Oct 12, 2022 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
As we know, October is Cybersecurity Awareness month. There is much to be aware of, including how to prepare for an attack, current threats, how well your data is protected, and who has access to it. Read on to learn how following rigorous compliance standards helps your cybersecurity efforts. Rigorous Standards Aid Cybersecurity Efforts Currently, new standards are being drawn up in the form of the Cybersecurity Maturity Model Certification, a Department of Defense program that applies to Defense Industrial Contractors and by extension to those businesses doing business with defense contractors. According to CISCO, the CMMC is designed as a unifying standard to ensure that contractors properly protect sensitive information. Three levels exist, with Level One containing seventeen practices to follow. Level 2 is more stringent, and Level Three is the highest. Domains within the model include Access Control, Identification and Authentication, Incident Response, Awareness and Training, among others. A few of these domains (like Identification and Authentication) could incorporate zero-trust, a paradigm gaining ground in the cybersecurity community. Considering Zero Trust as a Cybersecurity Model “Trust, but verify” as the saying goes. However, in cybersecurity efforts it should be “Verify, then trust.” Zero-trust is the practice of identifying each request for access to the network, and authenticating or verifying the request as a prerequisite for access to systems. The zero-trust paradigm still is a work in progress, because it’s a different way of thinking about cybersecurity, one that includes all of the organization and influences workforce and workflow decisions. The Cybersecurity Maturity Model Certification has the idea of zero-trust built in, and even...
Oct 7, 2022 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
Readers are likely aware of some of the headline-grabbing cyber attacks in recent years–WannaCry, SolarWinds and Colonial Pipeline, just to name a few. But what about the attacks–and resulting loss of revenue and reputation–that don’t make the news? What is your organization’s cybersecurity posture, and how can it be improved? Read on to learn about cyber threats and how to protect your business. Threat Awareness and Intelligence Cyber attacks continue to occur, and to become more sophisticated. No longer coming just from lone hackers, attacks come through email and text (“phishing” and “smishing”, respectively). Supply chain attacks are also on the rise. The global cost of cyber incidents are about 6.1 trillion, far outstripping cybersecurity spending. Often, cyber threats are viewed as something “outside” the organization. The tendency is to treat symptoms and not possible root causes like a lack of threat intelligence. How well do you know what threats like malware and ransomware could do to your business if you’re attacked? According to the 2022 State of Cybersecurity report, businesses are aware of threats, but are not necessarily looking within the organization for vulnerabilities. Cybersecurity Awareness Throughout Your Organization More than simply a component of IT function, cybersecurity needs to become a business imperative, with deep awareness on the part of the C-suite and newest employees alike. For example, do your employees know how to recognize a phishing email designed to get them to give up confidential information? For managers, how does the adoption of new technology (along with the cybersecurity challenges it might represent) help with reaching business goals? Often, despite the...