Tag Archives: Cyber Security

Cybersecurity Challenges for Small to Medium-Sized Businesses

Cybersecurity, ever a topic for businesses of all sizes, poses special challenges for small to medium-size businesses. Not only can they be special targets for bad actors, but they also deal with tight budgets and at times a lack of understanding of what cybersecurity means. Read on to learn how a small business can meet cybersecurity challenges and build strong defenses.


A number of cybersecurity issues are challenging for smaller businesses, according to a CompTIA article. First, just getting started with a cybersecurity plan can seem like a huge task. And what does cybersecurity mean for your business? What mission-critical data and applications need protection? Once your company has decided on your goals, how will you reach them? 


Another issue is spending. Often, a small organization’s cybersecurity budget is tight, and the business cannot spend very much on an IT team, or the training to upskill current workers. How much will a third-party solution cost? These and other costs can seem daunting. 


Knowledge and understanding of the threat landscape is another challenge. Small or medium-size businesses might think that, being small, they are “under the radar” of cybercriminals. However, they are likely to be the victims of a cyberattack. According to the FBI, small businesses comprised the majority of victims in 2021. Even if the bad actors don’t specifically target a small company, they may use the small company to target larger businesses. Often, the criminals are looking to steal data – credit card and bank account information, customer data, even proprietary business information–from anyone they can. 


One of the challenges is complacency; small companies may think they don’t need to learn new skills. On the contrary, they need to adapt to an ever-changing threat landscape. Cyber attacks are becoming more frequent and more sophisticated, with  attackers banding together. Previously, hackers may have worked on their own, trying to execute brute force attacks or use bots to take down a website with a distributed denial of service (DDoS) attack.   


Cybersecurity Help for Small Businesses


So, what’s the solution? The good news is, though cybercriminals are banding together, small to medium-sized companies can do the same. Technology service providers  can help small businesses access threat intelligence and learn from organizations that have been attacked and have recovered. And with help from the Cybersecurity Infrastructure Security Agency (CISA) and its various resources, businesses can get information and start acting on that information to develop their cybersecurity plan. What’s more, a company might seek out third-party partners that can help supply the IT talent to improve their cybersecurity posture.


Cybersecurity, especially for smaller businesses, can seem like a huge challenge. However, help is out there. To learn more about developing a security plan, contact your trusted technology advisor today. 

From Cybersecurity to Cyber-Resilience

Cybersecurity is an ever-present issue, especially in these times of rapid innovation. With this innovation, companies need to remember the importance of protecting systems, devices, networks and data from cyber attack. But what if we all went a few steps beyond, thinking of what to do to deal with an incident while it’s occurring and after it happens. Read on to learn how to work toward making your organization cyber resilient in the face of today’s threat landscape.

Cybersecurity and Cyber-Resilience

The two concepts sound similar, but the difference between cybersecurity and cyber-resilience is the focus. Cybersecurity refers to protecting systems, networks and data from cyberattack, whereas cyber-resilience is about an organization’s ability to withstand and recover from an attack while and after it happens. Both are important, and both contribute to business resiliency. An attack happens about every 39 seconds, according to some sources. Common types include malware attacks, ransomware, and Distributed Denial of Service (DDoS), and these attacks can steal data or access to it, or even stall your system. And the effect on your business is potentially devastating; even a short power outage can result in costly downtime. How will your organization not just prevent these hazards, but deal with and recover from them, and stay running and resilient?

Benefits of Cyber-Resilience

The threat landscape continues to expand, with more attacks and the attacks becoming more sophisticated. Considering the rate of cyberattacks already occurring, the probability of one striking any one organization is high. Protecting yourself, as well as having a plan to respond to an attack when it happens, benefits your company in numerous ways. For one, you can continue operating during the disaster and avoid lost revenue. Second, the ability to protect customers’ personally identifiable information increases their trust in your organization. Third, you avoid fines for failure to comply with data-protection regulations. Finally, your business can even achieve a competitive advantage in staying open when others have to close.

Elements of a Cyber-Resilience Strategy

According to a CompTIA article, a strategy will prepare you to respond to attacks and mitigate their damage. A cyber-resilience strategy starts with assessment and prevention, a deep knowledge of your technological assets, and any possibility of gaps that attackers can exploit. Actively implementing preventive measures can help you look out for threats before they become problems. Plans for response and recovery position your company to respond quickly and mitigate damage. Adaptation and flexibility involves knowing that each attack is different and being able to respond at the moment. Finally, education and ongoing training can acquaint workers with possible threats and how to respond. Practice through attack simulations is very helpful as part of training.

Cybersecurity, of course, is still important. Cyber-resilience goes beyond that, to recovering from an attack and keeping the business running. For help with your strategy, contact your trusted technology advisor today.

Protect Your Network Using Defense in Depth

The old defenses against cyberattacks–firewalls, antivirus programs and operating system patches–worked well when the security perimeter was the office. Now that remote work is here to stay and more devices are connected to company networks, protecting networks is more complicated. Read on to learn how defense in depth, an integration of individual tools, can help you better protect your technological assets.

The Significance of Defense in Depth


With business operations having altered in the last several years, more endpoints are connected to networks, and the threat surface expands. Not every remote worker may have the most up-to-date antivirus protection, for example. Bad actors could use brute-force attacks, seeking entry into numerous parts of the network. With defense in depth, other controls would keep the criminals from getting very far. This redundancy can give administrators time to enact countermeasures to keep the intruder from penetrating the network deeply

Typically, defense in depth involves three layers of controls–administrative, physical and technical. Administrative controls have to do with the policies and procedures that workers follow; for example, restricting permission to certain portions of the network, and allowing access to the data and applications they need to do their work (least privilege). Another layer involves physical security, and protects data centers and IT systems from threats like data theft. These controls include guards, security cameras and biometrics and/or ID cards. The layers of controls are working at different layers yet are integrated to provide a strong defense against cyberattack.


Getting Started with Defense in Depth


But where to start? CompTIA’s article on the topic makes several suggestions. One is to identify what malicious activity might look like for your business. Analyze data to develop a baseline for what’s normal in order to detect any anomalies when they happen. What are your most critical technological assets, and what do you need to do to protect them? These assets would be the core from which to build other layers of protection. What intrusion detection systems do you have? Are there others you can implement? Once you have your systems in place, it’s time to penetration-test your environment to find any weak spots.


Individual technology tools like firewalls, patches and network monitoring can work even better when they are integrated into a defense-in-depth system. For guidance in getting started, contact your trusted technology advisor today.

From Aware to Prepared

With an increasing number of devices connected to networks, as well as increasingly sophisticated cyber attacks, the threat landscape is incredibly broad. In 2003, the US government and various industries collaborated and created Cybersecurity Awareness Month. Each October, the spotlight falls again on keeping your system secure and being secure online. Read on to learn about becoming not just aware, but prepared, all year long.


Benefits of the Awareness Movement


The goal of the collaboration on Cybersecurity Awareness Month is to raise awareness about the importance of cybersecurity, and to ensure that businesses–including small to medium-size businesses–have the resources to be safer and more secure online. Such resources include educational tools like guides, planners, training modules, and much more, to help your business make cybersecurity awareness a visible part of your organization. Not only do these tools come in different languages, but they can be modified to fit the specific needs of your organization.


Awareness Just the Beginning


While awareness is certainly important, it’s just the beginning of being prepared. A good first step in preparedness is mapping your entire network, finding out every device connected to it and learning whether those devices are secure. Another step is keeping track of the latest threats–phishing emails that can introduce malware to your network, or hacking attacks to take advantage of weak spots in your infrastructure. Evaluating the risks particular to your geographic location is important, though even a low-risk location is still subject to the risks of power outages and the resulting downtime.  And don’t forget assessing the knowledge of your workers, including any weak spots in training. 


Once you have assessed your company’s vulnerability, you can begin to plan. Who will be responsible for which roles, what the first step after a cyberattack, what portions of your network need to be strengthened, all are to be outlined in your cybersecurity plan. Not only that, a training plan should be developed for employees so they will know how to respond.


Employee Training in Cybersecurity


Taking into account the human aspect of cybersecurity is critical. Many data breaches can result from human error. Training in password management is a vital part of helping workers be cyber-smart. Passwords should be unique and hard to guess, not shared with others. Because it can be difficult to think of (and remember) distinctive passwords, password management tools like apps or even technological tools built into the browser or operating systems, are available. A password management plug-in can even ask the user to store a password so that the workers won’t have to memorize numerous passwords. 


Cybersecurity is something not just to be aware of but to actively plan for – a cyber attack could happen anytime. For assistance in developing your plan, contact your trusted technology advisor today.

Cloud Security – A Shared Responsibility

While cloud computing is now a common way to provision computing resources and outsource IT functions, security can be a (perceived) obstacle to adoption. Cloud security can be a shared responsibility, however, between the customer and provider. Read on to learn more about what to expect from a current or prospective provider, and what you can do yourself to stay secure.


 Cloud Security and Why it Matters


Cloud computing, although providing multiple benefits, also presents security concerns. With compute resources available through the Internet, the greater amount of data moving between networks and devices, data which can be lost or stolen. Cloud security is a combination of technology, processes and policies that can keep your applications and data safe, reliable and available. Who ensures this, your company or the provider?


Cloud Security a Shared Responsibility


The answer is, both. In general, the provider provides and maintains the infrastructure, and the company looks after the data and applications “in” the cloud. How much responsibility either party assumes depends on the type of platform used. For instance, for Infrastructure as a Service (IaaS), the provider furnishes just that – infrastructure–and your company needs to manage the security of its own data and applications.  Other platforms like PaaS and SaaS provide more oversight. Sometimes the CSP will also offer data storage and monitoring. Top providers may even offer security-by-design or layered security as well as network monitoring and identity access management. 


Your Company’s Role


In general, a provider that handles more of the functions also protects more. Beginning with Infrastructure as a Service (IaaS), you secure data, applications, and control over your virtual network. With Platform as a Service (PaaS) you still handle data and applications and user access. Software as a Service (SaaS) allows you to outsource applications while still maintaining oversight of user access. Your company may need to employ multi-factor authentication for access control and train workers in password procedures. 


Considerations When Seeking a Provider


When evaluating a cloud service provider, security is critical. Does your current or prospective provider offer network monitoring? One of the concerns about cloud is lack of visibility regarding who attempts to access your network; how does the provider address this? With more scrutiny of data handling and more stringent regulations, assuring that your provider follows the same regulations you do is vital. 


Cloud computing, even with its benefits, carries security risks. To learn more about developing your cloud security strategy, contact your trusted technology advisor today.

Using Workers and Technology to Fight Phishing Attacks

Now that Generative AI (e.g. ChatGPT) is here, phishing attacks may increase both in number and sophistication. How do businesses protect themselves? Awareness is a good first step, but gathering data using a security information and event management system (SIEM) is even better. Read on to learn how SIEM along with education and awareness training can reinforce your company’s efforts to prevent phishing attacks and resulting malware.


What is SIEM?


Security information and event management (SIEM) combines two separate systems to not only gather information but develop rules to help analysts understand what occurs in your company’s network. Security information management involves the gathering, monitoring and analysis of security-related information across different computer logs–including email applications. 


Security event management is involved in helping respond to incidents. SIEM brings the two functions together – the strong log-keeping functions of SIM with the response capabilities of SEM. The information is put together in a standard format, then aggregated and analyzed, helping IT professionals prioritize their threat response. Since SIEM can be outsourced to managed service providers (MSPs), it is possible for small to medium-sized businesses to afford it and not have to hire extra staff.


SIEM and Phishing Attacks


The security operations center of an average organization can receive tens of thousands of threats, and some can receive ten times more. What’s a small or medium-sized business to do? How do they know they are victims of a ransomware attack until the damage is already done? Security information and event management has the capacity to gather and analyze information about user authentication attempts, separating normal logins from malicious attempts. When unusual login activity is detected, an event is created when it happens.  The SIEM software can then lock out the suspicious user while doing the investigation. While SIEM can show IT teams what’s happening throughout the network, everyone still needs to be aware of phishing emails and what they look like, and trained to act.


Train Your Workers, Too


Humans are thought of as  the weak spot in protecting against cyber attacks, including phishing emails. But what if, combined with SIEM, they are a strong defense against malware and other dangerous network intrusions? Whether phishing attempts using ChatGPT as the hook will become so sophisticated as to hide normal clues to phishing emails is not yet known. Clues like spelling errors and poor grammar are signs that the email is not from a legitimate sender. Educating workers to look for more information without clicking on malicious links and attachments, can help them identify a phishing email.


Technological tools like SIEM can combine with staff training to provide a strong defense against hazards from phishing emails. For further assistance, contact your trusted technology advisor today.

ChatGPT, Generative Artificial Intelligence and the Future

Any technology brings benefits as well as possible challenges, and Generative AI (e.g. ChatGPT) is no exception. ChatGPT is a type of artificial intelligence language model (“GPT” stands for generative pre-trained transformer) that carries potential for business uses. Whatever challenges this prevents in terms of cybersecurity will become apparent. No matter what the technology, safeguards will still revolve around people, processes and technology. Read on to learn more about ChatGPT, its potential uses, and the challenges it may bring.


What ChatGPT is, and Why it Matters


ChatGPT, a product from Open AI, is a Large Language Model (LLM) built on datasets from the Internet and pre-trained to give responses to questions, generate content, and make user interfaces more personal and interactive. Predictive text is already prevalent in email applications, wherein the application tries to guess the next few words or next sentence. All the user has to do is click the tab button to accept or continue typing to override the suggestion. Similarly, the artificial intelligence powering ChatGPT can help generate text by prompting the writer with suggestions based on Internet data. Organizations can save time and improve customer service, content creation, research and even automate customer service analytics. Generative artificial intelligence is the enabling technology for ChatGPT, and uses are probably limited only to the human imagination. Artificial intelligence puts together information from the Internet, but it’s up to the user to judge the content’s usefulness and accuracy. 


Early Adoption of ChatGPT Progresses Quickly


While not yet audited for bias and accuracy, ChatGPT has still become popular, and will probably become even more so, with so many quickly adopting it. Technological innovations like the telephone and electricity took decades to reach ubiquity, nearly eighty years in the case of the telephone. Electricity, first introduced at the Chicago World’s Fair in 1893, was thought marvelous–it too had its risks, including fires from improper wiring. According to a CompTIA article, the 1893 fire had the effect of starting a national certification for electricians based on agreed-to standards. And standards for use of ChatGPT have yet to be formulated. 

Even with its quick adoption, use of large language models like ChatGPT produces questions. 

For one, how does the use of ChatGPT help business objectives? Use cases can include improving the personalization of user interfaces, content generation, or automating customer service analytics. Another question has to do with where the data comes from, and how it’s changed. Businesses also need to consider where data comes from, and put into place governance which managers communicate to their reports–educating them about when AI can and should be used. Moreover, like any technology, ChatGPT can be exploited by bad actors who use AI to develop more sophisticated phishing schemes and even to spoof legitimate websites. 


Security Risks of AI and its Applications


Phishing and Malware


Any new technology can potentially be hijacked by bad actors seeking to steal data. The greater field of results offered by large language models like ChatGPT may enable even amateur hackers more data to work with. They can then introduce malicious code and formulate malware, offered up to unwitting email recipients via “phishing”–pretending to be a legitimate entity and hence stealing email login credentials and other sensitive data. AI-generated malware can in turn invade a company’s entire network. Phishing schemes also have the potential to become more sophisticated since, thanks to AI’s availability in multiple languages, professional-looking emails can be produced that can fool readers who might already know traits of phishing messages like typos and spelling errors. 


Production of Fake Websites


In a similar vein, content could be produced to generate fake websites designed to harvest personally identifying information. Logos and text could very closely imitate genuine websites that fool visitors into thinking they’re on a business website–maybe your website. Many bad actors are taking advantage of the topic by setting up sites to collect Personally Identifiable Information (PII) from unsuspecting visitors by using ChatGPT, Generative AI and LLM topics as the hook,


Data Security at Risk


Aside from malware, phishing and fake websites, large language models can put data at risk. What about the servers storing data used by AI? How safe are they? How accurate are the results? And how private is the data? Trained data used by the AI supporting ChatGPT is massive, and is not subject to permissions for use and upload. It is also unknown if conversational data is encrypted, so this data may not be private, either. Infact, uploading information to ChatGPT places it in the public domain. While much is yet unknown, current safeguards (people, processes and technology are still needed to manage risks.


Staying Secure When Using ChatGPT


On the business side, companies need to keep a pulse on the development of ChatGPT, developing new policies and updating older ones. What will the business use ChatGPT for, and when? Where does the data come from, and how will it be used? Companies need to take a holistic approach to security, setting ground rules for use of ChatGPT and educating everyone in the company on those rules. 


On the end-user side, individuals need to be vigilant about what data they supply to ChatGPT and to its source, the Internet. They still need to know the signs of a phishing email, perhaps treating any unsolicited email as a possible phishing attempt. 


Although Open AI takes security and privacy seriously, hazards may still exist. Like any tool, ChatGPT needs to be used carefully, in line with business goals. For more assistance, contact your trusted technology advisor today. 

Use UCaaS While Staying Secure

What if your business could integrate all of its communication tools (telephony, video conferencing, chat and more) over the internet? Unified Communications as a Service (UCaaS) provides cloud computing benefits on a subscription basis, and all your company needs is an Internet connection. Read on to learn more about the benefits – and cybersecurity considerations – of Unified Communications as a Service.


UCaaS and its Benefits


Unified Communications as a Service (UCaaS) is a way to integrate multiple modes of communication–voice telephony, video conferencing, email, chat and file sharing – without the need to maintain on-site infrastructure. In this cloud offering, the provider furnishes the infrastructure and data centers, helping clients to convert capital expense to more manageable operating expense. Users can move from one mode of communication to another and access information to serve customers more efficiently. With cloud’s scalability, resources can be provisioned as needed according to demand. Scalability allows users to be added and removed as needed. Even with little doubt about cloud’s benefits, considerations also exist.


Considerations in Using UCaaS


Even with numerous benefits, a company needs to consider its own network health as well as the strength of the provider’s network. Not only that, but especially the cybersecurity standards of potential providers needs evaluation. First of all, does your provider’s network have updated antivirus and anti-malware definitions, and operating system patches? Does it have sufficient bandwidth to handle high traffic volumes at peak periods of use? Does your company’s own end-user devices have protection from viruses and malware?  Even more important, do potential providers have certain cybersecurity measures in place?


What to Ask a UCaaS Provider


Adopting Unified Communications as a Service presents certain cybersecurity concerns. Data is one of the biggest; businesses are justifiably concerned about their data remaining protected, private and intact. With data from phone calls, web conferencing and other computing resources traveling via the internet, a company runs a greater risk of cyberattack. How can your company protect itself in the cloud? By asking questions of your provider or potential provider. One key concern is data encryption from the network to end-user devices, if it’s encrypted at rest and in transit. Are the provider’s anti-virus and anti-malware definitions current, along with operating system patches? A provider’s compliance with regulations is vital when your own company is subject to data-handling regulations like HIPAA or GDPR. Regarding access management, your company having strong password practices and multi-factor authentication is a good start. and you can build on this with identity and access management tools from the provider. Users will have as much access to computing resources as needed while still keeping your organization’s data safe.


Adopting Unified Communications as a Service can be both rewarding and challenging. To get started, contact your trusted technology advisor today.

Stay Safe from Phishing Attacks

Many threats to your network abound, and often ransomware, malware and viruses enter your network through social engineering, or “phishing” emails. Read on to learn the extent of the problem and how you can keep your business from being affected by these threats. 


Phishing a Growing Threat


Social engineering attacks, including phishing, are among the greatest threats to individual users as well as small to medium-sized businesses. Even though giants like Google and Facebook get the headlines, small to medium-sized businesses are not immune. Anyone and everyone can be a phishing target, and these attacks often come through email, something people use every day. A malicious actor sends an email (perhaps appearing to be from someone the recipient knows), trying to get confidential information like passwords or trying to insert malware in the network. According to a CompTIA State of Cybersecurity report, it can cost $1.85 million to remediate a ransomware attack.  Often these attacks come through spam emails and contain dangerous links that, when clicked on, can introduce malware to your system. Spam emails, in fact, account for most of the ransomware attacks. In spite of the prevalence of phishing, many users are not aware of the risk; as many as 13.6% of recipients click on the link. 


How to Prevent Phishing Emails from Becoming Attacks


In spite of such daunting statistics, there is good news–more awareness about the dangers of phishing scams. Many companies are consistently and systematically training their employees, and those with more than eleven campaigns per year (on average, one a month), have a low click-through rate, only 13%. This awareness, along with using email solutions that filter out the spam responsible for many phishing attacks, can block the majority of phishing attacks and keep your network safe. It’s still wise to be prepared in case something gets through, and have data backed up off site for easy retrieval. Finally, you can train your employees to recognize a possible phishing email. Clues include addresses that don’t look real, spelling errors, poorly written content, and appeals to emotions like fear. Once your workers are on guard, they know not to click on dangerous links. If the email looks like it’s from someone the person knows, it’s good to check that the message is indeed from them. If not, the email can be deleted.


Though phishing attacks are growing more common (not to mention more sophisticated), many intrusions can be prevented with technological tools and employee training. To learn more about keeping your network safe, contact us today.

Become Aware, Get Prepared. October is National Cybersecurity Awareness Month

October brings to mind cool days and crisp leaves. Another hallmark of this month is cybersecurity awareness. Government and industry have collaborated to “raise awareness about the importance of cybersecurity and to ensure all businesses have the resources to be safer and more secure online.” Read on to learn how to make your business more aware of and proactive in protecting its network, data and systems from cyberattack. 


Take Stock of Your Network’s Health


Cybersecurity awareness is always vital, not just at a particular time of year. One way to move beyond simple awareness is to take stock of your network’s health. A company’s network is only as strong as its weakest point. Do you have a map of your network, with all devices connected to it? Are there holes in your operating system where cyber criminals can get in and steal or compromise data? Do you have the most current operating system patches to prevent this? Also consider whether antivirus and antimalware definitions are current or if they need to be updated. Is your network being monitored? Remote monitoring helps you stay aware of the health of your network, and can solve small problems before they become big issues. 


Keeping an Eye on Cyber Threats


Another aspect of cybersecurity awareness is knowing the threats to your network. From ransomware to phishing schemes, cyber criminals are keeping pace with the growth of technology, especially during these unusual times. Do your workers know what a phishing email looks like, and do they know what to do and not to do if they get one? Your workers can be a good source of information when trained to recognize attacks. In addition, password management is another way to keep your system safe. Having unique passwords that are changed on a regular basis can help to keep attackers out of your network.


Let this month of cybersecurity awareness be a wake-up call to your business, and spur you to be as well protected as possible. For assistance in developing a plan or strengthening your network’s security, contact us today.