There is an old saying that states, “Take care of your house and let others worry about theirs.” This might be valid in the pre-internet world, but with so many dependencies and relationships that have been created between partners and third-party suppliers, the “trust but verify” motto has become commonplace—or has it? Companies are only as strong as their weakest links. Creating a strong cybersecurity program internally is not enough, as the program should include all aspects of business in which data is vulnerable.Read More
I can remember the moment clearly: I was in an early-morning meeting with several of my employees. Several minutes into the meeting, my mobile phone came to life with notifications and a call. Shortly after answering, there was a knock at the door. Almost instantly, I did not feel so well; I knew this couldn’t be good. As if it were rehearsed for stereo effect, I heard the words no one ever wants to hear: “I think we’ve been hacked.” My first response was, “Not possible!” Turns out, it was very possible and very much a reality. To be fully transparent, I thought my life and professional career were over in that moment; 25 years down the drain just like that! I took the cyberattack very personal.
As an Executive Director at one of the largest school districts in my state, I had officially become the next victim of ransomware.Read More
Current Status of Hafnium
Coming on the heels of the still evolving SolarWinds data breach, it is now verified that four previously unknown or "zero-day" vulnerabilities in Microsoft Exchange Server are being used in widespread attacks against thousands of organizations, with many more potentially affected, according to security researchers.
2020 has been a groundbreaking year on many fronts. Unfortunately, the majority of them have not been good ones. On October 28, 2020, the FBI, HHS, and CISA jointly reported on an imminent threat to healthcare organizations (the Health and Public Health Sector) surrounding the Ryuk variant of ransomware and other malware most recently seen accompanying it. “We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” said Charles Carmakal, Chief Technical Officer of the cybersecurity firm Mandiant, in a statement.Read More
Last week, I wrote about the first five steps to creating a culture capable of effectively defending against modern threats. This week, I'll take you through the next five steps. Let’s dive right in.Read More
The best defense against modern cybersecurity threats is not based on technology at all. While there’s currently a great deal of focus on Artificial Intelligence (AI), good-ole human intelligence is the secret ingredient. To effectively prevent your organization from falling victim to cyber attacks, it’s essential that your employees develop strong cyber instincts. We constantly coach customers on the idea that the strongest firewall you can own is a resilient, human firewall. The statistics are staggering: spear phishing accounts for 95% of enterprise network attacks, according to the SANS Institute.Read More