Wednesday, February 28, 2018

Insider Threats to Business Continuity

February 28, 2018 - Yes, some internal threats are intentional, but most are unintentional, which makes them difficult to guard against. Estimates indicate that more than 50% of businesses have been victimized by insider attacks. Don't let yours be one of them... take a look at this week's articles dealing with this growing threat.

Insider attacks may demonstrate characteristics of an external attack; they also may leave unique digital footprints that are identifiable risk indicators. (Item #1)   More than ever, your users are the weak link in your network security. (Item #2)   Ask these 10 questions when building an insider-threat program. (Item #3)

Board members must understand the various types of insider threats and then ask the right questions to ensure they give their cybersecurity leaders the resources and tools they need to build a robust program. (Item #4)   Information and case studies in this booklet from the Australian government can help you manage insider threat risks. (Item #5)   Could insider threats be the elephant in the security room? (Item #6)

For the full issue, click here.

Wednesday, February 21, 2018

Social Engineering

February 21, 2018 - Phishing, vishing (uses phone calls) and smishing (uses text messages) plus impersonation are the top four social engineering techniques used in more than half of the hack attacks these days. This week we're looking at what social engineering is, preventing attacks, your best defenses again these attacks and how to educate your employees about social engineering.

Here's what you need to know to protect your organization and your users from social engineers. (Item #1)   Twenty-eight infosec experts discuss how to prevent the most common social engineering attacks. (Item #2)   Cybercrooks use the dangerous weapon of social engineering to get at the weakest link: the user. (Item #3)

How social engineering works (and why you may never know you're a target). (Item #4)   But there are steps you can take to tighten your security against social engineering attacks. (Item #5)   Here's information about educating your staff to prevent them falling for social engineering scams. (Item #6)

For the full issue, click here.

Wednesday, February 14, 2018

Email Threats

February 14, 2018 - Email will always be with us and so will all the scams, hoaxes and threats that continue to grow each year. This issue focuses on understanding some of these threats and learning to combat them.

Malicious email authors are clever and relentless, and they are constantly developing new, or at least different ways to deceive and attack us. (Item #1)   Emails are here to stay, and companies have another problem besides handling the incoming and outgoing emails: an increasing number have to be stored for long periods of time due to laws & regulations. (Item #2)   There are at least three versions of this business email scheme. (Item #3)

Organizations need high email availability and continuity; you need an email continuity strategy. (Item #4)   Protecting the organization from email-based threats is ultimately a collaboration between all levels of an organization, from the CEO down to the rank-and-file. (Item #5)   Over 90% of all network breaches are caused by, or include a phishing attack; what can you do to protect your organization? (Item #6)

For the full issue, click here.

Wednesday, February 7, 2018

Cyber Security

February 7, 2018 - Cybersecurity (or cybersecurity, whichever you prefer) is always in the news due to some kind of breach or another. There's no question that the next breach is probably right around the corner. And with the GDPR deadline fast approaching, organizations are more motivated to ramp up their cybersecurity. Everyone is focused on how to protect their systems and their data. This week's articles look at some past issues and some new approaches to the problem.

Companies throughout the world need to understand and ensure compliance with GDPR guidelines if they have any interaction with personal data from EU residents. (Item #1)   Business continuity and disaster recovery planning are every bit as critical to cybersecurity as application and network security. (Item #2)   A review of some of 2017's biggest cybersecurity disasters may give us a taste of what might be in store this year. (Item #3)

Blockchain tech has an inherent connection to cybersecurity. (Item #4)   Our approach to cybersecurity treats users like they are the problem, when they should be part of the solution. (Item #5)   It's time to get smarter about this lesser-known aspect of your cybersecurity program. (Item #6)

For the full issue, click here.