“Seeing Yourself in Cyber”  Since the 2004 declaration by the President of the United States and Congress, we dedicate each October as Cybersecurity Awareness Month. The annual campaign is sponsored through a conjoined effort between the Cybersecurity & Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) — providing support from both the federal...Read More

Enforcing best security practices through governance and formal procedures  Similar to how firms use employee handbooks to outline all the requirements and expectations for professionalism in the workplace, businesses should also implement rules for how users of company resources and applications must act and operate as it pertains to the company’s data security. Hence, the...Read More

Truly popularized in the mid-2000s, multi-factor authentication (MFA) has been security practitioners’ go-to response whenever someone asks, “what can I be doing right now to protect my data and accounts?” It’s often listed as a default best practice to defend against many cyber attacks and attack vectors such as phishing, business email compromise (BEC), keystroke...Read More

Florida state agencies and local governments are now subject to new cybersecurity requirements and prohibitions that went into effect on July 1, 2022. These new amendments to Florida’s State Cybersecurity Act (“the Cybersecurity Act”) impose practically impossible-to-meet notification requirements on state and local governmental entities and prohibit them from making ransom payments. Stepping back to...Read More

Protecting Backup Solutions From Threats and Vulnerabilities  As we have recently hit the end of the financial tax season and concluded some of the busy periods companies endure for selling their product or service, this is the time of year when many organizations reevaluate their business continuity and disaster recovery plans. While they likely consider...Read More

Are You Asking the Right Questions to Your Security Partners?  The recent Okta security breach is another example of companies founded on the vision of providing cybersecurity solutions, not necessarily being immune to attacks. It also shows the devastation that a cyber incident can have when targeted toward a cybersecurity software vendor, consultant, or managed...Read More

Understanding Today’s Malware HermeticWiper and PartyTicket   Cyberwarfare has become its own “battlefield” in today’s global conflicts. The ability to slow down communications between military resources, shut down entire systems, and prevent intelligence from being shared amongst departments can give even a relatively small military a leg up while impacting the physical battlefield. With all that...Read More

Endpoint detection & response (EDR) is a cybersecurity solution consisting of multiple tools (including AI) that monitor for potential security threats and address them head on. This technology works by constantly collecting information from endpoint devices connected to an organization’s network such as desktops, servers, laptops, or tablets. By “information,” we are mostly referring to...Read More

Following these consumer security best practices for online shopping will help you get through the holiday season securely as well as avoid shopping scams, prevent theft of your personal data, and secure your credit card information.   Kate, a mother of three, couldn’t contain her excitement for shopping during the holiday season when she received an...Read More

The NIST Framework is the ultimate roadmap for which the United States government outlines how businesses can develop their cybersecurity program to account for the threat landscape that is forever evolving. The framework is long and detailed but can be more easily understood when the recommended best practices and security measures are broken down into...Read More