With everything happening on the cyber security front these days, what is a business to do? There's ransomware (which may or may not be considered a security "breach"), malware, hacks, and threats all over the place. At the same time, there are so many ways you can strengthen the cyber security posture of your business! But, where do you start? Easily, hands down, one of the best (and most cost effective) ways to make a dent in improving the security of your network is actually not to. Let me explain myself...
In the wake of the pervasive "WannaCry" ransomware cyberattack over the past few days, the Securities and Exchange Commission issued a cybersecurity alert on Wednesday to broker-dealers, advisers and investment funds with a number of recommendations.
Ever wonder why we're beating the drum so loudly about doing all you can to protect yourself from ransomware these days? Let's skip over how incredibly damaging getting hit can be. Let's forget about the Russian hacking of emails. Forget about some black hat hacker in some foreign land (who seems so far away that you think he's unlikely to care about your company's network). How about we consider the boy next door?
Google confirmed the validity of the latest phishing attack which targets Gmail users. This attack seeks to gain control of users' email histories and then spread itself to all of their contacts. The worm arrives in users' inboxes posing as an email from a trusted contact and then asks users to check out an attached "Google Docs," or GDocs, file. Clicking on the link takes you to a real Google security page, where you are asked to give permission for the fake app, posing as GDocs, to manage users' email account.
The Verizon Data Breach Investigations Report (DBIR) is back. Now in its tenth year, it’s an unparalleled source of information on cybersecurity threats. The 2017 DBIR reveals what’s really happening in cyber security. This year’s report is based on analysis of over 40,000 incidents, including 1,935 confirmed data breaches.
I don't know if you're aware of this or not, but the US-CERT (short for United States Computer Emergency Readiness Team) can be a great resource for some of the most recent patches and updates released by technology companies.
Their mission is to "strive for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world."
Once again, a significant security flaw has been uncovered. And this time it's not in any hidden Operating System layer or browser plug-in, but rather it's in one of the staples of the business world - Microsoft Word.
News of the bug spilled out over the past few days. In it's security advisory, Microsoft said the "critical" rated bug could allow an attacker to take control of an affected system and do things such as install programs or create new accounts with full user rights.
Sometimes old becomes new again. Such is the case with ransomware attacks, which have become more and more "popular" over the last few years. First released in 1989, ransomware has now come to be known as that sinister virus that infects a network and “locks out” users from accessing files. Only when the victim agrees to pay a ransom, usually in the form of bitcoins, can the system be unlocked and accessed again.
Two of our more integral partners, ESET (Anti-Virus and Security) and Datto (Backup and Business Continuity), recently released a couple of reports that are quite interesting. I figured I'd save you some time by reading them first and highlighting some of the more important points. So, here's FPA's version of the Cliff Notes of both reports.
FPA has always been focused on delivering high quality IT services. Throughout the years, this has presented various challenges - from different network configurations, to different useability requirements, to differing expectations of our various clients. At the end of the day, one of the best ways for us to help ensure we're able to deliver high quality service across the board is to make our clients' network environments as consistent as possible across the board.
Topics: General Business Owner Articles