Welcome to your Security Primer

WHAT’S NEW
Auto thefts: How thieves steal cars using a relay attack.

Auto thefts across North America have been on the rise. The council on criminal Justice report found a 105% increase in vehicle thefts between 2019 and 2023. Much of the news has been inundated with videos on how thieves can steal your car without your knowledge. It is one of the quickest and least destructive ways of stealing a car, and it is known as a relay attack. In this video, you can see the speed at which a relay attack can be executed.

How does this really work? Keyless car entry systems – or Key FOBs – have been in the automotive industry for more than a decade. These systems are convenient ways for owners to start or enter into their car without using a key. In most cases, the car detects the FOB and allows the doors to be unlocked and engine started regardless of the FOB being present. This is what thieves are exploiting. In teams of two, one thief will use a large antenna and repeater, and that signal will be repeated to the thief next to the car. Within a couple seconds, the car is tricked into thinking the key fob is next to the car, and the thieves are gone. The following image shows how this happens.

One of the larger issues, is that auto manufacturers are not allowing for cyber security experts to discover exploits and make the system more secure.

So what are some of the best ways to protect your car from these attacks?

1) Keep your keys away from doors and exterior walls,
2) Keep your car in a secure garage,
3) Use RFID blocking bags or pouches,
4) Consider working with your insurance company to install a vehicle immobilizer.  

SECURITY ENVIRONTMENT
Working with your client

Trust in client engagement is key to getting the client to open up and explain what is really going on at the site. In most cases, you have to remember that security engagements can be a stressful time, so gaining the client’s trust as fast as possible is key. So what do we do?

Using the basics of influence from Robert Cialdini and social engineering, they allow for a closer and more immediate relationship with your client. Principles such as: Authority, Social proof, Reciprocity, Commitment and Liking can provide you with tools to get the client to open up.  

1. Authority: People are more likely to follow the advice of an authority figure or expert. Establish your authority by sharing your credentials, experience, and knowledge through content like articles, speaking engagements, or through the quality advice you provide during your interactions. 

2. Social Proof: People will look to the actions and behaviors of others to determine their own, especially when they are uncertain. Share stories of how you've successfully helped other clients, especially those in a similar industry or with similar needs, to build credibility and demonstrate your expertise. 

3. Reciprocity: People feel obliged to give back to others who have given to them, fostering a sense of loyalty. Offer valuable insights or free advice to your clients without expecting an immediate return. This can build trust and make them more inclined to engage with you. 

4. Commitment: Once people commit to something, verbally or in writing, they are more likely to honor that commitment. As you established the idea or goal as being congruent with their self-image. Start by asking your clients small, easy-to-agree-to requests that are aligned with your larger goal. 

5. Liking: People are more likely to be influenced by people they like. Build genuine relationships with your clients by showing interest in their needs, listening actively, and finding common interests or values. 

Now let’s put these into practice. When I first meet the client, I like to connect with them by listening to their immediate concerns (liking). I may get an opportunity to mention how I helped previous clients with similar issues (social proof). After this, I like to dig into my credentials, past successes, and experiences (authority). During the inspection phase, I work through reciprocity and social proof when the opportunity presents itself. While we go through the inspection, I will try and get to know the client; basic demographics, likes, job, etc, and I provide information about me in return (liking). At this point, I generally find the client is more open and receptive to the inspection and answer the harder questions. Test some harder questions, if they aren’t willing to open up, go back to reciprocity and social proof; you don’t have enough liking points to get the deep answers. At the end of the inspection, close of with small commitment goals, this will lead to them making changes in the future.

THE AI SPACE
What is Sora

Creating video from text has been taking the AI world by storm lately. Pictory AI, Invideo and now Open AI are providing the opportunity for anyone to create a video from a script. This new era of video creation not only provides the opportunity to create new and weird videos, but it may inadvertently create the ability for someone to create false or misleading videos and videos that may cause or induce harm. Conversely the creation of video from text allows budget conscious departments with the ability to create training and awareness videos at no cost to the organization.  

Follow me for steps to create security awareness videos with the Sora later this year.  

Stay up-to-date with AI.

The Rundown is the world’s fastest-growing AI newsletter, with over 500,000+ readers staying up-to-date with the latest AI news and learning how to apply it.

Our research team spends all day learning what’s new in AI, then distills the most important developments into one free email every morning.

Sign up with one click.

LEADERSHIP CORNER
What drives your vision?

Tony Robins said it best “Create a vision and never let the environment, other people’s beliefs or the limits of what has been done in the past shape your decisions”. The success of a leader’s vision can always be tied to the success of the team. A vision can be seen as your guiding star. It keeps you on your path.

But what truly drives your vision?

Many of us are leaders, and we may have different visions even though we are aiming for the same goal. This means that we all have inherent values and beliefs inside us that drives our vision or purpose.

Do you know what yours are?

It starts with self-awareness. Tony Robins has 8 steps to improve self-awareness in leadership, which is the start to understanding what drives your vision. The second are your values and beliefs. The Harvard Business Review has an excellent article that will help you find, define and use your values.

Time to put it all together. By combining the 8 steps above with the HBR on finding you are able to find your underling motivations and values, and ultimately discover what is driving your vision.

THINGS TO WATCH
ISC West April 9 - 12

ISC west is around the corner with some of the “latest technologies in Access Control, Alarms & Monitoring, and Video Surveillance, while discovering emerging trends in Drones & Robotics, Cybersecurity & Connected IoT, Smart Home, and more.” We will be interviewing several companies over the weeks leading up to the event and providing you the latest news prior to the show.  

Keynotes this year will touch on Cybersecurity, Security for Major League Soccer, and using generative AI to enhance performance. If you aren’t sold on that, the Wallflowers will be playing at the first ever ISC-West Concert.  

Links
Current news from around the industry

• Security Vulnerability Allows Intruders to Unlock Hotel Rooms Using Forged Keycards (Link)

• 3 Security guards Stabbed at Library (Link)

• TikTok ban: China attacks 'bandit logic' of House vote (Link)

Want to create your own Newsletter?
Try Beehiiv: Get 20% off and 30 days Free*

If you’re starting a newsletter or looking for a better email service provider, you need to try beehiiv. The growth features, ease of use, and low price are unmatched.

It’s the platform I use and recommend to everyone. *Sign up using my link below to receive a discount and 30 days free trail.