Become Aware and Prepared During Cybersecurity Awareness Month

Become Aware and Prepared During Cybersecurity Awareness Month

There’s never a bad time to examine your company’s cybersecurity posture, and even improve your strategy. Threats abound, including security incidents resulting from weak passwords, phishing attacks, and the lack of strong authentication. Read on to learn how you can assess and improve your preparedness for security incidents–it’s not if, but when.   Preparedness Starts with Awareness  October is Cybersecurity Awareness Month. Starting in 2024 the Cybersecurity and Infrastructure Security Agency’s (CISA) theme is “Secure Your World.” Cybersecurity Awareness month is a time for understanding the threats that face all businesses, and perhaps especially small to medium-sized companies. The good news is, you can learn more about what threats affect your network, applications and data, and how to protect your business.   Protect Your Business from Common Threats    Common threats include phishing as well as the ransome ware that can infect your network and steal your data. If your data isn’t stolen, it can be encrypted away from you via a ransomware attack. Security incidents can occur as a result of weak authentication of account access (weak passwords and lack of multi-factor authentication). Mishandled operating system updates can lead to not having the latest security updates and bug fixes.    Phishing threats are growing in frequency and sophistication, and can come in through emails designed to trick recipients into giving up security credentials, which can then be used to gain access to a company’s network and data. Phishing attempts, along with variants like “smishing” (attacks via text messaging) and “vishing” (attacks by phone and voicemail) rely on fear and a sense of urgency to trick the recipient into...
Protecting Your Business from an Evolving Threat Landscape

Protecting Your Business from an Evolving Threat Landscape

Whether man-made or natural, threats to the security of your company’s network are on the rise. Not only do effects of climate change (such as wildfires and floods) pose threats to businesses, but cyberattacks including ransomware via phishing emails, jeopardize your network and data. Read on to learn more about threats and how to overcome them.   Common Risks For Businesses   Risk management professionals have their hands full! Natural disasters like floods or wildfires can damage, even destroy, security operations data centers, homes and businesses, and infrastructure like power lines. Even a winter storm can keep workers from accessing work systems, and break the connection between a technical problem and its solution. At the very least, natural disasters can result in costly downtime.  According to a CSO Online article, the number of climate change-related incidents with damage exceeding $1 billion dollars had occurred by October 2023.    As if the consequences of natural disasters aren’t serious enough, bad actors are seeking access to business networks to steal data, infect the networks with malware, or both. These cybercriminals might also use a natural disaster to take advantage of a company’s vulnerability. Data breaches are also very much in the news. According to a 2021 cybersecurity threat trends report, phishing emails are responsible for roughly 90% of data breaches. These data breaches come from unsuspecting recipients giving up confidential information when they are tricked into doing so.     Phishing schemes are becoming more sophisticated, too. Another threat is escalating cyberattacks using the same artificial intelligence tools your business might be using to automate processes and make work more efficient. If...
Guarding Your Network Against Ransomware

Guarding Your Network Against Ransomware

Hybrid workforce is here to stay, and some businesses are entirely remote. With the benefits remote employees bring, it also introduces dangers like unprotected network access and greater exposure to ransomware. Over the last several years, ransomware has increased and can have disastrous consequences to businesses of all sizes. Read on to learn more about the ransomware landscape and how to protect your company from attacks that steal data.   Ransomware’s Prevalence and Danger   Ransomware, a type of malware that introduces malicious code that can encrypt your data and make it unusable for your company, is nothing new. Even with some progress by law-enforcement groups in taking down some of the infrastructure, it is still prevalent. It can cause data breaches, downtime from inaccessible data, and financial consequences from lost revenue. If your data is stolen or leaked, not only do you not have access to it, but it can damage your company’s reputation because customers no longer trust you to protect confidential information. According to a 2023 report by Verizon regarding data breaches, ransomware affected 66% of organizations; 24% of data breaches occurred as a result of ransomware infection. Aside from lost data, your network could also become a hub, spreading ransomware to others such as customers or vendors.    How Ransomware Enters Networks and How to Keep it Out   Points of entry are various, though the primary source is social engineering (phishing) emails. Many attacks come by way of an email containing a link which, when clicked on, downloads malicious software. Malicious actors use urgent calls to action and appeals to fear to get unsuspecting...
Lessons from a Global Technology Outage

Lessons from a Global Technology Outage

As we saw two weeks ago, our entire world is dependent on technology. The global technology outage precipitated by a faulty software update rollout by Crowdstrike illustrates how a small problem can have enormous repercussions. The recovery will likely be difficult and expensive for many companies but especially for small to medium-size businesses. Read on to learn about how a technology advisor can help your company mitigate damage from and even prevent technical issues   The Outage and its Impact   On July 19, 2024, a global technology outage resulted from a faulty software update from technology firm CrowdStrike upended operations across multiple industries. Flights were canceled and delayed, medical care interrupted, and businesses large and small were unable to operate. Large businesses will have a difficult time recovering, but what about small to medium-size businesses with less technical support? Smaller businesses dealt with missed deadlines, possible loss of customers and the inability to pay workers. What lessons can companies learn from what happened?    How a Technology Advisor Helps   Although some incidents are out of a company’s control, they still need to be prepared for the consequences of technology problems. A technology advisor is an expert in their field who advises, guides and supports businesses needing help with technology-related decisions. These decisions can include strategic ones, such as how to implement automation and develop a framework for cybersecurity. Or the advisor can assist in planning and navigating software updates to smooth the rollout process. Training and support of workers to give them the knowledge and skills to effectively and safely use technology tools.     The software update...
Password Best Practices Keep Your Business Secure

Password Best Practices Keep Your Business Secure

According to an article in the HIPAA Journal, May 2nd was “National Password Day.” You didn’t know there was such a day? National Password Day was declared in 2013 to bring awareness of both the importance of passwords in keeping personal and company data safe, but also about  password risks and best practices to mitigate those risks. Read on to learn about the state of thinking about passwords, and how to better manage login credentials.   A Brief History of Passwords   Even with biometric methods of identification, and single sign-on technology, passwords are still relevant as the most common way to secure personal and business accounts. Passwords were first developed in the 1960s at the Massachusetts Institute of Technology (MIT) to guard accounts against unauthorized access. Incidentally, the first password breach occurred there, too.  More recently, a survey of 2400 respondents in the U.S. and other countries revealed some sobering statistics about password practices.   Common Password Practices   Using the same password for multiple accounts was a common practice, with 84% of respondents admitting to using the same password for multiple accounts. If a hacker can steal the password to just one account, they can easily gain access to others.   54% of respondents relied on memory for passwords, and because of this the passwords can be too short and weak.   36% incorporated personal information (family names or birthdays, for example) in passwords to make remembering easier.    33% used only a password, rather than two- or multi-factor authentication, to access their accounts.    Moreover, even when changing passwords, users didn’t change them sufficiently. Instead, they...
Skip to content