Are You Having A Technology Emergency?

True North Networks Blog

True North Networks has been serving the Swanzey area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

4 Reasons to Unplug During Your Next Vacation

Staying plugged in, whether it be at an event or on vacation, is the new norm. We have our mobile devices right by our side at all times to check social media, email, and even snap photos to remember the experience—whether it be from the sand, lake, or mountaintop.

But, as a result, you defeat the purpose of getting away in the first place—to kick your feet up, unwind, and recharge your mind and body.

Below are some reasons why unplugging may help you truly relax on vacation:OutOfOffice wp 770x385

1. You’ll remember more.

Think about it. The time you spend taking an Instagram-worthy photo, editing it on the spot, and uploading it to keep your friends, family, and social acquaintances looped in on all you’re enjoying is time taken away from you actually enjoying the moment you’re in.

Going back to the photo of the grandmother in the crowd, how much do you think everyone else around her remembers about that day? Chances are, not as much as they could have if they put their phones in their pockets or purses and soaked up their surroundings.

2. You’ll truly soak in your surroundings.

Yes, that’s another key benefit in and of itself. You see, staring at the world through your phone can seriously limit the number of beautiful things you have the pleasure of seeing with your own eyes within the destination you’re exploring.

When you’re not glued to your phone, you’ll probably notice a lot more like the local animals, architecture, people, and even your kids’ excitement over seeing new things.

3. You’ll feel closer to your vacation crew.

The thing is, mobile devices can often make you feel less close to the people you’re with because you’re so focused on what’s going on with the people behind the screen, whether it be those you know or celebrities. In fact, evidence suggests that even when people aren’t actively checking them, the mere awareness that their smartphone is turned on and close by leads to distracted, lower-quality interactions.

So, push all that aside and truly focus on the people you’re with—your vacation crew. And, cherish your time with them because life moves quickly, and, to quote Ferris Bueller’s Day Off, “If you don’t stop and look around every once in awhile, you could miss it.”

4. You’ll maximize the benefits of taking a vacation.

Last but certainly not least, maybe you and your family are feeling seriously bogged down when it comes to the hustle and bustle of everyday life. Thus, what do you do? You book that much-needed vacation destination of choice where relaxation awaits. Well, not if everyone’s attached to their phones the entire time. I say that because, when you don’t find the time to unplug, you’ll lose out on maximizing the benefits of taking a tech-free (or tech-limited) vacation. Benefits such as:  

  • Reduced feelings of stress and increased feelings of relaxation.
  • Improved concentration and creativity.
  • Increased mental clarity.
  • Improved health.
  • A restful night’s sleep.
  • Support of a healthy work/life balance.



Continue reading

5 Reasons To Have a Data Backup & Disaster Recovery Plan

Having a data backup and recovery plan is important to the overall success of your business. Without one, your business can suffer from permanent data loss, massive downtime, and unnecessary expenses. This being said, a large majority of SMBs still feel as though they can go without a data backup and recovery plan … which is a huge mistake.

Here are five reasons it’s more important than ever to have a data backup and recovery plan for your SMB.   

ALL Data is a targetimages

Whether you’re a dentist or an attorney, working at a Fortune 500 company or building up a mom-and-pop shop, your data will always remain vulnerable to threats. Viruses, accidents, and punk teenagers halfway across the world are not picky. They will attack any business of any type, and they will do it to fulfill a vendetta, acquire sensitive data, or simply because they can. In fact, 43% of all cyber attacks specifically target small businesses.


The thing about data loss is that it’s not always the direct result of a tornado or massive flooding (like most people tend to think). Instead, over half of all data loss incidents are the result of human error or hardware malfunctions — both of which are hard to prevent. In other words, data is incredibly easy to lose, and there are a variety of “everyday” situations that can make this happen.



When you lose data, one thing is certain: downtime. Without your data, it will be incredibly hard for employees to work. Imagine how difficult it would be to work without your mission-critical business applications or how much harder it would be to handle clients if you don’t have any contact information or account status. In these situations, your business will be forced to do whatever it can to recover lost data. If you don’t have a recovery solution, then your restoration efforts will become rebuilding efforts, starting from scratch to recreate whatever was lost.  


Again, if you lose data without a recovery option, then you’ll be forced to start over with your data. However, some data simply cannot be recovered; it’s irreplaceable. And when this happens, it will be much harder for your business to recover 100% of the information you worked so hard to gather, create and deliver.


Imagine for a minute that you do lose irreplaceable data. How would you feel trying to explain this to your clients? Would you be embarrassed? Most likely. And how exactly do you think your clients would feel? Probably a little irritated and a lot nervous. Maybe even annoyed enough to never do business with you again. Losing data will affect the way your clients (and the public in general) view your business and their relationship with you. They will think you lack professionalism, and they will feel as if you aren’t capable of protecting their data.


Continue reading

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Alert (TA18-145A)

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Original release date: May 25, 2018

Systems Affected

  • Small office/home office (SOHO) routers
  • Networked devices
  • Network-attached storage (NAS) devices


Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide [1] [2]. The actors used VPNFilter malware to target small office/home office (SOHO) routers. VPNFilter malware uses modular functionality to collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic. Specific characteristics of VPNFilter have only been observed in the BlackEnergy malware, specifically BlackEnergy versions 2 and 3.

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) recommend that owners of SOHO routers power cycle (reboot) SOHO routers and networked devices to temporarily disrupt the malware.

DHS and FBI encourage SOHO router owners to report information concerning suspicious or criminal activity to their local FBI field office or the FBI’s 24/7 Cyber Watch (CyWatch). Field office contacts can be identified at CyWatch can be contacted by phone at 855-292-3937 or by email at Each submitted report should include as much informaiton as possible, specifically the date, time, location, type of activity, number of people, the type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact.


The size and scope of this infrastructure impacted by VPNFilter malware is significant. The persistent VPNFilter malware linked to this infrastructure targets a variety of SOHO routers and network-attached storage devices. The initial exploit vector for this malware is currently unknown.

The malware uses a modular functionality on SOHO routers to collect intelligence, exploit LAN devices, and block actor-configurable network traffic. The malware can render a device inoperable, and has destructive functionality across routers, network-attached storage devices, and central processing unit (CPU) architectures running embedded Linux. The command and control mechanism implemented by the malware uses a combination of secure sockets layer (SSL) with client-side certificates for authentication and TOR protocols, complicating network traffic detection and analysis.


Negative consequences of VPNFilter malware infection include:

  • temporary or permanent loss of sensitive or proprietary information,
  • disruption to regular operations,
  • financial losses incurred to restore systems and files, and
  • potential harm to an organization’s reputation.


DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware.

Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded to the latest available versions of firmware, which often contain patches for vulnerabilities.

Rebooting affected devices will cause non-persistent portions of the malware to be removed from the system. Network defenders should ensure that first-stage malware is removed from the devices, and appropriate network-level blocking is in place prior to rebooting affected devices. This will ensure that second stage malware is not downloaded again after reboot.

While the paths at each stage of the malware can vary across device platforms, processes running with the name "vpnfilter" are almost certainly instances of the second stage malware. Terminating these processes and removing associated processes and persistent files that execute the second stage malware would likely remove this malware from targeted devices.



  • May 25, 2018: Initial Version


Continue reading

Tax Season Cybersecurity Tips

Nearly a year ago, in February 2017, the IRS issued a warning regarding phishing attacks targeting a broad range of companies. The scam involves a hacker impersonating an employee of a company, usually Tax Fraud Equifaxthe CEO, and sending an email asking for a list of employees and their W-2 forms. The hacker would then make fraudulent tax filings using the W-2 forms. The scam is similar to the traditional Business Email Compromise (BEC), which involves spoofing an employee account in order to direct wire transfers to fraudulent accounts. The scam was enormously successful.  And while the IRS is taking steps to prevent the use of this information for tax fraud, companies that fall victim to these scams may still be liable under data breach laws and for other identity fraud that can be committed using this data.

Below are five questions in-house counsel should be asking their information security team to mitigate their company’s risk.

  1. Do we transmit employee HR information, particularly Social Security numbers and W-2 or similar tax forms, by email? Is it possible to limit the transmission to a more secure method, such as through a restricted access cloud account with limited permissions for access and downloading?
  2. If we do transmit these files by email, do we require them to be encrypted or password-protected? (And if so, how are these passwords created and shared?)
  3. Do we have a policy in place about who can access, request, or receive this information? Do we have a “whitelist” of people who should have access? And do we require phone or other confirmation before transmitting such information?
  4. Do we have logging in place for where we store this information that would allow us to determine if there has been unauthorized access?
  5. Have we done a search for similar domain names to ours that could be easily spoofed?  (For example, if our domain is, do we also own or Are we aware of who owns addresses similar to ours?

Implementing just a few of these tools and policies can help reduce your company’s exposure to cybersecurity attacks.

Resource taken from:

Continue reading

2018 Winter Olympics Phishing Campaign Hides Evil Script in Image

winter olympics

According to researchers at McAfee, a new malware campaign is targeting organizations associated with the upcoming 2018 Winter Olympics in Pyeongchang, South Korea. This new technique is expected to make it into your users' inbox soon, so here is your heads-up. The attack is being delivered via phishing emails disguised as alerts from country's National Counter-Terrorism Center, with malicious Word documents attached. Future attacks could be using any social engineering tricks. Jonathan, from our friends at Barkly explained the technical background: "Once opened, the Word doc encourages readers to enable content. If they do, that triggers an embedded macro to launch PowerShell. Up to this point, this is nothing really new. But here's where things get interesting... Why this attack is different: What truly makes this campaign notable is its use of a brand new PowerShell tool called Invoke-PSImage that allows attackers to hide malicious scripts in the pixels of otherwise benign-looking image files, and later execute them directly from memory. Why that's dangerous: Not only does hiding the script inside an image file help it evade detection, executing it directly from memory is a fileless technique that generally won't get picked up by traditional antivirus solutions. No download necessary: Invoke-PSImage can be used to extract scripts from downloaded images or images hosted on the web. That means an attacker doesn't necessarily need to download an image onto a machine in order to get a script embedded inside it to run on that machine. In the case of this particular malware campaign, the image file is downloaded to the victim machine. Once extracted, the embedded script is passed to the Windows command line and executed via PowerShell. This attack is another troubling example of how attacks are evolving away from using malicious .exe's. In the past, we've seen many attacks abusing PowerShell follow a tried-and-true pattern: Spam email with Word attachment > Word attachment with embedded macro > Macro launches PowerShell script > PowerShell script downloads and executes malware .exe payload In these scenarios, traditional antivirus solutions have a chance of scanning and blocking the attack, but not until the very last step. Once the malware payload has been downloaded onto the device the AV might be able to block it, but only if the malware has been seen before and the AV has a signature it can refer to in order to identify it. In these scenarios, we've seen plenty of instances where the AV misses and the infection is successful. This new malware campaign presents an even worse scenario in which the AV doesn't have that opportunity: Spam email with Word attachment > Word attachment with embedded macro > Macro launches PowerShell script > PowerShell script extracts 2nd PowerShell script from image and executes it from memory > In-memory executed script gives attacker remote access and control With no malicious executable file to scan, this attack can easily succeed unless other protections are in place. Here are a few things you can do to reduce your risk of attacks like this:
• Train employees not to open email attachments from senders they don't know: They should be especially wary of Word documents that ask them to enable content/macros.
• Enforce stricter macro controls: For starters, consider blocking macros in Office files downloaded from the internet.
• Disable or restrict PowerShell: If PowerShell isn't being used for something vital on a machine, disable it. If it is being used for something vital, consider using PowerShell Constrained Language Mode. That will limit PowerShell to its most basic functionality and make many fileless attack techniques unusable."
We could not agree more! You need to create a security culture in your organization and these suggestions are important controls. This post is also at the KnowBe4 Blog, at the end it shows a great new way to create a security culture - at no cost:

Recent Comments
Mazda Mazda
Every user try to get the updates on winter olympics campaign to get evil script. The details we should follow for term papers uk ... Read More
Tuesday, 29 May 2018 10:11
William Son
Winter olympic game is becoming more and more acceptable to many countries in this world.With the proper and effective strategies,... Read More
Friday, 01 June 2018 10:55
Continue reading

Employers beware: Wave of Phishing Scams Targeting Employee Paychecks

paycheck fraud photo

There is a new Direct Deposit phishing attack you need to watch out for. It's a sophisticated scam that starts with an official-looking email that asks you to click a link and access a website. Next, they ask you to confirm the data with your real username and password. Last, they use your info to access payroll portals, and reroute your direct deposit amounts to bank accounts owned by the bad guys. The lesson here is to never give anyone your credentials in response to an email... Think Before You Click! Employers may want to immediately take the following precautions to avoid security breaches as a result of these phishing scams:
• Alert your workforce to this scam.
• Direct employees to forward any suspicious requests to the information technology or human resources departments, rather than replying to the e-mail.
• Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any e-mail.
• Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.
• Enforce (or, where necessary, establish) multifactor authentication requirements.
• Review and update the physical, technical and personnel-related measures taken to protect your sensitive information and data." Resource:

Recent Comments
Delia enos
Google authority automatically could detect the malware or harmful email for your device.This is edubirdie legit for the email sec... Read More
Friday, 04 May 2018 18:50
William Son
Paycheck should be valid and comfortable to the every kind of business owners.The student writing service is becoming more and mor... Read More
Sunday, 27 May 2018 10:46
Continue reading

Staying Secure On The Road

While your network at home or at work may be secure, you should assume that any network you connect to while traveling cannot be trusted. Below are some simple tips that will go a long way protecting you and your data before you travel:

1. Identify which data you don’t need on any devices you are bringing with you and then remove it. This can significantly reduce the impact if your device is stolen, lost, etc.
travel safe2. Lock your mobile devices with a strong password or passcode to avoid anyone getting access to your information.
3. Install or enable software on your device so you can remotely track your location and even wipe it if it has been lost or stolen.
4. Update your devices, applications, and anti-virus software before leaving so that you are running the latest versions. Many cyber-attacks focus on systems with outdated software.
5. Do a complete backup of your devices prior to traveling. This way, if something does happen to them while traveling, you still have all of your original data in a secured location.
6. For international travel, check with your mobile service provider prior to leaving. Service providers often charge high rates for international data usage and you may wish to disable your cellular data capabilities while you’re away or purchase a local SIM card to allow for international travel.
7. Always ensure the physical safety of your devices while traveling by avoiding leaving them in plain sight such as in rental cars, taxis, etc for potential criminals to break in and grab your valuables.
8. Avoid using public wifi, especially in hotels, local coffee shops, or airports, as you never know who set them up or is accessing them. If you do use the wifi, ensure all of your online activity is encrypted or use a VPN (Virtual Private Network) which can encrypt all of your online activity when enabled.
9. Avoid using public computers, such as those found in hotel lobbies or cyber cafes to login to any accounts or to access sensitive information. Whenever possible, only use devices you can control and trust.
10. Knowledge is power! Share your knowledge of keeping your devices safe while on the road with friends, family and co-workers.

Resources taken from:

Recent Comments
Technology is increasing day by day, and I think that because of cheap writing services everyone is having emergency. People are n... Read More
Saturday, 24 February 2018 19:03
William Son
Anything change makes a challenge to overcome and obstacles in the life span.But good planning and execution will bring the succes... Read More
Saturday, 05 May 2018 13:03
Rick Hendrix
We are in the 21st century where smartphones play an important role in our whole day lifestyle, securing them with these steps hel... Read More
Saturday, 04 August 2018 15:21
Continue reading

Consumers worry about their data, but don't bother much with security

A recent worldwide consumer survey found a major disconnect between general fears about cybersecurity and the actions taken to protect not only their personal information, but their families from cyberattacks.

consumer blog

A McAfee survey of 6,400 people found that when it comes to online family safety, identity theft protection and the connected home many people either don't understand the risks or have simply not bothered to protect themselves.

When it comes to keeping track of what their children are doing online the survey found that almost one-third of parents do not monitor their kids online activities and device usage and 33 percent simply don't understand the risks well enough to explain all the potential dangers to their children. On the bright side 79 percent said they had talked to their kids about online safety.

Despite the many public hacks that compromised personally identifiable information that took place last year, only 37 percent of those surveyed use an identity monitoring service, although 67 percent claim to keep an eye on their various accounts to prevent identity theft.

The survey results surrounding the connected home offered an interesting mix of having about half the people being aware of the problems involved in remaining secure, but then again only half or so bothered to do anything to lock down their smart devices.

The most worrying statistic uncovered was that 44 percent of those surveyed leave their home network open and accessible to others, despite the fact that 63 percent said their biggest fear in this area is having their identity stolen through their home network.

The reason behind this lack of home network security is answered by the 53 percent who told McAfee that they are unsure how to secure their devices.

The survey consisted of 6,400 respondents from the U.S., UK, Australia, Germany, France and Singapore.



Continue reading

A Year in Review from True North

It’s been a very exciting few months at True North, so we’d like to take a moment to share some recent business highlights:

  • On April 1, 2017, True North Networks celebrated its 15th Anniversary! Thank you to all of you, our valued clients, employees, friends and colleagues for making this a reality! Looking forward to the next 15 years! Follow us on Facebook to stay up to date!
  • We have significantly grown over the past few months and are excited to welcome the following to our TNN team! Julianne Kowaliw, and Bill Janoch. Visit our meet the team page to learn more!
  • On October 1, 2017, TNN recently rolled out CYFIR, a robust threat assessment technology, as part of our SecureWorkplace® cybersecurity offering. This technology rapidly identifies, isolates, remediates and removes threats from a network, minimizing downtime from a cyber event and improves speed to resolution. Contact us to learn more!
  • On November 1, 2017, True North in conjunction with the Financial Planning Association of Pittsburgh, PA hosted a FREE Cybersecurity seminar, featuring our own Steve Ryder, Matt Meade, from Buchanan Ingersoll & Rooney and Ben Cotton, CEO of CyTech. Click here to see where Steve speaks next!
  • On November 4, 2017, TNN held its first CPR & AED training for employees with the Swanzey Fire Dept. and become the first AED in Swanzey, NH. We now have 8 CPR certified TNN employees!
  • On November 16th, 2017, the TNN team celebrated a night out at one of our local community spots, the Colonial Theatre, where we enjoyed a show and lots of laughs! Click here to see photos from the show!
  • On February 21, 2018, True North Networks will be hosting, along with the Greater Keene Chamber of Commerce, its first “Business After Hours” event on Wednesday, February 21, 2018. We’re excited about 2018 and connecting with local business owners!
Continue reading

Cybersecurity in the Workplace is Everyone’s Business

Working for a Managed Service Provider, our engineers see and deal with lots of “mistakes” that our clients make in the workplace. In honor of last month being Cybersecurity Month, read below to see common mistakes that you may be making that your MSP secretly wishes you wouldn’t make.

  1. Lock your computer

Plenty of people lock their computers when they walk away from their desks, but enough people don’t bother - that this one is top of my list. Remember to lock your computer! To lock your Windows computer10 16 2017 9 34 44 AM use CTRL+ALT+DEL and select Lock, or press +L. (That square character is the key with the Windows logo on it.)

  1. Loose lips sink ships

It’s easy to leak information by accidentally sending things to the wrong people, saying the wrong thing in the wrong place, mislaying printed documents or leaving meeting rooms without erasing whiteboards.

Re-read what you’re about to sending in emails, instant messages or texts, and make sure that what you’re about to send will go to your intended recipients. Review files before attaching them – it’s easy to leak sensitive information if it’s in a small section of a much bigger spreadsheet or document. Erase the whiteboard before you leave a meeting room to ensure nothing confidential will find its way onto the mobile phone of a camera-happy passer-by.

  1. Save regularly

Saving things regularly, to the appropriate place – such as network drives – ensures that the data you have is secure in the event that your laptop is stolen. Your MSP will make sure your work laptop is encrypted so that your data won’t end up in the wrong hands if your laptop is lost or stolen, but we can’t recover your data if you haven’t saved it somewhere safe and secure where we can keep an eye on it for you.

  1. Separate personal and professional

If you use your home email, personal messaging account, or anything else outside the reach of your IT’s policies, for work, then we can’t protect you and you’ll be answerable for the consequences. If you use your work computer, email or phone for personal stuff, for eBay, PayPal, pictures of your kids and pets, it won’t be there if you leave the company and can cause potential security issues as well.

The principle of least privilege applies – we don’t need access to your personal stuff so we shouldn’t have it.

  1. Tell us what happened (seriously, tell us everything)

Finally, if you have to report something to your MSP, please don’t cut down or amend your story. Something small and insignificant can drastically change the troubleshooting steps we need to go through and even a small detail missed can reduce our efficiency and effectiveness.

We want to know literally everything you can remember before and after an event to build a better picture of what happened. (We will find it eventually and be annoyed you didn’t share!)

We’re on your side, and we’d love to have you on ours – we’re all in this together.

Resources taken from: 

Continue reading

Beware: Spoofed Email From the SEC

Be aware of a NEW malware email campaign that is highly targeted in nature and uses spear phishing emails that are spoofed to make them appear as if they were sent by the Securities and ExchangeSEC compliance Commission (SEC) in an attempt to add a level of legitimacy and convince users to open them. The emails are pretending to be from the SEC Electronic Data Gathering Analysis and Retrieval (EDGAR) system and the authentic looking phishing email contains an attachment complete with logos, branding, and wording that would you would expect to see on documents received from the SEC.

When the attached Word document is opened, victims would be greeted with a message informing them that the document contains links to external files, and asking them to allow/deny the content to be retrieved and displayed. Should they agree, the malicious document reaches out to an attacker-controlled command-and-control (C&C) server which executes the first malware infection. Code is retrieved, obfuscated, and then executed, which kicks off persistence on systems, registry rewrites, scheduled task creation, and DNS requests are made. In this particular case, the malware features the capability to leverage scheduled tasks, as well as registry keys to obtain persistence making it more likely that subsequent attacks can fly under the radar for longer periods.

Please let your staff know to be extra careful with email that appears to be coming from the SEC, and in particular their EDGAR system, or with an attachment.

Continue reading

What You Can Do to Protect your Personally Identifiable Information (PII) At Home

While no one can be completely protected from identity theft, there are things you can do to protect yourself against this particular approach. Read below to learn the variety of things you can do to safeguard your protect yourself at homePII in your home and minimize your exposure:

  • Minimize your exposure.Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t overshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and consider freezing your credit.
  • Monitor your accounts.Check your credit report regularly, keep track of your credit score, and review major accounts daily if possible. If you prefer a more laidback approach, sign up for free transaction alerts from financial services institutions and credit card companies or purchase a sophisticated credit- and identity-monitoring program.
  • Manage the damage. Make sure you quickly get on top of any incursion into your identity and enroll in a program where professionals help you navigate and resolve identity compromises—oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions, and HR departments.
  • Miniaturize your data. Not only is a mountain of paperwork hard to store, it is also increasingly unnecessary. Get into the habit of scanning or even photographing your documents and then shredding the hard copies. Create two or three copies of the digital files—and make sure one of them is stored somewhere other than your house, since fires and other cataclysmic events do happen.
  • Use encrypted external storage.Whether you choose a thumb drive, a cloud server, or an external hard drive, store your PII digitally in an encrypted form. And it’s always better to choose a device that offers rich security features, like biometrics or two-factor authentication.
  • Invest in a safe.Once the exclusive equipment of rich folks, safes are now very affordable. They are a great place to store all that miniaturized data. Get one that is fireproof and has a biometric element (like a fingerprint scan) to further protect your information.
  • Employ two-factor data management. Store your data in more than one place. An encrypted drive can be left with the most untrustworthy relative. Just make sure that you have a backup somewhere. If you have a safety deposit box, that’s probably the best bet.

Resources taken from:  

Continue reading

7 Critical Skills For the Jobs of the Future

We live in a world of accelerating change. New industries are constantly being born and old ones are becoming obsolete. A report by the World Economic Forum reveals that almost 65 percent of the jobs 

jobs of the future

elementary school students will be doing in the future do not even exist yet. Both the workforce and our knowledge base are rapidly evolving.

Combined with the effects of technological automation on the workforce, this leaves us with a crucial question: What are the skills future generations will need?

Education expert Tony Wagner has spent a lifetime trying to answer this very question. Through investigating the education sector, interviewing industry leaders and studying the global workforce at large, Wagner has identified seven survival skills of the future. These are skills and mindsets young people absolutely need in order to meet their full potential.

1. Critical Thinking and Problem Solving

We spend so much time teaching students how to answer questions that we often neglect to teach them how to ask them. Asking questions—and asking good ones—is a foundation of critical thinking. Before you can solve a problem, you must be able to critically analyze and question what is causing it. This is why critical thinking and problem solving are coupled together.

Wagner notes the workforce today is organized very differently than it was a few years ago. What we are seeing are diverse teams working on specific problems, as opposed to specific specialties. Your manager doesn’t have all the answers and solutions—you have to work to find them.

Above all, this skill set builds the very foundation of innovation. We have to have the ability to question the status quo and criticize it before we can innovate and prescribe an alternative.

2. Collaboration Across Networks and Leading by Influence

One of the major trends today is the rise of the contingent workforce. In the next five years, non-permanent and remote workers are expected to make up 40 percent of the average company’s total workforce. We are even seeing a greater percentage of full-time employees working on the cloud. Multinational corporations are having their teams of employees collaborate at different offices across the planet.

Technology has allowed work and collaboration to transcend geographical boundaries, and that’s truly exciting. However, collaboration across digital networks and with individuals from radically different backgrounds is something our youth needs to be prepared for. According to a New Horizons report on education, we should see an increasing focus on global online collaboration, where “digital tools are used to support interactions around curricular objectives and promote intercultural understanding.”

Within these contexts, leadership among a team is no longer about commanding with top-down authority, but rather about leading by influence. Ultimately, as Wagner points out, “It’s about how citizens make change today in their local communities—by trying to influence diverse groups and then creating alliances of groups who work together toward a common goal.”

3. Agility and Adaptability

We live in a VUCA (Volatile, uncertain, complex and ambiguous) world. Hence, It’s important to be able to adapt and re-define one’s strategy.

In their book, “Critical Thinking: How to Prepare Students for a Rapidly Changing World,” Richard Paul & Dillion Beach note how traditionally our education and work mindset has been designed for routine and fixed procedure. “We learned how to do something once, and then we did it over and over. Learning meant becoming habituated,” they write. “But what is it to learn to continually re-learn? To be comfortable with perpetual re-learning?”

In the post-industrial era, the impact of technology has meant we have to be agile and adaptive to unpredictable consequences of disruption. We may have to learn skills and mindsets on demand and set aside ones that are no longer required.

4. Initiative and Entrepreneurship

Traditionally, initiative has been something students show in spite of or in addition to their schoolwork. For most students, developing a sense of initiative and entrepreneurial skills has often been part of their extracurricular activities.  With an emphasis on short-term tests and knowledge, most curricula have not been designed to inspire doers and innovators.

Are we teaching our youth to lead? Are we encouraging them to take initiative? Are we empowering them to solve global challenges? Throughout his research, Wagner has found that even in corporate settings, business leaders are struggling to find employees who consistently “seek out new opportunities, ideas and strategies for improvement.”

5. Effective Oral and Written Communication

A study by the Partnership for 21st Century Skills showed that about 89 percent of employer respondents report high school graduate entrants as “deficient” in communication.

Clear communication isn’t just a matter of proper use of language and grammar. In many ways, communicating clearly is an extension of thinking clearly. Can you present your argument persuasively? Can you inspire others with passion? Can you concisely capture the highlights of what you are trying to say? Can you promote yourself or a product?

Billionaire entrepreneur Richard Branson has famously said “Communication is the most important skill any leader can possess.” Like many, he has noted it is a skill that can be learned and consequently used to open many opportunities.

6. Assessing and Analyzing Information

We now live in the information age. Every day we create 2.5 quintillion bytes of data. As this infographic shows, this would fill 10 million Blu-ray disks.

While our access to information has dramatically increased, so has our access to misinformation. While navigating the digital world, very few students have been taught how to assess the source and evaluate the content of the information they access. Moreover, this information is continuously evolving as we update our knowledge base faster than ever before.

Furthermore, in the age of fake news, an active and informed citizen will have to be able to assess information from many different sources through a critical lens.

7. Curiosity and Imagination

Curiosity is a powerful driver of new knowledge and innovation. It is by channeling a child-like sense of awe and wonder about the world that we can truly imagine something even better. It takes powerful imagination to envision breakthroughs and then go about executing them. It is the reason Albert Einstein famously said, “Imagination is more important than knowledge.”

We consistently spoon-feed students with information instead of empowering them to ask questions and seek answers. Inquisitiveness and thinking outside the box need to be treated with the same level of importance the school system gives to physics or math.

Transforming the Future of Education

There is a stark contrast between these seven survival skills of the future and the focus of education today. Instead of teaching students to answer questions, we should teach them to ask them. Instead of preparing them for college, we should prepare them for life.

Beyond creating better employees, we must aim to create better leaders and innovators.  Doing so will not only radically transform the future of education and the workforce, it will also transform the world we live in.


Information taken from:

Continue reading

Why Every Leader Needs to Be Obsessed with Technology

Why is it difficult for leaders to see technological change coming and right the ship before it’s too late? Why did Tower go all out on expansion just as the next big thing took the stage?

This is one story of many. Digitization has moved beyond music and entertainment, and now many big retailers operating physical stores are struggling to stay relevant. Meanwhile, the pace of change is accelerating, and new potentially disruptive technologies are on the horizon.

More than ever, leaders need to develop a strong understanding of and perspective on technology. They need to survey new innovations, forecast their pace, gauge the implications, and adopt new tools and strategy to change course as an industry shifts, not after it’s shifted.

Simply, leaders need to adopt the mindset of a technologist. Here’s what that means.

Survey the Landscape

Nurturing curiosity is the first step to understanding technological change. To know how technology might disrupt your industry, you have to know what’s in the pipeline and identify which new inventions are directly or indirectly related to your industry.

Becoming more technologically minded takes discipline and focus as well as unstructured time to explore the non-obvious connections between what is right in front of us and what might be.  It requires a commitment to ongoing learning and discovery.

Read outside your industry and comfort zone, not just Fast Company and Wired, but Science and Nature to expand your horizons. Identify experts with the ability to demystify specific technology areas—many have a solid following on Twitter or a frequently cited blog.

But it isn’t all about reading. Consider going where the change is happening too.

Visit one of the technology hubs around the world or a local university research lab in your own back yard. Or bring the innovation to you by building an internal exploration lab stocked with the latest technologies, creating a technology advisory board, hosting an internal innovation challenge, or a local pitch night where aspiring entrepreneurs can share their newest ideas.

You might even ask the crowd by inviting anyone to suggest what innovation is most likely to disrupt your product, service, or sector. And don’t hesitate to engage younger folks—the digital natives all around you—by asking questions about what technology they are using or excited about. Consider going on a field trip with them to see how they use technology in different aspects of their lives. Invite the seasoned executives on your team to explore long-term “reverse mentoring” with someone who can expose them to the latest technology and teach them to use it.

Whatever your strategy, the goal should be to develop a healthy obsession with technology.

By exploring fresh perspectives outside traditional work environments and then giving ourselves permission to see how these new ideas might influence existing products and strategies, we have a chance to be ready for what we’re not ready for—but is likely right around the corner.

Estimate the Pace of Progress

The next step is forecasting when a technology will mature.

One of the most challenging aspects of the changes underway is that in many technology arenas, we are quickly moving from a linear to an exponential pace. It is hard enough to envision what is needed in an industry buffeted by progress that is changing 10% per year, but what happens when technological progress doubles annually? That is another world altogether.

This kind of change can be deceiving. For example, machine learning and big data are finally reaching critical momentum after more than twenty years of being right around the corner. The advances in applications like speech and image recognition that we’ve seen in recent years dwarf what came before and many believe we’ve just begun to understand the implications.

Even as we begin to embrace disruptive change in one technology arena, far more exciting possibilities unfold when we explore how multiple arenas are converging.

Artificial intelligence and big data are great examples. As Hod Lipson, professor of Mechanical Engineering and Data Science at Columbia University and co-author of Driverless: Intelligent Cars and the Road Ahead, says, “AI is the engine, but big data is the fuel. They need each other.”

This convergence paired with an accelerating pace makes for surprising applications.

To keep his research lab agile and open to new uses of advancing technologies, Lipson routinely asks his PhD students, “How might AI disrupt this industry?” to prompt development of applications across a wide spectrum of sectors from healthcare to agriculture to food delivery.

Explore the Consequences

New technology inevitably gives rise to new ethical, social, and moral questions that we have never faced before. Rather than bury our heads in the sand, as leaders we must explore the full range of potential consequences of whatever is underway or still to come.

We can add AI to kids’ toys, like Mattel’s Hello Barbie or use cutting-edge gene editing technology like CRISPR-Cas9 to select for preferred gene sequences beyond basic health. But just because we can do something doesn’t mean we should.

Take time to listen to skeptics and understand the risks posed by technology.

Elon Musk, Stephen Hawking, Steve Wozniak, Bill Gates, and other well-known names in science and technology have expressed concern in the media and via open letters about the risks posed by AI. Microsoft’s CEO, Satya Nadella, has even argued tech companies shouldn’t build artificial intelligence systems that will replace people rather than making them more productive.

Exploring unintended consequences goes beyond having a Plan B for when something goes wrong. It requires broadening our view of what we’re responsible for. Beyond customers, shareholders, and the bottom line, we should understand how our decisions may impact employees, communities, the environment, our broader industry, and even our competitors.

The minor inconvenience of mitigating these risks now is far better than the alternative. Create forums to listen to and value voices outside of the board room and C-Suite. Seek out naysayers, ethicists, community leaders, wise elders, and even neophytes—those who may not share our preconceived notions of right and wrong or our narrow view of our role in the larger world.

The question isn’t: If we build it, will they come? It’s now: If we can build it, should we?

Adopt New Technologies and Shift Coursebusiness leaders photo

The last step is hardest. Once you’ve identified a technology (or technologies) as a potential disruptor and understand the implications, you need to figure out how to evolve your organization to make the most of the opportunity. Simply recognizing disruption isn’t enough.

Take today’s struggling brick-and-mortar retail business. Online shopping isn’t new. Amazon isn’t a plucky startup. Both have been changing how we buy stuff for years. And yet many who still own and operate physical stores—perhaps most prominently, Sears—are now on the brink of bankruptcy.

There’s hope though. Netflix began as a DVD delivery service in the 90s, but quickly realized its core business didn’t have staying power. It would have been laughable to stream movies when Netflix was founded. Still, computers and bandwidth were advancing fast. In 2007, the company added streaming to its subscription. Even then it wasn’t a totally compelling product.

But Netflix clearly saw a streaming future would likely end their DVD business.

In recent years, faster connection speeds, a growing content library, and the company’s entrance into original programming have given Netflix streaming the upper hand over DVDs. Since 2011, DVD subscriptions have steadily declined. Yet the company itself is doing fine. Why? It anticipated the shift to streaming and acted on it.

Never Stop Looking for the Next Big Thing

Technology is and will increasingly be a driver of disruption, destabilizing entrenched businesses and entire industries while also creating new markets and value not yet imagined.

When faced with the rapidly accelerating pace of change, many companies still default to old models and established practices. Leading like a technologist requires vigilant understanding of potential sources of disruption—what might make your company’s offering obsolete? The answers may not always be perfectly clear. What’s most important is relentlessly seeking them.


Information taken from: 

Continue reading

HIGH ALERT: Massive Ransomware Campaign Spreading Fast

A massive ransomware campaign appears to have already infected a number of organizations around the world. There have been reports of infections in the UK, US, China, Russia, Spain, Italy, Vietnam, and Taiwan and at least 16 hospitals in the United Kingdom are being forced to divert emergency patients today after computer systems there were infected with ransomware. It remains unclear exactly how this ransomware strain is being disseminated and why it appears to have spread so quickly,

but there are indications the malware may be spreading to vulerable systems through a security hole in Windows that was recently patched by Microsoft.

The ransomware's name is WCry, but is also referenced online under various names, such as WannaCry, WannaCrypt0r, WannaCrypt, and most commonly just called Wanna Decrypt0r. First appearing in March, activity from this ransomware family was almost inexistent prior to today's sudden explosion when the number of victims skyrocketed in a few hours. What was clear about this ransomware was that Wana Decrypt0r was extremely virulent. An alert published by Spain’s national computer emergency response team (CCN-CERT) suggested that the reason for the rapid spread of Wana Decrypt0r is that it is leveraging a software vulnerability in Windows computers that Microsoft patched in March. According to CCN-CERT, that flaw is MS17-010, a vulnerability in the Windows Server Message Block (SMB) service, which Windows computers rely upon to share files and printers across a local network. Malware that exploits SMB flaws could be extremely dangerous inside of corporate networks because the file-sharing component may help the ransomware spread rapidly from one infected machine to another.

The exploit is delivered as a Trojan through a loaded hyperlink that can be accidentally opened by a victim through an email, advert on a webpage or a Dropbox link. Phishing emails containing Word or PDF documents disguised as an invoice or links to a Dropbox document are especially common. Sometimes the payload can occur simply by visiting a website containing a malicious program. Even well-patched operating systems cannot help users who are tricked into deliberately running the software by opening an attachment or clicking a link.

True North Networks maintains Windows patching for managed clients and applies Microsoft patches according to your scheduled patching window on a monthly basis. Please be extra cautious with emails that contain hyperlinks, attachments, or anything that looks suspicious or out of the ordinary. Please share this email with all employees in the office. 

Continue reading

Cybersecurity: How to Stay Ahead of the SEC

The Office of Compliance Inspections and Examinations (OCIE) announced in January of this year it will continue its ongoing initiative to examine for cybersecurity compliance procedures and controls, including testing the implementation of those procedures and controls at broker-dealers and investment advisers.  This session will cover topics on how to be prepared for the OCIE, case studies, tools to protect against a breach and legal ramifications regarding data security.

When: Wednesday May 17, 2017

Time: 8:30AM – 11:00AM

Where: Grand Concourse Restaurant, 100 West Station Square Drive, Pittsburgh, PA 15219

FREE & Open to ALL

Presented by:

·         Steven Ryder, True North Networks

·         Matt Meade, Buchanan Ingersoll & Rooney’s Cybersecurity and Data Protection Group

·         Ben Cotton, CEO of CyTech

Register here: 

Continue reading

True North Networks Merges with Helpful Office in Saco, Maine

TNN logo

True North Networks Merges with Helpful Office in Saco, Maine

SWANZEY (March 31, 2017) —True North Networks announced that it has completed a merger with Helpful Office, a full-service information technology consulting firm, located in Saco, Maine. The merger will better serve the needs of True North Networks clients in the Maine area and no change in personnel is expected.

The merger fits into True North Network’s growth strategy and enables current President Richard Petersen of Helpful Office to expand continued sales opportunities and the operation will continue to do business as Helpful Office.  “True North and Helpful Office are aligned with an incredible level of customer service”, per Richard Petersen, “and this merger will not only strengthen that commitment to our clients, but strengthen our offerings with higher level tools and expertise True North currently provides their clients.”

“Our merger complements our overall managed service offering so we can now provide support to another vertical”, says owner and President, Steven Ryder. “We provide technology support and cybersecurity services to clients across the country, and strive to eliminate IT issues before they cause expensive downtime.  The merger also adds to our capacity and geographic presence in New England to provide exceptional service to our current and future customers in Maine and beyond.”


About True North Networks, LLC

True North Networks, LLC (TNN) is a managed technology outsourced, cybersecurity service and private cloud hosting provider based in Swanzey, NH with offices in Concord, NH and Pittsburgh, PA.  Serving clients throughout the country since 2002 and specializing in supporting the financial services and other industries for over 15 years.  TNN helps its clients be more productive by designing, delivering, and servicing tailored network solutions that address their individual needs, and exceed their expectations.  TNN’s mission is to enable the success and well-being of people and organizations by fostering a caring community-minded culture.    Learn more at:  

Recent Comments
evelyn guerrero
I am so happy to peruse this. This is the sort of manual that should be given and not the arbitrary deception that is at alternate... Read More
Thursday, 11 May 2017 07:07
Anna Warren
Middlesbrough betting with all upcoming match odds and markets. Get the best value for all Middlesbrough bets with OddsDigger.... Read More
Thursday, 01 June 2017 11:29
Lillian Chandler
Very interesting information. Sometimes you need to give yourself a space in college. And you wont get better help than a help fro... Read More
Monday, 02 October 2017 09:02
Continue reading

Your Biggest Cybersecurity Weakness is Your Phone

Mobile devices are one of the weakest links in corporate security, and now more than ever, companies are doing their part to protect their data, secure networks, and train their employees to take security seriously. However, the potential for mobile attacks continues to expand and recent research shows that half of all digital time is spent on smartphone apps and 68% percent of time is being spent on a mobile device. If mobile security isn’t a problem for your company yet, it will be.

Securing mobile devices is tricky and involves a heavy dose of individual responsibility. Be sure to follow the below recommendations:

  • Educate employees and upper management to make sure upper management know how dire security breaches can become.
    • Employees that travel frequently can also become easy targets without security education.
  • Encrypt corporate data using the security software your company provides.
  • Connect your smartphone to company networks via VPN connections.
  • Set a lock and PIN on your phone.
  • Use two-factor authentication whenever possible.
  • Turn on your phone’s auto-lock.
  • Use container technologies such Samsung’s Knox, which adds a layer of security to work items and segments them away from personal items.
  • Back up information to the cloud and try to store as little as possible on your device.
  • Ignore spam email and downloads that don’t come from an approved application marketplace (Apple’s App Store, Google Play, etc).
  • Keep devices close to you and within sight at all times.
  • If device is lost or stolen, notify your employer right away for remote wiping procedures.
  • Avoid unsecure Wi-Fi connections.
  • Keep Bluetooth out of discovery mode when not in use.

Mobile security is likely to become the next frontier for corporate security executives as exploits and hacks become more creative. Making mobile security a regular part of your company’s security policy and procedure framework will be critical.


Continue reading

Cybersecurity Starts with Training Your Employees

Training employees is a critical element of security and protecting your company online starts with making sure they are prepared to keep your computers and networks safe.  It is our shared responsibility to talk to our employees to ensure a safer environment at your company:

Talk to Your Employees About:

  • Keeping a clean machine: Your company should have clear rules for what employees can install and keep on their work computers.  Make sure they understand and abide by these rules. Unknown outside programs can open security vulnerabilities in your network.
  • Following good password practices: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). Additionally, having separate passwords for every account helps to thwart cybercriminals. At a minimum, they should separate work and personal accounts and make sure that critical accounts have the strongest passwords. Finally, writing down passwords and keeping them in a safe place away from the computer and enabling two-step authentication are other important ways to secure accounts.
  • When in doubt, throw it out: Employees should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source. Employees should also be instructed about your company's spam filters and how to use them to prevent unwanted, harmful email.
  • Backing up their work: Whether you set your employees' computers to back up automatically or ask that they do it themselves, employees should be instructed on their role in protecting their work.
  • Staying watchful and speaking up: Your employees should be encouraged to keep an eye out and say something if they notice strange happenings on their computer.  

Information taken from:

Continue reading

How to Create a Successful Cybersecurity Policy

As breaches become the new norm, having a cybersecurity policy becomes not just a matter of saving face, but of saving money, data, and valuable employee resources. Each year, thousands of breaches take place, resulting in the theft of over 1 billion records of personal identifiable information.

Getting Started
Ideally, your business’ cybersecurity policy should be documented, reviewed, and maintained on a regular basis. Even creating a short guide that covers the most important areas goes a long way in keeping your business protected. Visit the SANS Institute for free policy templates.

First and foremost, make sure you’re operating within the law. For example, if you’re a financial institution, you will need to be compliant with SEC guidelines, as they will continue to focus on cybersecurity and mandate proof that safeguards are in place and designed to secure personal and sensitive information adequately to defend against cyber threats and vulnerabilities.

Your cybersecurity policy should include information on controls such as:
• Which security programs will be implemented
• How updates and patches will be applied in order to limit attacks and vulnerabilities
• How data will be backed up
• Clearly identify roles and responsibilities.

No matter how strong your cyber defenses are, employees can introduce threats to your company’s networks by falling for phishing scams, posting secure information on social media, or giving away credentials. Your policy should clearly communicate best practices for users in order to limit the potential for attacks and threats. In addition, the employee policy should also cover what happens when users fail to comply with guidelines. Acceptable use guidelines can include:
• How to detect social engineering tactics and other scams
• What is acceptable Internet usage
• How remote workers should access the network
• How social media use will be regulated
• What password management systems might be utilized
• How to report security incidents

Information taken from:

Continue reading