Directive Blogs

Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.

The Internet of Things is everywhere and that means that it’s important to understand how much of a potential security risk these devices can be. From smart speakers to smartphones, it's important that you understand how these devices can create problematic situations. In this week’s blog we will discuss how you can protect yourself against IoT vulnerabilities at home.

Cybercrime is the fastest growing criminal activity in the world. From the largest enterprise to the individual, it can affect anyone, anywhere. To help ensure the cybersecurity of American citizens and their businesses, the Department of Homeland Security (DHS), United States Computer Emergency Readiness Team (CERT), and the Federal Bureau of Investigation (FBI) and other agencies work together every October to raise awareness about the threats people face online through a series of educational events and activities.

Threats are everywhere in business today. You can quite literally be sitting at your desk actively working in your email and be exposed to multiple scams. With this revelation, it is essential that every organization takes the steps necessary to secure themselves against the immense amount of threats that could put their network and infrastructure at risk, and do so without making it difficult on their staff. Let’s dig into what that takes in this month’s newsletter.

Security is extremely important for every single organization that uses IT. Like any other part of a business where practices and demands change frequently, there is bound to be significant innovation involved with the strategies built to protect users and the business as a whole. Let’s look at why it is important to continuously innovate your organization’s cybersecurity policies and procedures.

Cyberattacks are a serious problem that all businesses face in some form or another, but there are small, everyday tasks you can do to ensure that they impact your organization as minimally as possible. It takes intention and effort to protect your business and its infrastructure, but that doesn’t mean that it has to be hard. Here are three simple ways you can keep your infrastructure secure.

You know the old phrase, “A chain is no stronger than its weakest link?”

It’s a pretty good idiom, but when it comes to cybersecurity, I think the idea is worth revisiting. It’s not that you aren’t as strong as your weakest link, or in terms of cybersecurity, it’s not that you aren’t as secure as your most vulnerable endpoint…

You are less secure the more users you have.

Small businesses have a lot to worry about in terms of technology, but one of the things that often gets overlooked is network security. Some small businesses feel that they are too small to be considered a viable target for hackers, but they are wrong; all businesses have data valuable for hackers in some form.

The modern threat landscape is vast and unpredictable, and even if you think you know enough about cybersecurity to protect your business, we bet that you don’t. It’s not even just in the business world, either; individuals also struggle against cyberthreats, and so too do IT administrators. The next couple of weeks will be dedicated to cybersecurity to get across everything you need to know about it.

When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.

The effectiveness of your business’ IT security is largely contingent on how your IT operates. As a result, it is extremely important to ensure that your staff understands the role they play in protecting your business’ assets. This month, we discuss what you should prioritize when putting together a security training platform; an essential part of any business’ attempts to keep their IT secure. 

How quickly do you think it takes for a hacker to react to the disclosure of bugs and vulnerabilities? According to industry experts, the time for security professionals to react to zero-day threats and vulnerabilities might be decreasing. Is your organization prepared to act when important vulnerabilities like these are disclosed?

As a business professional, it’s your responsibility to protect your company’s digital assets from cybercrime, but the path forward is not always so easy or clear-cut. Without a thorough knowledge and expertise of IT security at your disposal, it can be challenging to protect your infrastructure as adequately as it needs to be. Here are some of the common issues that involve cybersecurity, as well as how you can address them.

Mobile devices demand a special type of attention in order to ensure security. You want to ensure that your devices are protected as well as possible, but you also need to ensure that this does not come at the expense of your employees’ productivity or efficiency. We’ve put together a list of common security issues you might encounter when securing your mobile devices, as well as a couple of practices you can implement to work toward an adequate level of cybersecurity for your mobile infrastructure.

Businesses today have to deal with more potential problems than in any time in history. They are dealing with cost increases at every turn, personnel shortages, and a regulatory landscape that is always evolving. One of the biggest issues that can have a negative effect on a business is not having the processes and resources in place and working to secure its data and network. Today, we will look at five suggestions that can work to help your business keep its network and data more secure. 

Security is an incredibly important part of running a business, but it’s extremely easy for busy employees to fall short of the security expectations you might place on them. This is why it is so important to train your employees on the many facets of cybersecurity. By training them, you are preparing them to tackle the plethora of challenges they will encounter throughout the workday.

How many security solutions does your organization have implemented at any given time? Traditionally, businesses have implemented what we call “point solutions,” which are software tools designed to address a specific part of your security infrastructure. While this approach is certainly better than not having security at all, it presents several problems that must also be addressed in order to most effectively protect your organization.

Your company’s email is one of its most important pieces of technology, and since that is true for nearly every business, it is unfortunately one of the most utilized attack vectors used by cybercriminals. Most businesses don’t understand just how vulnerable they are if their email isn’t properly secured and do their best to keep their employees trained on how to spot potential scams. 

When it comes to network security, businesses need all the advantages they can get, especially since cybersecurity as an industry is one which is rapidly adjusting and responding to an enormous amount of ever-changing threats. One way in which security researchers have attempted to subvert this security rat race is through artificial intelligence measures, a trend that promises to change the way businesses protect themselves more effectively.

With so many wireless networks available to connect to, it’s no surprise that wireless security is a cornerstone of working while on the go. We thought it would be helpful to have a list of best practices to help ensure your wireless networks, and the devices connecting to them, are as secure as possible.

For every level of business, cybersecurity is a big deal. For the enterprise, they deal with a lot of would-be attacks and need their staff to know how to respond if they are targeted. For the midsize business, the convergence of underwhelming IT support and a growing workforce can be the perfect storm. For the small business, a significant cyberattack could be the beginning of the end for their business. This is why, no matter what size your business is, you need to have a cybersecurity strategy in place that includes tools, monitoring, and protocol. This month, we have put together a list of considerations your business should note to keep your network and data safe.

With cybersecurity a priority for every business that depends on their IT, there are a lot of different strategies being utilized out there to keep threats off of networks and data safe. One of the most advanced strategies being used today is enlisting a service that runs a Security Operations Center (SOC). Today, we’ll investigate what a SOC is and how it works to keep threats at bay. 

Whether you’re referring to ransomware, phishing, data theft, spoofing, any of the many forms of cybercrime, it is something that all businesses need to prepare themselves for. While different business sizes will have differing scales to contend with, these kinds of preparations will involve the same basic principles. To help you best defend your company against cybercrime, here are a few tips based on those principles.

Getting your staff to care about your organizational network and data security may be more difficult than you might think, but it’s not a lost cause. Today, keeping your business’ organizational security strong relies heavily on your staff’s willingness to follow the right practices, so today we thought we’d give you seven tips to get your people to care about security

In the business world, it can be difficult to know who to trust in regard to cybersecurity. In many cases, businesses are simply opting to not trust any device, friend or foe, when it comes to their data security. This type of zero-trust model is slowly becoming the norm, and it’s one that your organization might consider moving forward.

Penetration testing is a topic that you might often hear and read about on the Internet, but you might not know exactly what it is without having it explained to you by a professional. Today, we want to clear up any misconceptions or ideas you might have about penetration testing and how it relates to your business’ network security, compliance, and regulatory requirements.

As statistics for cybercrime surge, it’s important to remember that your organization must do all that it can to protect itself. There is, however, a C-suite position that almost exclusively focuses on this task: the chief information security officer, or CISO. Many enterprises have individuals dedicated to the sole task of securing their organization, but smaller businesses might find themselves lagging behind in this regard due to no fault of their own.

There are countless cybersecurity threats out there, many of which wait until very unfortunate times to strike. One such time is over extended weekends or holiday breaks, when many companies shut down operations longer than the usual two-day weekend. In fact, this is such an issue that the Federal Bureau of Investigation and CISA have issued warnings in response to them.

If there is one shared priority most businesses and other organizations need to have it’s a strategy on how they are going to go about securing their network, infrastructure, and data from the numerous threats they face. Let’s take a look at three of the most crucial issues surrounding organizational cybersecurity as we head into the new year.

Smart devices and Internet-of-Things devices in general have taken the world by storm, and a home without at least a handful of smart devices is quite rare to find these days. However, smart devices—or devices that connect to the Internet to perform various functions—must be approached with a certain level of caution.

A disgruntled former employee is nothing new. However, in today’s digital work environment, an unhappy employee with unfettered access to your critical data is something to be concerned about. While it is essential to protect against cybercriminals, it also pays to be mindful of the threat in your own office.

Many threats immediately make themselves known on your device the second they install themselves, like ransomware and other types of malware. Others, like this newly discovered threat called MosaicLoader, discreetly install themselves in the background of your device and cause problems behind the scenes. 

It’s no surprise that many security breaches are due to weak passwords and poor team training. What may be a surprise is that when multi-factor authentication was implemented, cybersecurity breaches were blocked by more than 90%. However, bad actors are constantly evolving and have found a way to break through one of the most popular types of multi-factor authentication that uses text messaging. Here’s how.

Did you know that the United States is the leader in ransomware payments? According to a survey from Mimecast titled “The State of Ransomware Readiness,” the U.S. has the highest average payment for ransomware out of the entire world at more than $6 million per victim. These shocking numbers likely stem from high-profile ransomware attacks, but they are also indicative of a larger problem, that being people who still pay the ransom.

While cybersecurity is far from the most exciting thing a business can invest in, it’s certainly one of the most important parts of running any successful venture. Without cybersecurity, the endless number of threats on the Internet could infiltrate your network and create problems for your company.

Artificial intelligence, commonly known as AI, is used in several different ways in various industries, but one of the most impactful has been with cybersecurity and its automation. On the other hand, however, are the hackers who use AI in ways that fly in the face of the efforts of these cybersecurity professionals and use AI for cybercrime. What are some ways that AI is used in cybercrime, and why is it so scary for businesses to handle?

Small businesses often struggle with technology, primarily because they either lack strong IT leadership or they lack the resources to ensure IT maintenance and management happens without a hitch. There are several mistakes that a small business can make when it comes to technology management. Here are four of the biggest and most common that you absolutely cannot afford to make.

It’s not unheard of for some threats to remain undiscovered for months or even years, as is the case with a particularly nasty one in the Microsoft Azure database system. This exploit, discovered by cloud security provider Wiz, is built into Cosmos DB, Microsoft Azure’s managed database service. Let’s take a look at the exploit and see what we can learn from it.

What happens when your company configures something on its infrastructure incorrectly? It turns out, according to a recent data leak, that a lot can go wrong, especially in regards to cybersecurity and the privacy of sensitive records. The affected software was not an unknown third-party application, but was actually Microsoft! How did one of the world’s largest software developers put out software that potentially exposed millions of records? Let’s dig into the details.

We’ve spoken in the past about security issues surrounding credit cards, but considering the many advancements and adaptations that have been made to the way businesses can accept payments, it seemed to be a good time to revisit this matter.

Let’s review some of the changes that have been made in the time since, as well as the ways that you can keep your payment cards more secure.

Another ransomware threat is out and about, this time targeting unpatched and end-of-life products in SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. To make things worse, the threat is currently being used, so businesses utilizing these devices must take action now to limit how much damage this ransomware can do.

To say someone is adept at a task is to say that they are a professional, or someone with a considerable amount of knowledge that contributes to their ability to complete a particular task. In cybersecurity, this is extremely important, as the entire concept of cybersecurity is complex by nature. Your business too can improve its cybersecurity practices and shift focus to a more mindful approach to network security.

Security can be tough for small businesses to optimize, but that does not make it any less important. One such way that security can work against you is actually your employees’ predispositions toward it; the cognitive biases that your employees have regarding security can put your company at risk, even if that is the last thing on their minds.

Ransomware, ransomware, ransomware. Every day the news reports of a company, a hospital, or even a city getting hit with a cyberattack. It is to the point where it is becoming “background noise”. Unfortunately, many business owners have reached the point where they have begun to tune out the warnings and are lowering their defenses, exposing themselves to risk. Here are 5 misconceptions local businesses have regarding ransomware.

Cybersecurity is one of those components to an IT strategy that is absolutely critical; you cannot ignore it in today’s age of ransomware and other high-profile hacks. In order to make sure that you are prepared to handle anything that comes your way, you must periodically test your security practices and assess how well your team can prepare for attacks. The question remains as to how often you should do this.

Data breaches have become all too common for small businesses over the past several years and when it seems like there is a solution to one problem, something even worse pops up. Part of a comprehensive risk management strategy is identifying problems and doing what you can to keep them from affecting your business. Let’s take a look at the major cybersecurity threats small businesses are facing in 2021 and what you can do to keep them from hurting your business.

Does your business depend on technology from different eras? Are you spending more time trouble-shooting compatibility issues than chasing leads? Managed IT can bring your tech together and keep your team focused on their jobs and not the IT.

Almost daily there is another data breach reported that exposes data for hundreds of thousands or millions of people. This is a troubling trend. One of the most troubling events happened recently as 700 million profiles from the social media network LinkedIn were found for sale on a popular hackers forum. What’s worse is that the company isn’t admitting that it had been breached recently. Let’s take a brief look at this situation and try to unpack what is going on with LinkedIn.

Few things are scarier for a modern business to consider than the idea that they will be hacked, regardless of that business’ size or industry. After all, hacking can, will, and does cause significant damage across basically all aspects of your organization. This is precisely why it is so important that—should a business be hacked—the proper steps are taken in response.

With so many companies having to deal with security problems coming in from the Internet, they may think that securing against an attack coming in from the outside is where all their attention should go. This can be an oversight that could have dire consequences for your business. This month, we tell you why you need a security strategy that protects your data and infrastructure from all manners of threats—inside or outside your network.

For all the attention that we (and many others) give to cybercrime, people are still falling victim to hacks and scams every day. With most businesses operating more in the digital sphere than ever before, it stands to reason that they need to do more to keep from being a victim of a data breach or worse. Here are six things your business should do to keep from being a victim of a cyberattack.

Over a quarter of all data breaches happen to small businesses. The cost of a data breach is really prohibitive to your business’ operational and financial health. To keep your business’ data and infrastructure free of threats and relatively secure, small businesses will need a combination of useful technology tools and well-designed strategies. Let’s take a look at several steps your small business can take to secure itself from digital theft.

Over the past year, entrepreneurs have focused on how to do business during the global COVID-19 pandemic. The public health crisis has been an opportunity for fraudsters and hackers, and the result has been an increase in losses (compared to the second-worst period on record) by over 50 percent. Let’s consider the situation, and how it is—unfortunately—getting worse.

Many businesses believe that if they only had the right security tool, they would be secure from cyberattacks. What they don’t realize is that even the best IT security software and hardware can immediately fall apart if your staff isn’t trained to understand certain security risks. Take a moment to discover how to turn your team into a valuable security resource, and prevent them from being a security liability.

Over a quarter of all data breaches happen to small businesses. The cost of a data breach, well, it sure isn’t worth it. To keep your business’ data and infrastructure free of threats and relatively secure, small businesses will need a combination of useful technology tools and well-designed strategies. Let’s take a look at several steps your small business can take to secure itself from digital theft.

With the given pandemic, a lot of people have had a bit more time on their hands, so it makes sense that many are turning to streaming services and the like for their entertainment. Unfortunately, this has not gone unnoticed by cybercriminals.

Let’s take a few moments and examine the practice of credential stuffing.

COVID-19 has changed the way that most business owners look at a dollar. For months, businesses have been making strategic budget cuts to try to stay afloat. Cybersecurity has been the ultimate growth industry over the past several years, but in the face of the pandemic, the market for these products and services is seeing substantial retraction. In fact, Gartner estimates that in 2020, the cybersecurity industry will shrink by almost $7 billion. Today, we’ll take a look at the cybersecurity market and why it is important not to slow your cybersecurity spending if you can help it.

There are many different varieties of cybercrime that businesses need to be vigilant about. However, most of these varieties can largely be avoided through a few basic practices and behaviors. Here, we’re giving you a few tips to help you prevent attacks from successfully influencing your business, so make sure you share them with your entire team, as well.

We talk about cybersecurity a lot. We talk about protecting your data from the illusive threat that hackers and cybercriminals bring. We don’t often talk about the more obvious type of security - preventing the physical theft of your data. I think it’s time.

Is your business equipped with the necessary tooling to adopt remote working strategies? Remote workers have an incredible amount of benefits to contribute to your business’ operations. Remote work is not possible without a well-thought-out strategy. Today, we’ll review what your business needs in order to capitalize on remote workers. 

The modern business has to deal with a lot of potential security problems. Today’s threat landscape is filled with people looking to prosper off of your misfortune. As a result, doing what you can to maintain the security of your network and data is essential. Today, we will discuss how maintaining your organizational cybersecurity doesn’t have to be costly or time consuming.The best way we’ve found to go about doing this is by highlighting a few key actions that you can take to keep your network secure and your data safe.

Organizational cybersecurity has to be a priority for every business. These days, companies are getting hacked left and right and being exposed to some of the very worst malware ever created. Today, we will take a look at some cybercrime statistics that will put in perspective just how damaging cybercrime is.

Cybersecurity should always be a priority for a business, and cyber criminals are always evolving their tactics. As a result, it pays to keep an eye on the horizon for the next looming threats. Here, we’re reviewing a few threats that cybersecurity professionals say that businesses should be concerned about in the near future.

More than any time before, cybersecurity has to be a major consideration for businesses. It is, in fact, one of the biggest problems the modern business has to face day-in and day-out. Shortage in cybersecurity talent and antiquated strategies are making it difficult for businesses to find the knowledgeable resources that will help them work to secure their network and data from threats to the business.  

Automation is sometimes misconceived as a troublesome or unreliable addition to business. It’s not about replacing people with machines, it’s about getting more done with the people you have. Having an attitude that doubts technology and believes nothing can replace human processing can quickly put you at a disadvantage compared to your competitors.

It’s fair to say that most business owners aren’t cybersecurity experts. That’s why there is such a large investment in cybersecurity solutions. That outlay is justified, sure, but is it effective? Today, we’ll talk a little bit about network and cybersecurity, and how all the capital investment in the world may not actually keep your network secure. 

Cybersecurity is a big point of emphasis for the modern IT administrator. For the private business, it’s important for enough to be done in order to secure the business’ assets, and the integrity of the network itself. Unfortunately, when looking at public computing resources, there isn’t enough talent available to properly secure the systems that government entities rely on. 

If you’ve spent any time using a computer, you probably know what a URL is. It is the address of a website. It typically starts with “http//:” or “https://” and directs the Internet browser on where the user would like to surf. Nowadays a threat could be created by manipulating the URL. Today, we’ll take you through this threat. 

Controlling your organization’s data relies on keeping your network and computing infrastructure free from threats. Early detection allows your business to actively confront risks before they develop into major issues. However, threats are becoming more difficult to detect in early stages, and one hidden threat could doom your entire business. 

You’ve heard it over and over for the past several years: data loss is a disaster. A data breach can ruin your business. Ransomware is a business’ biggest enemy. Your reputation can never recover after a data breach. These statements may be redundant, but if you don’t heed the message behind them, you will likely regret it. 

Avoiding risk is important for every business, unless your business is as a daredevil, then mitigating risk will have to do. Nowadays, with technology being an omnipresent element in most businesses, technology-based risks have grown in concert. As a result, the modern business owner and IT administrators need to understand the new risks and how to proactively work toward avoiding (or mitigating) them.

While you are probably spending a fair amount of time thinking about your business’ security, can you confidently say the same about those that you’ve employed? Unfortunately, your workers may not put much thought into network security. This could very possibly lead to some severe issues potentially harming your business operations.

If you run a small business in Oneonta, you might assume that you don’t need to worry about the threat of a cyberattack. Unfortunately, that’s not the case.

Phishing attacks have been in the social consciousness now for a while, and for good reason: it is the predominant way that hackers gain access to secured networks and data. Unfortunately, awareness to an issue doesn’t always result in positive outcomes. In this case, hackers get more aggressive, and by blanketing everyone under a seemingly limitless phishing net, 57 billion phishing emails go out every year. If a fraction of those emails accomplish their intended goal, the hackers on the other end of them really make out.

Cybersecurity is a critical part of managing any business. This is especially true nowadays when there are countless individuals and organizations formed specifically to steal credentials and sensitive information from your organization. Today we will be dedicating some time to how your business can reinforce proper cybersecurity practices.

It’s difficult to know what you can and can’t trust in the realm of cybersecurity. However, you’re likely to trust your own security solution. Yet, even this could be a devastating oversight, as some malware masquerades as your security software.

The Internet of Things is all around us, in our homes, our offices, and even our cars. While this connectivity can provide a more unified and automated approach to daily tasks, it has the downside of enabling certain security threats to go unfettered. A prime example are the IoT-driven botnets that seem to be increasing in popularity.

In February of 2016, President Barack Obama passed a Cybersecurity National Action Plan. The plan implemented near-term actions and developed a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, and maintain public safety. Taking action against cybersecurity now will assist with ensuring economic and national security, as well as empowering Americans to take better control of their digital security.

In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal identity theft and prevention, it’s important to keep in mind that not all the stolen data records target individuals. Business entities are also at risk. Vendors and partners that you do business with regularly will probably have record of your company’s non-public information, payment information, or tax ID number.

This Christmas, technology is everywhere. Traditionally, the holidays were a time when things slowed down for businesses and people spent time with their families and put their work on the back burner. Those days are over. Today’s professional is lucky to get a day off for Christmas; and, because of the way business works today, may be asked to do more than ever around the holidays.

Security is a part of business that is constantly changing and evolving. What worked ten years, five years, or even two years ago may not be relevant in today’s security environment. What are some of the major changes that your company can expect to see in the coming years? We’ll walk you through some of the ways that security will be changing in the foreseeable future, and what you can do about it.

Star Wars is a cultural phenomenon. For the past 40+ years audiences from all around the world have become enthralled with the characters, the story, and the technology that existed a long time ago in a galaxy far, far away. Who knew that it was also a wonderful lesson in modern IT security? For today’s blog, we look at three situations that happened in Star Wars: A New Hope; and, how, if proper IT strategies were put in place, the Empire would have been able to protect its greatest asset.

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and use of organizational computer networks with multiple endpoints, understanding the basics of network security is helpful when implementing and employing network security systems. Today, we take a look at the parts of your network, their functions, and what you need to do to protect them.

It’s easy to dismiss network security if you run a small business that seemingly isn’t a target of malicious attacks. Unfortunately, this dismissive attitude can put your organization at risk, as even a simple security issue could be enough to expose your company to dangerous entities. In fact, we would call it foolish not to secure your organization; and one of the most infamous security failings in history stems from this.

As technology has evolved, so have our capabilities of using it. While this has led to great improvements in how we can live our lives, it has also made it much easier for us to torment and harass one another. This is a huge problem, and growing, so it is important to know how to take a stand against it - both at home, and in the workplace.

Network security is a crucial consideration for every single business, especially ones that utilize the Internet. There were a lot of negatives and some positives that came out of 2017 in regards to cybersecurity. Below we have listed some of the most troubling cybersecurity statistics collected in 2017, and we’ve followed it up with suggestions on how to keep your business safe in 2018.

Security is an aspect of running a business that absolutely cannot be ignored, regardless of whether or not you see it as a considerable issue in the near future. The fact remains that your organization will always be at risk unless you take actions to keep it safe today. By taking advantage of some of the latest and greatest security tools on the market, you’ll be able to protect not only from the basic threats, but more advanced ones as well.

After a year like 2016, it should come as no surprise that 2017 has been a year of significant cyber threats. Looking back on the events of the year so far may help us to anticipate what kind of threats we can anticipate in the second half of 2017.