Would it surprise you to know that cybercriminals aggressively target individuals over corporate infrastructures in their attacks? This is because it is easier and ultimately more profitable for hackers to target unsuspecting people. Threat actors target people in a myriad of ways in hopes of stealing credentials or uploading malicious apps into business networks to obtain a solid payday or gain access to sensitive data. According to research done by Proofpoint, a leading cybersecurity and compliance company, more than 99% of the attacks observed required human interaction to succeed.

Within the last decade, small to medium-sized businesses (SMB) have embraced cloud technologies. The promises of agility, productivity, resiliency, and scalability are appealing benefits to any business leader. If you were to look around your business today, you may find the cloud touching almost every aspect of it. While cloud technologies offer significant benefits, they also introduce new security risks. This leaves executives searching for effective cybersecurity tools and solutions to reduce chances of a high-priced, high-profile data breach.

Cybercriminals have small to medium-sized businesses in their crosshairs, and they are using phishing emails to lure them in. The reality is, any organization with sensitive data can be a target for cybercriminals. They have learned to precisely craft their phishing emails to trick spam filters and fool unsuspecting victims into clicking. Once this happens, the cybercriminals have the green light to proceed with their scam. Learn about the types of phishing emails used today and steps your organization can take to reduce the risk of phishing attacks.  

Cybercrime is a persistent, complex fight against the unseen. Elusive cybercriminals continually hone their hacking skills to target millions of unsuspecting users and exploit their digital weaknesses. They are usually driven by financial gain, and it is predicted that ransomware attacks against businesses will occur every 11 seconds by the end of this year. This estimate doesn't include individual attacks which occur even more frequently (Cybersecurity Ventures). Employing the right cybersecurity strategies to stay ahead of their endless attacks can sometimes feel like the cybersecurity goalpost is moving every second.

When interviewing candidates for a position on the Systems Engineering Advisory Services team, I almost always ask, "What is the right way to assess and manage cybersecurity risk?" Even the most seasoned cybersecurity professionals will pause to think about the best way to answer. The truth is, there is no 'right way.' 

In 2020, many organizations pivoted their business models due to the pandemic. If you're one of these companies, you may have developed new processes and procedures that allowed you to safely continue operations and maintain high levels of customer service. Now that the dust has begun to settle, it is an excellent opportunity to evaluate or reevaluate any new cybersecurity risks that could have been created by these changes. In this article, we offer practical guidance on how to classify and measure your cybersecurity risks for effective cybersecurity risk management.

It seems we can’t go more than 24 hours without hearing about the latest and greatest data breach affecting millions. These headlines are worrisome and has lead to many sleepless nights for business leaders at small and medium-sized businesses. 

How much are the costs of a ransomware attack? Industry experts have estimated that in 2019 alone, the cost could have exceeded $7.5 billion. This has significantly increased from 2017 when Cybercriminals extorted $5 billion from businesses. Ransomware attacks are bad for business and growing in prevalence every year. In 2020, ransomware attacks have increased on law firms, hospitals, universities, city municipalities, and school networks. In September, a hospital in Germany suffered a ransomware attack that ultimately caused someone's death.

In light of the uptick in breaches at small and medium-sized businesses (SMB), I wanted to briefly review the cyberthreat landscape and offer some cybersecurity best practices organizations can implement to better position their businesses against the bad guys.

Has your company decided to transition a portion or all your employees to work-from-home long-term? What may have started as a temporary means to an end is working well, and you have decided to embrace this new way of doing business. What you need now is to ensure your remote employees can continue to get their work done as productively and securely as possible.