While I am not a big fan of the “Top 10” things that we expect to see next year, I do think looking forward with a security focus is a good endeavor. While this time of year is always full of next year’s predictions, you really should be looking at the next six months every month. That way things won’t surprise you. But without further ado, here are my predictions for next year.
It was 2:30am one weekday night when my smoke alarms started going off at home. They are all connected together, so the whole house was a nice alarm bell. It was a weird fall night when it was warm outside and very foggy. We have had a lot of work done in the house, and I assumed it was a malfunction because of the dust that had been kicked up and the humidity outside. I disconnected the alarm that started this noise and got the family back into bed.
Are you aware that October is National Cybersecurity Awareness month? With the day to day security headlines year-round you may be thinking to yourself “I am sick of hearing about security”. As we come to the end of the month, bear with me for just a second as I let you in on a little security gem. While there are many different security solutions that exist, some cheap and many expensive, yet arguably one of the most important ones is free. It is a phrase coined by the National Cybersecurity Alliance, “When in Doubt, Throw It Out”. When at home or work, if you receive a piece of physical junk mail that that claims you have one a free trip to the Moon, what do you do? Most likely, you throw it out in the trash as you know it is not true.
Having a month dedicated to cybersecurity is a little bit of a misnomer. It indicates that there are some months where you don’t think about cybersecurity. Granted I think about security daily, as that is my job, but I hope most of you are also aware of it and think about it more than one month out of the year. However; since we do have a month dedicated to it, I thought this would be a good time to discuss some basic statistics provided in Verizon’s 2018 Data Breach Investigations Report. As the report says, “data breaches aren’t just a problem for security professionals”.
Second Annual List Honors Leading MSSPs & Cybersecurity Companies That Safegaurd Customers’ Digital Assets
MSSP Alert, published by After Nines Inc., has named Thrive 60th on the Top 100 MSSPs list for 2018. The list and research identify and honor the top 100 managed security services providers (MSSPs) that specialize in comprehensive, outsourced cybersecurity services.
The Top 100 MSSP rankings are based on MSSP Alert’s 2018 readership survey combined with aggregated third-party research. MSSPs featured throughout the list and research proactively monitor, manage and mitigate cyber threats for businesses, government agencies, educational institutions and nonprofit organizations of all sizes.
Over the course of this three-part series, we have explored security measures to help keep your organization better protected from cyber criminals. In part one, we examined the importance of patching, and in part two,we explored advanced email security. In this final part of the series we will cover security awareness training that should be implemented in every business.
I still talk with people in the security industry that confuse a vulnerability scan with a penetration test. These are very different yet complimentary tools.
A vulnerability scan can be run against your external IP range, as well as your internal IP range. If you run it against your external IP range you will see what the hackers see when they look at your network from the outside. If there are any known vulnerabilities, the scanner should pick it up and report it to you. This would be the first step in getting your network more secure.
IT executives and leaders are charged with building scalable, reliable, and secure environments. As more sensitive, regulated, and business-vital documents and transactions are digitized, even traditional businesses must embrace cybersecurity as a way of life. With this comes a mandate to develop and deploy a security program, which necessarily must include a component for continuous improvement. Security threats are constantly evolving, and threat or security fatigue can increase the pressure on security teams to keep up. Adding structure to the continuous improvement process can help relieve some of that pressure to “stay on top of everything” all the time.
I have discussions with clients all the time about technologies that we recommend that will help protect their companies from hackers. What most people do not understand is that technology itself will not protect a company. Someone who is attacking your company is using technology to try to get into your systems, but they are the brains behind the attack. If you put in a piece of equipment to stop the attack, but don’t have any “brains” that are orchestrating your defense, then you will fail. Technology can only take you so far.
This three-part series will highlight areas that are easy for Thrive to implement to help keep your business protected from outside threats. If you missed Part One: Patch, Patch, Patch, we covered the importance of patching your environment to prevent potential disruption or even disaster. This installment, Part Two, will focus on advanced email security; how it developed and why you should ensure to use it in your businesses. Moving forward, Part Three will use this information and detail the proper measures to take when it comes to security awareness training.