Heading into mid-to-late Summer, many organizations use this time of year to strategize or restrategize how they’ll prepare for a major crisis. A huge component of this process is planning for business continuity (BC) and disaster recovery (DR). Without a robust system of practices, technology, and strategies dedicated to carrying on with operations and retaining its brand image, an enterprise could become obsolete after just one incident.  Whether you’re referring to a natural, cyber, political,...

Protecting Backup Solutions From Threats and Vulnerabilities  As we have recently hit the end of the financial tax season and concluded some of the busy periods companies endure for selling their product or service, this is the time of year when many organizations reevaluate their business continuity and disaster recovery plans. While they likely consider natural disasters and political events that could halt their operations, one area that needs to be assessed is cybersecurity.  The...

Best Practices for Managing Organizational Data Breach Privacy At conferences, networking events, trade shows, or even just at social gatherings, the topic may have come up that put you in a position where someone was telling you about a data breach or other cyber incident their business incurred. While the conversation may have been genuine and not meant to diminish their employer’s reputation, there’s no doubt that you end up viewing that organization much differently...

As we continue our journey on what it means to practice holistic cybersecurity and its comprehensive methodology, we can now go into the process of getting your business to that point. Everything about going holistic and fully implementing a robust security strategy such as Zero Trust starts with “Identity.” Identification is merely the process of understanding your cybersecurity program regarding what it has and what it needs. This includes compliance & governance requirements, current technology...

What are CVEs? The world of Cybersecurity Vulnerability management is as wide is it is deep. Nefarious actors fighting to infiltrate networks will rip apart common vulnerabilities (CVEs) of the tools used to conduct business and look at every nook and cranny to see how they can get a foot in the door. Thankfully as these exploits are found, they are cataloged and reported so that the community at large can take steps to mitigate...

Understanding the risks of Cryptocurrency and protecting yourself    Since roughly 2010, cryptocurrency (crypto) has become a popular investment alternative to traditional financial avenues such as stocks, bonds, mutual funds, or real estate. Much of its appeal stems from optimism that it will become a more standardized currency in the future for institutions and governments — increasing the overall value. As a result, new types of cryptocurrencies are developed each day, trying to get a piece...

Are You Asking the Right Questions to Your Security Partners?  The recent Okta security breach is another example of companies founded on the vision of providing cybersecurity solutions, not necessarily being immune to attacks. It also shows the devastation that a cyber incident can have when targeted toward a cybersecurity software vendor, consultant, or managed security service provider (MSSP) due to the deep access and information they manage for their many clients.   In this case,...

Identity Theft Security Identity theft (or fraud) is a concept that has been tossed around for decades with the term first coined and used in 1964. Over the last few years, however, cases of identity theft have really accelerated throughout the advanced development of financial technology — particularly mobile banking/credit card management and increased capabilities for online payment processing.  Even fairly recently, the number of total reported identity theft cases has exponentially grown. For example,...

As we remain vulnerable to the constantly-evolving financial frauds and cybersecurity threat landscape and in light of recent events such as the QuickBooks payment scams, it’s important to be vigilant against any type of deception used to financially despair a person or organization — otherwise known as fraud.  Fraud takes many forms depending on the scope and target of the attack, but ultimately is a cybersecurity issue due to the methods for which the scammers...

Understanding Today’s Malware HermeticWiper and PartyTicket   Cyberwarfare has become its own “battlefield” in today’s global conflicts. The ability to slow down communications between military resources, shut down entire systems, and prevent intelligence from being shared amongst departments can give even a relatively small military a leg up while impacting the physical battlefield. With all that said, the recent Ukraine-Russia conflict has seen its share of intense cyberwarfare in the form of new and advanced malware....