In regards to Multifactor Authentication, the question should not be if but instead what kind. Multifactor authentication (MFA) is vital to the security of your network. As Brian Sherman from Valeo was quoted, “Weaker MFA is better than no MFA.” However, if you can protect your data more thoroughly, then why wouldn’t you? Let’s take a look at the forms of MFA and how they will help keep your data safe.
Top 2020 Phishing Threats and How to Dodge Them
2020 has been quite a year thus far. Alongside record alcohol sales, Cybercrimes are also at an all-time high. As we have discussed in the past, 91% of breaches begin with a phishing attempt, and we have seen phishing attempts increase by 600% since January. To avoid these tricky phishing schemes, we need to understand what to be vigilant of when it comes to phishing attempts. We know that COVID-19 phishing attacks are on the rise but don't get too complacent in that fact. Let's take a look at the top trending phishing attacks in 2020.
Cybersecurity is a term we discuss broadly. It was discovered in 2019 that the average sophisticated cyberattack costs an organization $13million. With this extreme financial consequence, you can understand why we focus on cybersecurity education and prevention. We know the dangers of cyberattacks, although are you aware of what started the Cybersecurity Industry? This week we hit the thirty-second anniversary of the first sophisticated computer worm. How did this "research project" meant to determine the Internet's size end up taking down 10% of the Internet within 24 hours?
Many of us began our “Work from Home” adventure back in March. Some have trickled back into the office since, although many are still at home adjusting to what may be their new standard way to work. At first, many enjoyed the time saver of not having to commute and the ability to work in sweatpants. Unfortunately, over time we have recognized that the work/life boundaries have been blurred or even completely disappeared. Our days now include more on-screen time with 48% more chats a week with 69% more of those occurring “after hours." Our commute used to define our day with a build-up and wind-down that began and ended our day. Without this designated time, employees feel more burnout and exhaustion as the day never has a true beginning or end. Instead, it feels as if the workday is constant through our “work” hours and “home” hours. These blurred lines of work and home life may offer more time to work, although it has led to less workplace productivity.
As we have discussed time and time again, COVID-19 has changed a great deal about our world. It has altered the way we work, the way we socialize, and it has put a massive new stressor on our shoulders. Not only do we fear our health, but COVID-19 has proven to be a threat to our business’ cybersecurity. The scams that have come out of the fear and uncertainty surrounding COVID-19 are elaborate. From using frightening subject lines to adopting faux letterhead, these scam artists are scrambling to use the climate of fear and disruption that has been caused by COVID-19 to their benefit.
With the fact that 158 accounts are hacked every second on average, businesses need to be versed in what to do when you receive the alert that your or employee's credentials have been compromised. It is an unfortunate reality that once exposed on the Dark Web, your information cannot ever be completely removed or hidden. You cannot file a complaint or contact a support line to demand your data be removed. Your company should immediately start taking appropriate steps and measures to correct or minimize the risks and potential damages associated with this exposed data. We must identify, understand, and learn from past mistakes or failures, and adopt a more proactive and preventative approach to your business' cybersecurity strategies moving forward.
Many business owners - and the IT professionals they rely on - focus on protecting their companies from external threats – the lone hacker out for a large ransom, the industry competitor pilfering secrets, or organized cyber-criminals with sophisticate phishing schemes, etc. But what about internal threats? Organizations sometimes fail to consider the true risks that insiders pose to their cybersecurity. Yet, internal risks are every bit as dangerous and damaging as the external ones, even if there is not malicious intent. The 2019 IBM Cost of Data Breach survey revealed that 24 percent of all data breaches in the past five years were the result of negligent employees or contractors.1 Another report, Insider Data Breach Survey, found that 60 percent of executives felt employees who made mistakes while rushing to complete tasks were the primary cause of internal breaches. Another 44 percent pointed to a lack of general awareness as the second most common reason, and 36 percent cited inadequate training for their organization’s security tools as a close third.2 To drive home the full harm of insider threats, we’ve compiled five actual case studies of internal actors who’ve wreaked financial and reputational damage when they got careless, or abused their knowledge and positions for personal gain.