What Makes an Effective Executive,” in the Harvard Business Review (Drucker, June, 2004), he may not have been writing with cybersecurity in mind. In fact, in 2004, the cybersecurity world had only begun to appear as the many-headed beast it’s become since then. Nonetheless, this text is an excellent guide for executives about incident response and breach management.

Read More

Topics: Cybersecurity, budgeting, security incident handling

Cybersecurity 2026 – Looking Five Years Ahead

Posted by Aaron R. Warner on Dec 30, 2020 11:13:31 AM

Technical Innovation Increases Cybersecurity Risk

New technologies help revolutionize all industries and the way they conduct business. Simultaneously, it increases blind spots that commonly open the door for exploitation by cybercriminals. As technical innovation rises exponentially, so too will the associated cybersecurity risk. New applications of AI are emerging on both the offensive and defensive side of the coin. AI can be trained to detect sophisticated threats and other anomalous activities, which help reduce the time from infection to detection; however, attackers will also continue to leverage this to their advantage. There are other examples: 5G, the continued fracturing of the xAAS into smaller and smaller constellations of services, and the embedding of increasingly complex technology into the human body. These innovations all create cybersecurity risks that will need to be addressed.

Read More

#Zoombombing, Nazi's, Kids, and Cybersecurity 2020

Posted by Aaron R. Warner on Apr 23, 2020 12:20:55 PM

Zoom has been a big name in the headlines lately, mainly due to the world’s newfound dependence on, and perhaps obsession with, the platform. As global business is forced to move online, Zoom has become one of the most commonly chosen video conferencing platforms. It’s easy to use, simple to roll out, and the company has provided free and low-cost licenses to both public and private organizations.

Read More

Topics: Cybersecurity, consumer security, hacking

ProCircular Offers Free Cybersecurity Scans to Critical Infrastructure

Posted by Aaron R. Warner on Mar 26, 2020 11:41:39 AM

Preventing COVID Cyber Breaches: ProCircular Offers Free Cybersecurity Scans to Critical Infrastructure

Read More

    ProCircular is a Full-Service Information Security Firm

    We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

    • Breached or hit with ransomware?
    • Don't know where to start? 
    • Looking to confirm your security with a third party?

    Secure your future with ProCircular.

    Recent Posts

    Subscribe to Email Updates