Become Aware and Prepared During Cybersecurity Awareness Month

There’s never a bad time to examine your company’s cybersecurity posture, and even improve your strategy. Threats abound, including security incidents resulting from weak passwords, phishing attacks, and the lack of strong authentication. Read on to learn how you can assess and improve your preparedness for security incidents–it’s not if, but when.

 

Preparedness Starts with Awareness 

October is Cybersecurity Awareness Month. Starting in 2024 the Cybersecurity and Infrastructure Security Agency’s (CISA) theme is “Secure Your World.” Cybersecurity Awareness month is a time for understanding the threats that face all businesses, and perhaps especially small to medium-sized companies. The good news is, you can learn more about what threats affect your network, applications and data, and how to protect your business.

 

Protect Your Business from Common Threats 

 

Common threats include phishing as well as the ransome ware that can infect your network and steal your data. If your data isn’t stolen, it can be encrypted away from you via a ransomware attack. Security incidents can occur as a result of weak authentication of account access (weak passwords and lack of multi-factor authentication). Mishandled operating system updates can lead to not having the latest security updates and bug fixes. 

 

Phishing threats are growing in frequency and sophistication, and can come in through emails designed to trick recipients into giving up security credentials, which can then be used to gain access to a company’s network and data. Phishing attempts, along with variants like “smishing” (attacks via text messaging) and “vishing” (attacks by phone and voicemail) rely on fear and a sense of urgency to trick the recipient into action. Such attacks may include malicious links. Knowing how to recognize and deal with a possible phishing attack includes knowing how to report the email before deleting it, and knowing not to click links. If in doubt about the sender’s address, the recipient can point their mouse arrow at the URL to determine if the address is legitimate. 

 

Weak authentication can also put your company’s network at risk. Security incidents can occur when a password is guessed and the attacker penetrates the network. Examining your company’s password best practices and making sure workers know the practices, can help defend against intrusion. By creating strong passwords (e.g. twelve characters, with a variety of numbers, letters and special characters) individual workers can protect the company’s network. A password management system can help generate and store passwords, and only the password to that system needs to be remembered.

 

Multi-factor authentication (MFA) adds an extra layer of protection. To verify identity, a one-time code or even biometric like fingerprint recognition can determine that the request to access your network is legitimate. Even if a bad actor guesses and uses a password, they can’t access the network. 

 

Keep Current on Operating System Updates

 

On the company level, updating operating systems and applications can help protect your network and data. Operating system updates often include bug fixes and updated security features. Managed updates keeps them happening on schedule and compatible with your network environment. 

 

With its “secure your world” theme, CISA’s cybersecurity awareness campaign can be a template for your company’s efforts to prepare for possible attack. For further assistance, contact your trusted technology advisor today.

Protecting Your Business from an Evolving Threat Landscape

Whether man-made or natural, threats to the security of your company’s network are on the rise. Not only do effects of climate change (such as wildfires and floods) pose threats to businesses, but cyberattacks including ransomware via phishing emails, jeopardize your network and data. Read on to learn more about threats and how to overcome them.

 

Common Risks For Businesses

 

Risk management professionals have their hands full! Natural disasters like floods or wildfires can damage, even destroy, security operations data centers, homes and businesses, and infrastructure like power lines. Even a winter storm can keep workers from accessing work systems, and break the connection between a technical problem and its solution. At the very least, natural disasters can result in costly downtime.  According to a CSO Online article, the number of climate change-related incidents with damage exceeding $1 billion dollars had occurred by October 2023. 

 

As if the consequences of natural disasters aren’t serious enough, bad actors are seeking access to business networks to steal data, infect the networks with malware, or both. These cybercriminals might also use a natural disaster to take advantage of a company’s vulnerability. Data breaches are also very much in the news. According to a 2021 cybersecurity threat trends report, phishing emails are responsible for roughly 90% of data breaches. These data breaches come from unsuspecting recipients giving up confidential information when they are tricked into doing so.  

 

Phishing schemes are becoming more sophisticated, too. Another threat is escalating cyberattacks using the same artificial intelligence tools your business might be using to automate processes and make work more efficient. If your company is using the tools, so are the bad actors. Cyber criminals can create more sophisticated phishing schemes, drafting emails lacking the usual spelling and grammatical errors in social engineering messages. Not only that, criminals can create videos (“deep fakes”) that mimic the voice and/or image of someone the recipient knows. 

 

How You Can Protect Your Business

 

It’s said that the question is not if your business is attacked, but when. You may know what your business is up against, but how do you protect yourself? You need a plan. A good place to start is taking inventory of technological assets, including data. Taking a risk management approach by assessing the most likely threats first helps prioritize your response. Partnering with a provider for Managed Detection and Response (MDR) and mobile device management can protect your network and its connected devices.

 

Tools for Protecting Your Network 

 

Two solutions for protecting your network include managed detection and response and mobile device management. Managed detection and response is a cybersecurity service that proactively protects organizations from cyber threats with a combination of technology and human expertise. The provider serves as a partner, taking on time-consuming tasks and using human expertise to hunt down and destroy threats. The end result is the preservation of your company’s reputation and brand. Mobile device management provides visibility across multiple devices and applications, protecting the devices with security features, in accordance with company policies.

 

Threats are escalating, including malware that takes advantage of unprotected devices as well as sophisticated phishing schemes involving artificial intelligence. For advice on shielding your company’s network, contact your trusted technology advisor today. 

 

Guarding Your Network Against Ransomware

Hybrid workforce is here to stay, and some businesses are entirely remote. With the benefits remote employees bring, it also introduces dangers like unprotected network access and greater exposure to ransomware. Over the last several years, ransomware has increased and can have disastrous consequences to businesses of all sizes. Read on to learn more about the ransomware landscape and how to protect your company from attacks that steal data.

 

Ransomware’s Prevalence and Danger

 

Ransomware, a type of malware that introduces malicious code that can encrypt your data and make it unusable for your company, is nothing new. Even with some progress by law-enforcement groups in taking down some of the infrastructure, it is still prevalent. It can cause data breaches, downtime from inaccessible data, and financial consequences from lost revenue. If your data is stolen or leaked, not only do you not have access to it, but it can damage your company’s reputation because customers no longer trust you to protect confidential information. According to a 2023 report by Verizon regarding data breaches, ransomware affected 66% of organizations; 24% of data breaches occurred as a result of ransomware infection. Aside from lost data, your network could also become a hub, spreading ransomware to others such as customers or vendors. 

 

How Ransomware Enters Networks and How to Keep it Out

 

Points of entry are various, though the primary source is social engineering (phishing) emails. Many attacks come by way of an email containing a link which, when clicked on, downloads malicious software. Malicious actors use urgent calls to action and appeals to fear to get unsuspecting users to give up confidential information. Not that phishing emails are the only way for ransomware to enter. Ransomware can also get in through attacks on vendors, workers using unsecured Wi-Fi, or even an application update.

 

How, then, can you protect against it? Like preventing any cyberattacks, the solution can include tools, policies and people. Tools like network monitoring and updated patches can help detect and block ransomware. Firewalls can also analyze activity between your network and other points and block ransomware. Policies can include having separate computers for business and personal use, as in the case of remote workers. Training workers to recognize a phishing email and report it, and refraining from clicking any links needs to be a regular practice. 

 

With technological innovation comes risk. To learn how to minimize your risk of being a ransomware victim, contact your trusted technology advisor today.

Lessons from a Global Technology Outage

As we saw two weeks ago, our entire world is dependent on technology. The global technology outage precipitated by a faulty software update rollout by Crowdstrike illustrates how a small problem can have enormous repercussions. The recovery will likely be difficult and expensive for many companies but especially for small to medium-size businesses. Read on to learn about how a technology advisor can help your company mitigate damage from and even prevent technical issues

 

The Outage and its Impact

 

On July 19, 2024, a global technology outage resulted from a faulty software update from technology firm CrowdStrike upended operations across multiple industries. Flights were canceled and delayed, medical care interrupted, and businesses large and small were unable to operate. Large businesses will have a difficult time recovering, but what about small to medium-size businesses with less technical support? Smaller businesses dealt with missed deadlines, possible loss of customers and the inability to pay workers. What lessons can companies learn from what happened? 

 

How a Technology Advisor Helps

 

Although some incidents are out of a company’s control, they still need to be prepared for the consequences of technology problems. A technology advisor is an expert in their field who advises, guides and supports businesses needing help with technology-related decisions. These decisions can include strategic ones, such as how to implement automation and develop a framework for cybersecurity. Or the advisor can assist in planning and navigating software updates to smooth the rollout process. Training and support of workers to give them the knowledge and skills to effectively and safely use technology tools.  

 

The software update responsible for the outage was believed to have not undergone rigorous testing–including for compatibility with common software systems. Technology advisors can help a company develop a framework for rigorous testing of updates to prevent problems that can spread to stakeholders; this includes cybersecurity issues. 

 

What Your Company Can Do

 

Of course, a technology advisor doesn’t do all the work. A collaborative approach in your company, where the IT department works with other business units, contributes to the knowledge of all. For example, while some departments may be enthusiastic about automation of processes, another can provide needed caution–no technology is infallible.  A  technology advisor can help  the company plan an automation strategy. Not to mention, the advisor can remind the company of the need for human oversight of automation.

 

July’s global technology outage has shown us all how digital transformation can introduce risks. Small to medium-size businesses may need a technology advisor to help them with a plan to mitigate these risks. For further assistance, contact your trusted technology advisor today.

Adopting a Risk Management Approach to Your Business

Doing business in today’s world doesn’t come without risk. Anything can happen, from a brief power failure resulting in two hours of downtime, to a days-long global technology outage precipitated by a CrowdStrike software update. How will you know what risks your business is most subject to, and how to mitigate those risks? Read on to find out what types of risks can threaten your company, and how to protect yourself.

 

Multiple Risks to Your Business

 

According to an article from CompTIA, risks come in various forms. Some are within a company’s control, and others come from outside. But all pose some threat to productivity, security or reputation–or all of these. Types of risk include:

 

    • Strategic: These have to do with deviations from a company’s strategy or model. Using automation, for example, can benefit operations, even facilitating software updates. However, problems can occur if human oversight isn’t part of the process. 
    • Competitive: negative consequences of a competitor’s actions, which can cause a loss of business for your organization. Even a competitor’s offering of a better product or service can negatively impact your business. 
    • Compliance: This involves failure to comply with government data security regulations, and can consist of data storage and even data breaches. 
    • Reputational: Events that can damage your image, and public perception of your brand. Perhaps a too-quick rollout of a product or service, a data breach, or a compromised website, can affect trust from customers and other stakeholders. 
    • Financial: This type of risk is anything that might cause loss of revenue. Loss of customers due to compromise of your company’s reputation, or downtime costs from even a brief system outage, can cause loss of earnings.
    • Operational: Anything that affects the operation of your business or other businesses that work with you. A faulty software update can have global consequences, as was seen recently. 
    • Global: Can include global conflict, supply chain disruption, or nation-state cyber attacks. 

 

Any or all of these have a potential impact on cybersecurity, though some are more likely. An outage can result in downtime (operational and financial risk), or a data breach (financial, compliance and reputational). Certain risks intersect, like financial, operational and reputational in the case of a data breach. Depending on how your company handles risk, your brand can weaken, or become stronger than ever.

 

How You Can Prepare

Assess and Document Your Biggest Risks

 

Prioritize risks most likely to affect your company’s operations, revenue or reputation. Your business may be more likely to be subject to risks of regulatory compliance failure than to global conflict. Any source of risk can impact your company, however unlikely it seems. 

 

Assemble a Strong Team

 

By including people from each department, your company gets different perspectives on what can happen and how it might affect your business. For instance, sales and marketing can point out risks posed by competitors. Your leadership personnel can watch for strategic risks. Anyone can be on the alert for social engineering (“phishing”) emails.

 

Prepare an Incident Response Plan

 

All the documentation and planning will go into an incident response plan. This plan comprises the most likely risks,  action plan for each, and the person or persons responsible for specific tasks. Such a plan will help you respond quickly and efficiently to possible disasters, or even keep a minor problem from becoming a major disaster. 

 

Risk management is becoming a more common stance in companies all over the world. To learn about evaluating risks and developing a response plan, contact your trusted technology advisor today. 

Secure Access Service Edge (SASE) for Hybrid Work Environments

In 2020, the way people worked changed, likely for good. Instead of being in the office most of the time, employees worked at home. Although some workers have come back to the office, hybrid work is here to stay. Secure Access Service Edge (SASE), pronounced “sassy”) is ideal for hybrid work, with its cloud-native architecture, centralized access policies and support of access based on device identity. Read on to learn more about this architecture and what it can bring to hybrid offices.

 

Benefits of SASE for Hybrid Work

 

The cloud-native architecture of Secure Address Service Edge can combine the flexibility and scalability of cloud with the connectivity of Software-Defined Wide Area Networks (SD-WAN). Add to this centralized access policies based on user device identity. Data does not need to travel from one source to the data center, and back again–lessening the chances of it being lost or intercepted in transit. Access is verified at specific endpoints when a user logs in, and data can travel along SD-WAN pathways to these endpoints, once verification occurs. SASE can address the needs of hybrid offices for security and connectivity. 

 

Key components of SASE include:

 

  • Secure Web Gateway: a cloud-based proxy that enforces standards for communication applications like Microsoft Teams, which are frequently used by hybrid offices. 

 

  • Firewall as a Service (FWaaS): Cloud-based firewall that provides a standard security experience and eliminates the need for an on-premises firewall.

 

  • Cloud-Access Security Broker: Extends rules and policies to software and infrastructure not owned by your company.

 

  • Zero-Trust Network Access (ZTNA): Anytime a user or device (such as a remote worker’s laptop) requests access to the network, it is evaluated to ensure that it has a right to access the network, and access is granted–or denied, if suspicious. 

 

Considerations for Adopting Secure Access Service Edge

 

While SASE is an effective architecture combining SD-WAN’s connectivity with various security controls, it is not a substitute for cybersecurity policies. Hybrid offices, with some endpoints beyond the office’s perimeter, are still subject to social engineering attacks like phishing. Employees still need to know how to spot and report a phishing email and prevent malware from entering the network. Companies still need to assess the offerings of SASE and how it aligns with business goals (including hybrid work). Other technologies, like endpoint detection and response (EDR) and/or Managed Detection and Response (MDR) may need to be deployed alongside SASE. 

 

Secure Access Service Edge (SASE) can help give your hybrid work environment the connectivity it needs, as well as support security policies. For more information on using the SASE architecture in your company, contact your trusted technology advisor today. 

Put Artificial Intelligence to Work for Your Business

What will your company do with artificial intelligence, now that it’s a key technological trend? Artificial intelligence (AI, for short) holds the potential to revolutionize how your business meets its goals. Fueled by the natural language model of generative AI, automation of processes, data analysis, and streamlining tasks have all helped businesses work more efficiently. Read on to learn more about specific use cases for different aspects of your business.

 

Multiple Use Cases for Artificial Intelligence

 

With AI working behind the scenes to automate tasks, and the release of ChatGPT in the fall of 2022, new capabilities and use cases have opened up–content generation, development of artwork, and other creative applications are available. Microsoft also entered the picture by integrating Co Pilot with their popular office productivity suite in early 2023. Use cases are plentiful for C-level staff, operations, sales and marketing, human resources and more.

 

C-Level Executives: More business data is generated daily, and harnessing it can be overwhelming. Artificial intelligence can analyze data and distill insights from it in a way that mere human effort cannot match. Market trends, customer behavior, and financial metrics can all be derived from the vast amounts of data a business generates, as well as internet content. Moreover, they might get ideas for ways other departments can use AI.

 

Financial: Finance Departments can use AI for document search and synthesis, enabling them to understand contract information and regulatory filings. Artificial intelligence can also analyze and synthesize transactional data, identifying anomalies that might indicate possible fraud. Automated bots can perform mundane data entry and reconciliation tasks. Financial analysts realize productivity gains by using AI to set up complex spreadsheets for financial analysis.

 

Human Resources: AI can help streamline recruiting to help your company search out the ideal candidate, simplify documentation for on-boarding, and gather employee feedback to improve their experience. Big data from large language models (LLMs) can help your human resources department make informed decisions and also streamline benefits and compensation. AI is also ideal for creating job descriptions.

 

Operations: Drawing up meeting agendas and synthesizing insights from meeting notes; automatically inviting attendees, summing up information for attendees arriving later; preparing timelines for rollouts of new products.

 

Sales/Marketing: AI can be used to prepare for an upcoming meeting by summarizing emails and researching customer information from internal systems.  AI can also help with generating proposals, creating powerpoints and more.

 

Customer Service: AI can help customer service representatives quickly pull up customer data; summarize interactions, prompt for next best answers and empower live chat to enhance customer experience.

 

With all of these benefits, be sure to use AI responsibly and securely in your organization.  Ensure you have an acceptable use policy and train your employees properly. In addition, identify and tag sensitive information to avoid unnecessary data leaks.

 

For all departments, tools like CoPilot can help generate and augment content, allow the writer to try different styles and ask questions for more information. Artificial intelligence can be a game changer for your business; to learn more, contact your trusted technology advisor today. 

Consider Managed Detection and Response to Keep Your Business Secure

With malware attacks escalating in number and severity, what can small and medium-sized businesses do to protect their networks without breaking the bank? Read on to learn more about using managed detection and response (MDR) to help detect and mitigate threats to your cybersecurity.

 

The Need for Managed Detection and Response

 

Leading global technology market analysts, Canalys, shared in a LinkedIn post, ransomware attacks are increasing each year. Between the first four months in 2023, and the same period in 2024, publicly disclosed attacks increased by 96%. Between 2022 and 2023, the attacks increased by 68%. These attacks are just the ones that are publicly disclosed ones. What about attacks on small to medium-sized businesses and not been reported? And what can smaller businesses do if they don’t have the time and resources to constantly be monitoring their networks? 

 

What is MDR and How Does it Work?

 

Enter Managed Detection and Response, or MDR. This option “relies on an external third-party to monitor a company’s IT systems and respond to threats in real time.” Unlike traditional cybersecurity deployments, it is fully managed and delivered by an external provider. MDR is also sometimes called “cybersecurity as a service.” Cybersecurity can be challenging for SMBs especially, as it can require time and effort on the part of the company and even then not all threats can be dealt with. But with the 24/7 monitoring provided by MDR, companies can focus on meeting business goals. 

 

Managed Detection and Response combines cybersecurity software, threat intelligence and human (or machine learning powered) intelligence to detect threats to the network, including unpatched software and operating systems, weak passwords, and susceptibility to social engineering (“phishing”) attacks, among others. Not only does MDR quickly analyze suspicious activity, assessing its severity and potential impact, but isolates and neutralizes any threat. Any intelligence gathered about threats will be accessible to machine learning to improve future detection.

 

Further Benefits of Managed Detection and Response

 

Beyond the detection and response capabilities, MDR can help in other ways. By using an external third party, you don’t need to have specialized staff on site. Therefore, you can focus on activities that bring revenue and advance business goals. What’s more, MDR services can work with your existing security solutions, enhancing their reach and effectiveness. For instance, you can combine MDR with an endpoint security solution like Secure Access Service Edge (SASE) for even stronger detection and response.

 

The cloud-based managed detection and response is a way to monitor your network and mitigate threats, preventing costly cyberattacks. For further assistance, contact your trusted technology advisor today. 

Disaster Preparedness for Business Recovery

We are entering the seasons of storms (including hurricanes and tornadoes), wildfires and other possible disasters. Even a power outage of short duration can affect your business. What if you ship orders because of an interruption in your order processing service, for example? Or what about a bigger disaster, that takes your business out of operation for days or weeks? Read on to learn more about the importance of disaster preparedness for keeping your business running.

 

What a Disaster Recovery Plan is and Why You Need One 

 

Having a plan does seem obvious, doesn’t it? Yet many companies may not have one in place. A definition of a DRP is a structured document describing how your company can resolve data loss and get back to functionality during and after a disaster. Even a brief power outage that may seem like just an inconvenience can strongly impact your business. Downtime can be costly to your bottom line and to your reputation. 

 

Advantages of Having a Plan

 

A key benefit is knowing what to do when a disaster happens, and swinging into action immediately. What’s more, a plan will give you confidence, and give others like workers and customers confidence in you. Customers will know that you’re keeping their data safe from loss or compromise, because you’ve backed up that data. You’ll know how much to budget for recovery from disaster, and which systems need to be back up and running. 

 

Getting Started: Planning and Documentation

A conversation gets the ball rolling. Discussing what might happen in the event of a disaster, and what mission-critical systems need to resume first. What will happen first, and who will be responsible for making that happen? Who are your stakeholders, and what do they need from you? What data most needs to be protected, and how will it be safeguarded? What information will you provide, and what will be the messaging? The answers to these and other questions will give you the structure for your planning and documentation. 

 

Besides answering the above questions, your documented plan should include both recovery time objective (RTO) and recovery point objective (RPO) – two key metrics for preparedness. Recovery Time Objective refers to how much time can pass to get your systems back up and running, whereas the recovery point objective refers to the age of files to retrieve from backup storage. 

Working the Plan: Testing and Refining

 

Testing, done frequently and with practical exercises, will show how well your plan works, and also show “what you don’t know that you don’t know.” Going through scenarios and table-top exercises will point up unknown vulnerabilities, show what needs updating, and show whether key players know what to do. Information technology workers in particular will know about data protection strategy, and are vital to your efforts. Having tested your plan, you will know what changes are needed. Once the changes are made, testing can resume. 

 

Disaster recovery planning may seem overwhelming. Taken step by step, though, it is possible and your business can be on a sure footing. For more assistance, contact your trusted technology advisor today.

Password Best Practices Keep Your Business Secure

According to an article in the HIPAA Journal, May 2nd was “National Password Day.” You didn’t know there was such a day? National Password Day was declared in 2013 to bring awareness of both the importance of passwords in keeping personal and company data safe, but also about  password risks and best practices to mitigate those risks. Read on to learn about the state of thinking about passwords, and how to better manage login credentials.

 

A Brief History of Passwords

 

Even with biometric methods of identification, and single sign-on technology, passwords are still relevant as the most common way to secure personal and business accounts. Passwords were first developed in the 1960s at the Massachusetts Institute of Technology (MIT) to guard accounts against unauthorized access. Incidentally, the first password breach occurred there, too.  More recently, a survey of 2400 respondents in the U.S. and other countries revealed some sobering statistics about password practices.

 

Common Password Practices

 

Using the same password for multiple accounts was a common practice, with 84% of respondents admitting to using the same password for multiple accounts. If a hacker can steal the password to just one account, they can easily gain access to others.

 

54% of respondents relied on memory for passwords, and because of this the passwords can be too short and weak.

 

36% incorporated personal information (family names or birthdays, for example) in passwords to make remembering easier. 

 

33% used only a password, rather than two- or multi-factor authentication, to access their accounts. 

 

Moreover, even when changing passwords, users didn’t change them sufficiently. Instead, they only changed a few characters, with the idea of keeping them easy to remember.  All of these practices can facilitate the theft of passwords by social engineering (email “phishing” or text-message “SMiShing”) attacks, or even brute force attacks. How can thinking on passwords be changed?

 

Best Practices for Password Management

 

First, the article suggests thinking not in terms of passwords but passphrases, multi-character combinations of upper- and lower-case letters, numbers and symbols, that are more difficult to guess. Also, the article suggests using password management systems where the list of passphrases is itself protected by a passphrase of at least fourteen characters. Companies can develop clear, enforceable policies for password management, which might then influence how workers handle passwords outside of work, too. 

 

Passwords are still necessary to secure business and personal accounts, and thus need to be unique and strong. For help developing your company’s password policy, contact your trusted technology advisor today.