Welcome to my blog
Join me on my journey as I share my insights and experiences on all things Apple, Business and Entrepreneurship!
Join me on my journey as I share my insights and experiences on all things Apple, Business and Entrepreneurship!
Organizations are faced with the increasing scrutiny of more complex and sophisticated attacks by threat actors against key information systems that are essential to the organization. Complex attacks such as ransomware and data exfiltration are being used against organizations or systems that they encounter or somehow get access to. When an attacker wants to break into a system, they will typically choose the easiest and most direct methods in means in order to access it. The problem is an organization may not have a full understanding of the complex attack...
Cybersecurity risks and threats are issues that all organizations, large and small, must deal with. Whether the issues are information security program related or a technical challenge, organizations need to have the personnel resources to solve the cybersecurity issues as aligned to the business requirements set forth. In an ever-growing cloud-based services industry, information security risk is never greater. Cyberattacks are growing in impact and frequency. Not a week passes without a headline of another cybersecurity attack such as a data breach or a ransomware attack. Cyber criminals are becoming...
Security awareness training is one of the most critical and important security requirements for any size organization to consider implementing within their environment. Arguably, the greatest risk faced by any organization is the danger of insider threat as employees are can be considered a weak link in the chain as they are susceptible to curiosity, greed, envy, etc. To further increase risk, employees may be faced with the threat of social engineering attacks including phishing, baiting, spear phishing, tailgating, scareware, pretexting, quid pro quo, etc. To combat these risks, a...
A cyber security risk assessment is a critical activity performed on your company's security policy, procedures, and infrastructure to reveal potential threats to key corporate assets and vulnerabilities in your current security controls as implemented. This process involves identifying and evaluating the likelihood and potential impact of these risks, allowing you to prioritize mitigation efforts and allocate resources effectively.
The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s (DoD) latest cybersecurity program designed to ensure that cybersecurity controls and processes adequately protect Controlled Unclassified Information (CUI) that resides on Defense Industrial Base (DIB) systems and networks. The DIB consists of all suppliers of DOD related services including primes, subcontractors, consultants, and other entities that provide any type of service on a DOD related contract. This includes companies that manufacture, design, or test products for the DoD, as well as those that provide services such as logistics, maintenance,...
The Health Resources and Services Administration (HRSA) of the U.S. Department of Health and Human Services (HHS) defines telehealth as: The use of electronic communication and information technologies, such as video conferencing, phone calls, and messaging systems, to provide healthcare services remotely. This includes consultations, diagnoses, treatments, and patient education.
The internet has gone from strength to strength and part of the beauty of it is the fact that it enables us all to communicate freely with people everywhere in the world. Now with the growth of Wi-Fi we have allowed ourselves to create devices which also connect to the internet and deliver or transfer data within a network. While this connectivity is amazing, the unfortunate downside is that each internet connected individual on the planet has their own networks and their own data that can fall victim to theft...
Working remote has many benefits but also creates many cybersecurity risks. Here is a handy list of do's and Dont's to help you protect your company and sensitive information.
The necessity of working from home is becoming a reality for many workforce members who may not have had this access before. While remote working offers many benefits to employees, such as increased flexibility and work-life balance, many more risks appear as cybercriminals prey on the lax security protocols of the remote worker. It is critical that we as employees treat this access as a privilege, making security our top concern in order to protect ourselves and our organizations from potential threats.
The threat of the Novel Coronavirus has recently been a top concern worldwide. With many conspiracy theories, disinformation, and general curiosity, many citizens are looking for more information on the outbreak from a trusted source. As a result, it's essential to rely on credible sources when seeking updates or guidance on this issue.
The COVID-19 crisis has forced many organizations and businesses to work from home. Are you aware of the cybersecurity risks to your business with your employees working remotely? With more employees accessing company data and systems from personal devices, there is a higher risk of data breaches and cyber attacks. This shift in work environment requires careful consideration of security measures to protect against these threats.
It's really sad that we live in a time when scammers are still so active in the face of such hardship and adversity. However, it is the environment where people are often at their most vulnerable, struggling to make ends meet or dealing with personal crises, making them an easy target for those looking to take advantage of them.
Business email compromises (BEC) scams made a significant impact in 2018, with a notable 133% increase over the previous year, as reported by Beazley Breach Response Services. This surge in BEC scams highlights the growing threat of cyber attacks that target businesses through compromised email accounts and phishing schemes.
We are all aware of federal compliance regulations when it comes to the privacy and security of our information. For example, you'd be hard pressed to find someone who hasn't heard of HIPAA. Yet are you aware that regulations have been put in place at the state level that have the same goal -- to protect our security and privacy? These state-level regulations can vary significantly from one jurisdiction to another, requiring businesses and organizations to stay informed about specific requirements in each area they operate.
Tis the season! You're making mental plans with what is hopefully a generous tax refund and deciding what to do with the surplus of cash you'll soon have on hand. Perhaps you've been putting off some necessary expenses, like car maintenance or home repairs, and are eager to tackle them now that you'll have some extra funds available.
Human-error; we talk about it all the time, but what exactly do we mean? Human-error occurs when an individual performs a task or does something with an unintended outcome. It's easy to point the finger at employees as being an organization's weakest link, but without appropriate security awareness training provided by the employer, how can employees truly know what to watch out for? This lack of knowledge can lead to mistakes that have serious consequences, making it essential to address human-error proactively rather than reactively.
Breaches are becoming increasingly common as cybercriminals continue to advance their skills and tactics to trick their victims into falling for their scams. While cybercriminals remain diligent in their efforts to carry out their attacks, small business owners continue to underspend on cybersecurity measures. An article on Entrepreneur{:rel="nofollow"} examines 5 things your employees are doing that put your business at risk, highlighting the need for increased awareness and vigilance among both staff and management.
The dark web is often known for the illegal activities conducted there, and while not everything on the dark web is illegal, it's most appealing factor is its anonymity. The dark web is often a place where stolen data and personal information is bought and sold following a data breach or hacking incident. An article on Experian{:rel="nofollow"} takes a look at what your personal information is worth on the dark web and how you can help protect yourself from being exposed.
Identity theft is an unfortunate occurrence that is all too familiar with most business owners, but do those individuals know where the compromised data will end up? Often, these business owners are unaware of the virtual marketplace where stolen data is purchased and sold by cybercriminals; a place known as the "Dark Web". An article on Lexology{:rel="nofollow"} explores what the Dark Web is, what information is available for purchase there and how it impacts small businesses.
