Ransomware is A Real Threat

Within hours of the outbreak of WannaCry, it had infected more than 230,000 computers in over 150 countries. We’ve all heard stories describing the severe impacts organizations face after being targeted by ransomware. Ransomware is a big business for organized crime rings and, as some suspect, even state-sponsored agencies. According to industry experts, it’s estimated ransomware ransacked $1B in 2016. Money, personal files, and data aren’t all that’s at risk—when a hospital gets infected by ransomware and is unable to treat patients, it can be a life or death situation.  

What are the effects of ransomware? 

Beyond extortion (paying a ransom to regain access to infected systems), viruses and malware can impact productivity and lead to loss of revenue due to outage or employees not having access to systems. This highlights the importance of backups at home and in the business. Imagine losing all your precious family photos if your home computer gets infected. Now imagine your photos are an organization’s financials, client information, or patient data. That collateral is a big deal to your business, not just for productivity, but because the impact to your company’s reputation can have financial impacts that last longer than the settlement from a lawsuit or fines imposed by governing bodies.  

How does malware infect an organization? 

Companies are faced with the challenge of how to secure their resources from malware and viruses coming from different attack angles called “threat vectors.” Attacks can infiltrate an organization via websites, email, network, and remote/mobile workers. Sometimes an attack can be caused by something as seemingly innocuous as users bringing in a laptop from home or plugging a USB drive into the corporate network.  To prevent attacks from these different vectors, it’s necessary to secure internal resources from the inside out and the outside in. The question becomes: how do you protect your network from your own employees? 

What can an organization do to prevent attacks? 

Malware and viruses are constantly evolving, so there isn’t a sole, one-step solution that protects everything. Without layers of security, segmentation, authentication, blocking, visibility, and alerting, any user can gain access to the network and malware can spread from device to device without anyone knowing. For these reasons, automated blocking and a rapid time-to-detection are important. 

There are many ways an organization can be alerted of a security problem before it’s too late. The key is identifying what the threat vectors are and having a plan in place to address them. A great and easy first layer of defense companies can very easily add is DNS protection. DNS protection can automate the blocking of malicious known links/websites via the web or email and is a great/simple first layer of defense customers can add to their network without much effort. This service is offered as a cloud-based subscription service with 1, 3, and 5-year licenses. 

Ultimately, a layered approach is the best defense. Firewalls, email protection, DNS protection and endpoint protection are all great tools for visibility and alerting. Many use user behavior analytics and artificial intelligence (AI) to flag zero-day threats. A zero-day threat is a new malware or virus which firewalls don’t yet have definitions or signatures to identify and block, hence the name “zero day” – day one is when the threat is first recognized. A layered approach which includes regular updates to your computers, intelligence to uncover current and emerging threats, visibility across all devices and ports (anywhere), and power to block (stop phishing, malware, and ransomware) early on is critical, as they make the job of the cybercriminals targeting your company and network harder and the economics less attractive. 

Myriad Celebrates November Work Anniversaries

This year, we are thankful for the employees celebrating anniversaries this November and a collective 35 years of jobs well done! Gratitude and congratulations are due to: 

Jamie Waugh – 10 years  

There have been a lot of great moments and memories during his ten years at Myriad, and 2017 did not disappoint! Jamie has taken on his most exciting role yet after becoming a Project Manager this year. He enjoys the all-hands on deck mentality of fellow Myriad employees and that “any and all ideas are openly discussed and, if right, are implemented immediately so we are a more effective company.” 

Best Myriad memory: “Back when the company first started, if you wanted to work at Myriad you actually had to interview with the whole company! We all had to make sure you were a good fit. I think that was such a cool way of doing things and it translates to today’s Myriad.” 

Michael Sloan – 8 years 

Mike Sloan quickly made his mark at Myriad after starting as an Account Executive in 2009, earning a promotion to Sales Manager in 2011 and then to VP of Sales in 2012. His favorite part of working at Myriad is his smart and enthusiastic sales team. 

Best Myriad memory: “Breaking the $100M mark for the first time.”  

Vic Glazer – 5 years 

Since joining the company five years ago, Vic has been promoted to Senior Account Executive and holds a vast number of certifications with Cisco, Dell, HP, and Arista. His favorite thing about working at Myriad is “the people I work with and that we care about each other.” 

Best Myriad memory: “My birthday coincided with my first Myriad holiday party, and the entire company sang happy birthday to me. What a welcome!” 

James Godwin – 3 years 

Soon after joining Myriad 3 years ago, James was promoted from VP Sales Ops to VP Sales Operations and Marketing in 2015. In addition to this success, James was elected as both Marketing Committee Chair and to the Board of Directors for NYNOG 2017. He is a Certified SCRUM Master as of this year and is working on becoming a Certified SCRUM Professional in 2019. His favorite thing about working at Myriad is “all the people who challenge me to be and do better every day. And the random boxes of Dough donuts I pretend not to eat.” 

Best Myriad memory: “All the Myriad winter festivities – especially the group photos, winter party, double decker buses, ugly sweater contests, and gift exchange. Last year, our events team gave me the gift that literally keeps on giving: an ENTIRE CASE of Big Red gum. As a result, my office smells like cinnamon and (I’m pretty sure) comes in at least second place to the recruiting office for candy-jar-stop-in visits.” 

Nicole Fieger – 3 years 

Nicole quickly proved her design chops and was promoted to Creative Director a year after joining Myriad. In addition to bringing her creative skills to her job every day, Nicole’s favorite part of working at Myriad is “all my lovely coworkers.” 

Best Myriad memory: “When we sponsored a float for the NYC pride parade!” 

Danny Shum – 3 years 

This year, Danny has taken on a slightly different role from “Ecommerce Specialist” to “Pricing Support Specialist.” He credits “the full transparency of the company and also the willingness of everyone to lend a helping hand, usually met with a no-questions-asked mentality” to his success. 

Best Myriad memory: “During my first winter party, little over a month joining Myriad, a member of the sales team sang the Spanish version of Enrique Iglesias song ‘Hero.’  It was quite memorable.” 

India Stokes – 1 year 

When looking back at her first year at Myriad, India is most proud of taking on all purchasing responsibilities for one of our major accounts and also negotiating with vendors to receive free shipping. Her favorite part about working at Myriad? “Myriad is truly a company that values people and the talent they bring. I’ve never felt so comfortable in a work environment while also being positively challenged in my work.” 

Best Myriad memory: “Volunteering for ACE Day at the Manhattan Children’s Center. It was so much fun to interact with amazing children for the day.” 

Jose Estrella – 1 year 

Jose’s favorite thing about Myriad is “the culture of the company and the way we support each other the way family would. We all get along—this is the glue of the company and what sets us apart from all other IT companies out there.”  

Best Myriad memory:  “Our first company cook-off and how the idea stemmed from a simple joke and developed into this fun activity that allowed us as a company to interact in a unique way. The best part of it all was Myriad using the money collected from this activity to donate to those in need.”  

Chad Betts – 1 year 

During his first year at Myriad, Chad earned the VMware Certified Associate (VCA6) certification for data center virtualization, along with multiple accreditations for Dell/EMC, HPE, and VMware technical pre-sales knowledge.  

Best Myriad memory: “The Juniper ping-pong tournament my second day on the job.” 

Congratulations to Jamie, Michael, Vic, James, Nicole, Danny, India, Jose, and Chad! We hope your anniversaries are as amazing as your dedication, knowledge, and talent!   

Myriad Debuts Employee Resource Groups 

Myriad is excited to announce the creation of ERGs (Employee Resource Groups). A tool utilized by many companies, we are proud to offer the opportunity to participate in these spaces to our employees. 

What is an ERG? 

Employee Resource Groups (ERGs) are voluntary, employee-led groups that act as both a social network and a think-tank. They help ensure a workplace environment is inclusive and aligned with the company’s mission and values, strengthen the voices of employees, and harness the power of diverse thinking and affirming employees’ identities to maintain an open and understanding environment. 

What are Myriad’s ERGs? 

Currently, there are two ERGs at Myriad: The Rainbow Alliance, and The Cultural Collective (and coming soon is Women’s Empowerment!). Myriad is an inclusive workplace and encourages support and empowerment to all employees, as well as open discussion surrounding topics surrounding a common ground (gender expression, cultural background, etc.) to make Myriad an even better workplace. ERGs are open to all employees regardless of how they identify—the more the merrier!  

What are some of the things ERGs do? 

The types of activities ERG participants at Myriad mainly fall into three categories: internal discussions, social events (everything from movie screenings to dance lessons!), career advancement (networking, peer-to-peer mentorship) and volunteerism within the NYC community. For instance, the Cultural Collective plans on attending youth-centric panels and creating partnerships with non-profits aimed at underrepresented groups in tech. Next month, the Rainbow Collective will be volunteering with SAGE, the country’s largest organization dedicated to improving the lives of older adult members of the LGBT community via health and wellness, employment assistance, housing, and more by serving meals to the elderly. 

Why are ERGs important? 

ERGs create a platform for connection amongst team members who share common interests and goals, help foster a more caring, aware and respectful community, and are a resource for Myriad leadership when it comes to issues, policies, and employees’ needs. An open forum where people can meet and support one another is essential to creating or maintaining a work environment that fosters employee satisfaction, leadership, and career advancement. 

Myriad values diversity and equality. Plus, we’re always growing! As well as supporting current members of the team, we’re happy to have ERGs serve as informal welcome to new employees by offering the chance to network and mentor. Join us! 

3 Takeaways for the KRACK WPA2 Vulnerability

WiFi Security and WPA2

Over the last 48 hours security researchers have discovered new weaknesses in the WPA2 Wi-Fi security protocol which could allow hackers to steal sensitive info or even inject malware into networks and network devices, with mobile devices being particularly vulnerable due to the proliferation of native apps which may not implement app-level encryption.  

As stated on KrackAttacks, the weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. 

The attack works by focusing on the four-way handshake used by WPA2 to confirm that client and access point have the correct network password and to negotiate a new encryption key to be used to encrypt all subsequent traffic. 

To prevent the attack, users must update affected products as soon as security updates become available. 

1. There is no silver bullet for cyber threat prevention; nothing is secured forever. Vulnerabilities will always await discovery and be subject to exploitation. Developers call them “bugs”, but we must all learn to speak the same language, and adopt a holistic layered approach.

2.  SANS Institute describes the term layered security as “a defensive strategy featuring multiple defensive layers that are designed to slow down an attacker”. The military uses similar tactics called “deep defense” or “defense in depth,” where their goal is to slow an attack, causing enemy casualties. In the digital world, this means causing delays for the attackers and detecting them before they can do serious damage. In some cases, a properly implemented layer may act as a strong enough deterrent to cause the attacker to look for an easier target.

3. Although an attacker may gain wireless access into your network, a layered security approach will ensure that the hole discovered can’t be exploited. By adhering to best practices like keeping systems patched and updated, implementing user roles and group policy, having end-to-end network segmentation in place to limit the spread of malware and free reign of bad actors, utilizing multi-factor authentication (MFA), securing data with data at rest and in-flight encryption, and taking advantage of app-level encryption where possible. 

If you’d like to discuss the threat landscape and how things like this WPA2 crack happen, best practices for adopting a holistic security approach, or the unique challenges inherent to your business, please reach out to me directly. We’re here to help. 

Myriad Congratulates Employees Celebrating Anniversaries this Month

October Anniversaries

At Myriad, we believe that whether personal or professional, anniversaries are a special event in a person’s life. This month, we are celebrating the work anniversaries of seven exceptional members of the Myriad team. Huge congratulations are due to:  

AnniversaryTemplate_Mario (002)Celebrating: 12 years 

A lot has changed for Mario since becoming Myriad’s very first engineer (lucky #7 employee) twelve years ago. Now he is leading and growing the Solutions Architect team, driving pre-sales engineering capabilities farther as Solutions Architect Manager. “I enjoy working with everybody on the pre-sales & post-sales side of the house. Everyone is compassionate, caring and understanding. We all try our best to get the job done right.” 

Best Myriad memory: “It’s been a great journey and rewarding experience to be part of the Myriad family since the beginning when it was just 7 of us –  a true startup! I remember wearing many hats, from testing Cisco 1700 routers and WIC-1DSU-T1’s (now vintage) to working in sales, returns, purchasing and shipping departments! I love being a part of a place where I’ve been able to witness both my career path and the company grow firsthand.” 

AnniversaryTemplate_StaceyCelebrating: 7 years 

Over her illustrious career, Stacey Solomon was promoted four times from Purchasing Assistant to her current role as Director of Purchasing, and it’s no secret that her passion for her job led to her success. “My favorite thing is the feeling that I have waking up and coming to work every day.  I really love my job and working here at Myriad.” 

Best Myriad memory: “The first holiday party. I recall us all piling into limos and heading to Wolfgang’s for dinner. It was my first time riding in a stretch limo so I was pretty excited.” 

AnniversaryTemplate_Will (002) Celebrating: 4 years 

William Sze believes the people and the culture are what make Myriad great. He was promoted to Staff Accountant two years ago and knows crunching numbers can be a tedious job, but “the people and culture at Myriad make going to work every morning much easier.”  

Best Myriad memory: “All of our parties!” 

AnniversaryTemplate_Erin (002)Celebrating: 4 years 

After joining the company as an Operations Assistant, it’s wasn’t long until her talent for hiring A-players shown through. Transitioning to her role as Hiring Coordinator 2 years ago, Erin’s favorite parts of her job are “the 1-1 coaching sessions, great coworkers, and ability to create my workflow.”  

Best Myriad memory: “Announcing the LGBTQ+ inclusive Employee Resource Group at a company-wide meeting.” 

AnniversaryTemplate_KarenCelebrating: 3 years 

As one of the warmest, friendliest Myriad team members, it was no surprise that when asked what her favorite thing about working about Myriad, Karen’s answer was simple: “The people.”  

Best Myriad memory: “When one of the members of our team experienced a fire at her apartment, I’ll never forget the way the office rallied together to support one of our own.” 

AnniversaryTemplate_AlbertLiCelebrating: 2 years 

As a Pricing Support Specialist, Albert notes that the encouragement he receives through the coaching sessions is one of the reasons he’s so great at helping our clients. “It’s amazing to know you have the support of those around you when you’re trying to achieve ever larger goals.” 

Best Myriad memory: “The first week when I started here. I remember clearly being welcomed by just about everyone I ran into that day. The environment was just so friendly that it’s stuck with me since then.” 

AnniversaryTemplate_ChelsCelebrating: 2 years
Chelsea joined Myriad as an intern and quickly became an Events and Community Coordinator soon after. She attributes her success to cross departmental support and collaboration. (“And the unlimited supply of peanut butter doesn’t hurt either!”) 

Best Myriad memory: “2017 Myriad Summer Party Pop-A-Shot Tournament, although losing in the first round to our VP of Sales who still reminds me to this day that he beat me by TWO POINTS. It was great to see fierce match-ups and an excited audience gather around for this event.” 

Thank you to Mario, Stacey, William, Erin, Karen, Albert and Chelsea for your dedication, drive, and geniality. We look forward to seeing more of your accomplishments in the future!  

Myriad Participates in Race Commemorating Heroic First Responder’s Route

Tunnels to Towers

On September 11th, 2001, firefighter Stephen Gerard Siller (Brooklyn’s Squad 1) had finished his shift and was on his way to meet up with family. The moment he received word over his scanner that a plane had hit the World Trade Center’s North Tower, he turned around and headed back to the firehouse. After calling his wife, he retrieved his gear from Squad 1 and drove his truck to the entrance of the Battery Tunnel, which had already been closed for security purposes.

Strapping sixty pounds of gear to his back, he raced on foot through to tunnel to carry out his duty as a first responder, and gave up his life helping others at the age of 34. In honor of Stephen’s legacy, the Tunnel to Towers race has become a yearly event where firemen and citizens alike—some of whom carrying 60lbs of gear to further honor Stephen’s heroic actions—run the same 5K route through the tunnel and ultimately to the Twin Towers. Held the last Sunday of September, Tunnel to Towers is one of the top 5k runs in America.

As residents of NYC, this foundation is near and dear to Myriad team members’ hearts. This year, the race had roughly 30,000 participants, including 11 members of the Myriad team. Funds raised by the event benefit programs such as Building for America’s Bravest, a program that builds mortgage-free homes for injured service members, NYC First Responder Fund, which supports the families of first responders who have lost their lives in the line of duty, and the 9/11 Never Forget Mobile Exhibit, a high-tech 53-foot tractor-trailer that educate citizens throughout the country about the events of that tragic day.

The Stephen Siller Tunnel to Towers Foundation holds close to fifty events in over twenty-five states yearly to benefit these programs. Events include communal meals, run/walks, and 102-flight stair climbs to pay homage to the 343 FDNY firefighters, 71 law enforcement officers, and thousands of civilians who lost their lives on September 11, 2001.

Myriad is so proud of our team that participated in the race this past weekend. If you’d like to learn more about the Tunnel to Towers foundation or participate in an upcoming event, please visit Tunnel2Towers.org.