Jun 13, 2023 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
Now that Generative AI (e.g. ChatGPT) is here, phishing attacks may increase both in number and sophistication. How do businesses protect themselves? Awareness is a good first step, but gathering data using a security information and event management system (SIEM) is even better. Read on to learn how SIEM along with education and awareness training can reinforce your company’s efforts to prevent phishing attacks and resulting malware. What is SIEM? Security information and event management (SIEM) combines two separate systems to not only gather information but develop rules to help analysts understand what occurs in your company’s network. Security information management involves the gathering, monitoring and analysis of security-related information across different computer logs–including email applications. Security event management is involved in helping respond to incidents. SIEM brings the two functions together – the strong log-keeping functions of SIM with the response capabilities of SEM. The information is put together in a standard format, then aggregated and analyzed, helping IT professionals prioritize their threat response. Since SIEM can be outsourced to managed service providers (MSPs), it is possible for small to medium-sized businesses to afford it and not have to hire extra staff. SIEM and Phishing Attacks The security operations center of an average organization can receive tens of thousands of threats, and some can receive ten times more. What’s a small or medium-sized business to do? How do they know they are victims of a ransomware attack until the damage is already done? Security information and event management has the capacity to gather and analyze information about user authentication attempts, separating normal logins...
Jan 16, 2023 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
Attacks and threats producing attacks continue to occur. How can your company keep up, and protect itself from financial, legal and other consequences? Cyber resilience, the ability to recover from a cyber attack, involves people and processes even more than technological tools. Read on to learn more about helping your organization plan how to keep going in the face of an attack. Cyber Resilience Involves People and Processes Cyber resilience is more than just technological tools protecting your organization. Cybersecurity is part of it, but not all Cyber resilience has to do not just with preventing a cyber attack, but recovering from the damage and evaluating the response. This evaluation may include changes in policies and procedures. According to a CompTIA Community Blog post, people can be the most important asset in defending against – and in some cases recovering from – a cyber attack. What Causes Cyber Attack? According to statistics, more than 50% of cyber attacks and resulting data breaches stem from human error. Lack of training is a primary source of risk. Do employees know what to do if they get a phishing email? Do they know what one looks like? What are your workers’ skill sets, knowledge, levels of training? How well has your company defined processes for cyber security, disaster recovery, and monitoring? Though cyber resilience processes can be defined by executives, everyone plays a part in protecting your company. Performing a Cyber Resilience Assessment and Moving Forward While developing policies, processes and procedures can seem daunting, some resources can get you started. A good starting point is evaluating...
Dec 8, 2022 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
When it comes to cybersecurity, tools and technology help. What can help even more is making cybersecurity a part of company culture, to the point of safety becoming second nature. Read on to learn more about establishing a culture of cybersecurity. The Vital Importance of Cybersecurity The attacks just keep coming. In recent years, SolarWinds and Colonial Pipeline are just a couple of well-known incidents. According to statistics, more than half of cyber attacks result from human error–weak or poorly managed passwords, susceptibility to phishing schemes, perhaps even ignorance of company policies and of best practices. The cost of attacks is supposed to continue increasing, to over $10 trillion by 2025. The Cybersecurity Conversation It’s never too late–or too soon–to openly discuss cybersecurity in your organization. Your executives, both in your IT department and outside of it, can set the tone for your company’s cybersecurity culture. For example, sharing learning from past experiences can show your workers that anyone can learn from mistakes. More than technology and tools, cybersecurity training needs to be an integral part of company culture–it saves costs, preserves your company’s reputation, and keeps your company in business. You can freely discuss cybersecurity in team meetings and everyday work conversations. Ideally, this will get workers of teams talking about ways to keep your company safe and may reach the individual level, encouraging them to evaluate their cybersecurity savvy and improve it. Regular training and retraining should also be part of the organization’s culture of cybersecurity. Staging mock “phishing” attacks to test workers’ knowledge and ability to act, will help to make training...
Nov 10, 2022 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
Many companies, while they have defenses against cyberattack, still fight to keep ahead of cyberattacks. What if your company is one of these, and could find a better way to protect your technological assets–data, applications, your network itself–from attack? Read on to learn more about “defense-in-depth” and how your company can use it to build a robust defense in all parts of your network. Definition of Defense in Depth Simply defined, defense-in-depth is a cybersecurity approach in which independent layers of controls are employed to build redundancy. If one control fails, another will take over. If an intrusion occurs, the bad actor can go only so far and will be dealt with before they cause serious harm. All the way from your perimeter to the most sensitive data at the core of operations, controls will keep your data and applications safe from loss and compromise. A first layer is detection, which catches anomalies and reports them to cybersecurity personnel, stopping them from intruding further into your network. Evaluating Your Current Cybersecurity Posture How do you know what an anomaly looks like, and whether it is a cyberattack in the making? Before making the transition to a multi-layered cybersecurity structure, knowing your current cybersecurity posture is important. One thing to consider is what a possible attack might look like. Viewing intelligence from past activity logs, especially when an intrusion occurred, should show you what unusual activity looks like. A next step is identifying your mission-critical data and applications, not to mention your most sensitive data, to determine which assets need the greatest protection and should be...
Feb 6, 2020 | SMB Technology, SMB Technology, SMB Technology, SMB Technology, Technology News
Commonly, employees are thought to be the “weak link” in combating cyberattacks. What if, with thorough training, your employees become your best resource in fighting attacks like phishing, ransomware and malware, and social engineering attacks? These threats can all lead to your network and data being compromised as well as your business losing revenue and your clients’ trust. Read on to learn more about common threats and how to train your employees to have a role in combating them. Know the Threat Landscape Threats to cybersecurity abound, and some of the most common are ransomware and malware, which can get to your network via phishing schemes and social engineering attacks. Ransomware is a type of malware in which files are encrypted and become unreadable, and can only be available again if the user pays money (a ransom) to get a key to get the files unlocked. Malware, in general, is malicious software designed to steal confidential information, insert a virus into the network, or both. Commonly, malware and ransomware enter a network via social engineering attacks such as phishing schemes. A bad actor pretends to be someone the victim knows, and tricks them into giving confidential data. For example, the attacker may pretend to be a fellow employee needing assistance that requires access to the network. Instead of trying to find and exploit weaknesses in the system itself, the criminal tries to find “weaknesses” in the victim–a desire to help others, for example. Train Employees to Recognize and Prevent Attacks There are excellent online and in-person training programs to prevent cyber attacks. This training can be a good foundation...
