PROCIRCULAR BLOG

Educating your business on the importance of cybersecurity

Aaron R. Warner

Aaron R. Warner is the founder and CEO of ProCircular, an information Security and Privacy firm focusing on midsized businesses. A former CIO and CTO of Integrated DNA Technology, he’s spent more than two decades working in IT and InfoSec. Mr. Warner is a Certified Information Systems Security Professional (CISSP) and certified Securiity+ engineer, and a full member of the FBI/DHS Infragard partnership. Mr. Warner has earned an MBA from the Tippie School at the University of Iowa, and enjoys cave diving, playing music, a good bottle of wine and above all time with his family.
Find me on:
 

Recent Posts

Using TikTok is Bad Cybersecurity

Posted by Aaron R. Warner on Dec 16, 2022 1:55:22 PM

Any time we log in to socials, we should be cognizant of the information we're willing to reveal and how for-profit actors could use that personal data. Sharing our time, tastes, and feedback with online communities is what draws us to the apps, but it’s easy to “overspend” your seemingly limitless personal data in exchange for entertainment. The TikTok application is unlike its contemporaries because its information-gathering technology is steps ahead and much more powerful. That information is primarily used to tailor the user’s feed and promote engagement with targeted advertisements.  

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Data Security, risk, Social Media

Legality of Ransom Payments

Posted by Aaron R. Warner on Feb 1, 2022 3:44:30 PM

As clients begin to recognize and prepare against the threat of ransomware attacks, one tricky question keeps coming up. Is paying a ransom “illegal yet?”. No company is champing at the bit to make unplanned payments, especially not to potential terrorists on the OFAC list, but the legality of the matter depends on a few factors. *Please note that ProCircular does not provide legal advice, rather, we disseminate guidance from the top legal authorities.

As a cybersecurity professional and business owner, I keep a close eye on the everchanging recommendations surrounding ransomware attacks and incident management. I found the following document to be one of the more up-to-date (at least by government standards) and straightforward pieces available on the topic. Here's the short version:

“In the context of hostage-taking, for example, DOJ clarified in 2015 that it “has never used the material support statute to prosecute a hostage’s family or friends for paying a ransom for the safe return of their loved one.”67

Basically, there is a low likelihood of prosecution for making ransom payments, even when it is paid to a known threat actor on the OFAC denied persons list. I would only expect to see legal action taken if a very large company went through with the payment while it was expressly illegal. Even then, the punishment would be intended to make an example rather than punish the victim.

Read More
0 Comments Click here to read/write comments

Topics: Incident Response, Ransomware

Cybersecurity is a Team Sport: Peter Drucker on Cyber Attacks

Posted by Aaron R. Warner on Oct 11, 2021 10:48:44 AM

When Peter Drucker produced his seminal work, “What Makes an Effective Executive,” in the Harvard Business Review (Drucker, June, 2004), he may not have been writing with cybersecurity in mind. In fact, in 2004, the cybersecurity world had only begun to appear as the many-headed beast it’s become since then. Nonetheless, this text is an excellent guide for executives about incident response and breach management.

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, budgeting, security incident handling

Cybersecurity 2026 – Looking Five Years Ahead

Posted by Aaron R. Warner on Dec 30, 2020 11:13:31 AM

Technical Innovation Increases Cybersecurity Risk

New technologies help revolutionize all industries and the way they conduct business. Simultaneously, it increases blind spots that commonly open the door for exploitation by cybercriminals. As technical innovation rises exponentially, so too will the associated cybersecurity risk. New applications of AI are emerging on both the offensive and defensive side of the coin. AI can be trained to detect sophisticated threats and other anomalous activities, which help reduce the time from infection to detection; however, attackers will also continue to leverage this to their advantage. There are other examples: 5G, the continued fracturing of the xAAS into smaller and smaller constellations of services, and the embedding of increasingly complex technology into the human body. These innovations all create cybersecurity risks that will need to be addressed.

Read More
0 Comments Click here to read/write comments

#Zoombombing, Nazi's, Kids, and Cybersecurity 2020

Posted by Aaron R. Warner on Apr 23, 2020 12:20:55 PM

Zoom has been a big name in the headlines lately, mainly due to the world’s newfound dependence on, and perhaps obsession with, the platform. As global business is forced to move online, Zoom has become one of the most commonly chosen video conferencing platforms. It’s easy to use, simple to roll out, and the company has provided free and low-cost licenses to both public and private organizations.

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, consumer security, hacking

All posts
  • There are no suggestions because the search field is empty.

ProCircular is a Full-Service Information Security Firm

We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

  • Breached or hit with ransomware?
  • Don't know where to start? 
  • Looking to confirm your security with a third party?

Secure your future with ProCircular.

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates