On July 29, 2017, the world could have used a cyber superhero to save millions of Equifax customers from an Equifax security breach. Data items such as social security numbers, birthdates, addresses, and credit card information were exposed – stolen! – through a vulnerability introduced in a patching process for a website application. This type [...]
A strong cybersecurity posture consists of effective measures related to prevention, assessment, detection, response, and recovery. But how can you determine whether your company is succeeding in these areas? Watch as Lorri Kidder discusses key questions that can help you evaluate your company’s cybersecurity defense system.
Cybersecurity is one of the the hottest topics in business today. Ever wonder where you should begin to protect your business and its assets? The best first step is to properly train your team regarding their roles in protecting your business from a potential breach. But how do you build a successful cybersecurity [...]
Just as medieval castles were designed to safeguard territories during war, a company’s employees are generally expected to strive to protect the organization from a cybersecurity breach. Yet, thousands of team members unknowingly allow imposters to infiltrate businesses and steal millions of dollars by falling victim to executive impersonation fraud. Surveying the Executive Impersonation Fraud [...]
In the game of cybersecurity, betting the farm on an ironclad perimeter defense is a losing strategy. “There is a good chance that hackers are already in your system,” a privacy attorney recently told Data Breach Today. “Your focus should turn to not only protecting your perimeter but also identifying hackers within your network and [...]
There are many steps companies can take to strengthen their cybersecurity, but there is one step that rises above the rest. Watch as Jon Heath explains the most important thing companies can do to protect themselves from a breach.
A key component of cybersecurity is properly training team members on their role in protecting the organization from a potential breach. Watch Jon Heath as he describes the key components of a well-structured cybersecurity training program.
Round and round it goes. Where it stops—and the cybersecurity attack starts—nobody knows. For most business owners and executives, cybersecurity can feel like a game of roulette. Who knows where that spinning ball will fall? In reality, the sources of cyberattacks are sometimes more predictable than many might think. Here is one rule of thumb [...]
Cybersecurity is a high-stakes game. Just like in poker, the stakes vary widely according to the value of the digital assets – or chips – in play. For example, contact information for company executives might be akin to a $5 chip, whereas a record of customer transactions could be comparable to a $500 chip. Understanding [...]
Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems to gain access to digital assets. CRI’s cybersecurity assessment is based on the National Institute of Standards in Technology (NIST) Cybersecurity Framework – a living document, which includes three parts. Framework Core (Core): This common set of activities, outcomes and references used across [...]
Cybersecurity involves more than creating effective passwords. In fact, some of the most high-profile security breaches of the past two years may not have resulted from weak passwords. Consider the below examples. Target: In 2014, a data breach of Target’s systems exposed 40 million debit and credit card records along with 70 million personal information [...]
One thing that computers and programmers typically do very well is encryption – so well that it is almost impossible to break. But what if the bad guys use this defensive move for extortion? If someone in your organization clicks on the wrong link in an email, then they may find out that the result [...]
Cyberattacks are here to stay—partially because the financial result is lucrative for the criminal and partly because the bad guys can easily hide from law enforcement. It seems to have started with three common types (one of which that has morphed) and have taken off in the below order: phishing*, which includes blast emails designed [...]
As phishing and other social engineering scams become more commonplace and sophisticated, the human factor often is the weakest brick in the walls of a company’s information security. Consider this statistic from a recent cybersecurity study: The average employee will click on one out of every 25 malicious messages. A layered strategy that includes firewalls, [...]
Anyone who enjoys crime dramas may have seen the following less-than-accurate scenario in a recent flick. After evading about a dozen bad guys, the hero makes it to the office where the villain keeps evidence that will put him away for good—but the laptop is secured with a password. The hero connects a device to [...]
When whales like Target, JP Morgan, and Anthem turn up losing hands in the cybersecurity strategy game, what chance do lightweights have? To owners and executives in small and mid-sized organizations, cybersecurity can feel like a game of chance—one where cyber thieves are holding all of the cards. On the other hand, some might mistakenly believe [...]
Thousands of individuals receive suspicious emails, phone calls, faxes or notices from entities claiming to be the IRS—often even including the IRS logo. These IRS phishing scams are tactics devised to trick you into revealing personal and financial details that can then be used to commit identity theft and steal money. And the prevalence of [...]
Executives in corporate America have been losing sleep over data losses and IT breaches for years now, and almost every news report seems to offer another reason to worry. The recent Sony data breach illustrates the potential for much more than customer identification and credit card data to be compromised. In that disastrous case, the [...]
IT deficiencies can increase the organization’s risk of fraud and errors as it relates to financial statement preparation. The deficits could also expose the organization’s IT system to internal and external threats. Although mitigating these deficiencies is usually left to the IT team, an entire organization can play a role in this process. There are [...]
As smartphone features continue to expand, more people use them instead of their computers. As the line between smartphones and computers blurs, it is important for users to consider tighter device security measures. We’ve listed three tips for increasing smartphone security below. 1. Create a strong password. Many people save confidential information in emails and [...]