Are you trusting Microsoft Office 365’s built in security? With data security compliances such as HIPAA, GDPR, DFARs and the risk of crippling consequences of subsequent breaches, you shouldn’t solely rely on these built in features. Within the past eight years, the use of email has grown exponentially, becoming the primary business collaboration tool. Organizations […]
Are you one of the 885 million consumers affected by the First American Financial data leak? Last Friday, files stored on the First American Financial company’s website (firstam.com), contained bank account numbers, bank statements, mortgage records, tax documents, wire transfer receipts Social Security numbers and photos of driver’s licenses. Information dated back to 2003 was […]
A company of 50 employees may seem “too small” to be targeted for a cyber attack but to a cyber criminal, there are 50 possible attack vectors to exploit. Inbound spam filtering and outbound web filtering may be helpful. It is recommended to provide periodic cyber awareness training and enforce security policies. But all it […]
Last week we discovered the biggest reasons to implement the NIST Cybersecurity Framework into your current cybersecurity program. If you missed the post, you can read it here. So now that you’ve decided to use the NIST CSF as your guideline framework, the next step is to prepare for implementation. Here are three tips to […]
What is the NIST Cybersecurity Framework? The National Institute of Standards and Technology (NIST) is a government entity with a mission to promote innovation and industrial competitiveness. They created the Cybersecurity Framework as a voluntary set of standards, guidelines, and practices designed to help organizations manage IT security risks. Companies can utilize this framework to […]
The fight against cyber threats continues to grow more difficult every day, particularly in the financial sector. In fact, the threat of cyber security may very well be the biggest threat to the U.S. financial system. It’s best to mitigate this risk with a complete defense-in-depth program involving threat identification, protection, detection, response and recovery. […]
We often talk about the hard costs of lost data as a result of ransom amounts, use of resources, legal fees, and regulatory fines, but these are only the short term costs. In the long term, the soft costs are more troubling. These costs include customer loss, tarnished brand reputation, and productivity loss. While soft […]
THE 411 ON PENETRATION TESTING Organizations everywhere are being asked to build a stronger security posture to protect their company data. There are many aspects to doing this and they are different for every organization. One way to determine the gaps in your current security posture is by performing something called a penetration test. A […]
The healthcare industry has traditionally been slow to respond and has lagged behind other industries when it comes to cybersecurity. However, within the past year, cybersecurity budgets have increased, new technology has been purchased, and healthcare organizations are getting better at keeping their networks secure. Organizations are no longer questioning whether or not cybersecurity is […]
During tax season, cyber criminals target taxpayers by the masses. Each year, many taxpayers are fooled into disclosing their personal information. Organizations also fall victim to these scams while accidentally disclosing the tax information of employees to scammers. The IRS Tax Season “Dirty Dozen” Each year, the IRS launches its “Dirty Dozen” campaign warning taxpayers […]
