Small businesses have a lot to worry about in terms of technology, but one of the things that often gets overlooked is network security. Some small businesses feel that they are too small to be considered a viable target for hackers, but they are wrong; all businesses have data valuable for hackers in some form.
When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.
Simple passwords are just not an effective security practice, so if you’re still using credentials like Password, 123456, Guest, or Qwerty, listen up. You need better password hygiene practices before you suffer from a data breach. Here are some ways you can make a better password to protect your business from threats.
For a long time, businesses that didn’t have any cybersecurity problems would never consider investing in additional cybersecurity tools. The decision-makers of these companies simply didn’t find it necessary; and many of them had a point (until they didn’t). Today’s threat landscape is much, much more complex than it was only a few short years ago and therefore businesses need to make a point to set up the security tools that will help them secure their network and infrastructure from threats. Let’s take a look at some strategies that work to help modern businesses secure their digital resources:
Unfortunately, the number of cyberattacks is consistently growing and many of those attacks target business end users. This means that any account that requires a password for access could conceivably be compromised should attackers gain access to its credentials. At Directive, we promote the use of multi-factor authentication (also known as two-factor authentication or 2FA) to mitigate some of the risk inherent with the use of password-based accounts in business.
Today’s businesses need to be prepared for threats of all kinds…that’s unfortunately just fact. Modern cyberattacks are not only getting more effective, they’re also able to be a lot less discerning about who they target. This creates exponentially more risk for businesses of all sizes. Let’s go over how you can develop a cybersecurity strategy that helps temper this risk a bit.
Has your business been targeted by hackers? Do you even know? Let’s face it, small businesses don’t typically worry all that much about cybersecurity. To many small business owners, they might see it as a luxury for their perceived risk. Unfortunately, the reality of the situation is that hackers and scammers are targeting small businesses more regularly than they have in the past and without some kind of dedicated cybersecurity strategy, there could be a good chance that your business could run into some problems because of it.
Nobody wants to spend their weekend doing paperwork. Nobody wants to spend several evenings in a row sitting over a laptop and slowly digging through every online account they have, resetting every password and carefully documenting everything in a secure password manager. I know this better than anyone, because I forced myself to do it.
Here’s the thing though, EVERYBODY should do it. As soon as possible.
Simple passwords are often the bane of a business’ existence. If you routinely use strings like Password, 123456, Guest, or Qwerty to secure an account, then you need to reexamine your password practices before they lead to a data breach. A good password can go a long way toward helping you in this effort.
iPhone users should be aware that, should you encounter a pop-up that reads “Your Apple iPhone is severely damaged”, you don’t need to be concerned—beyond the concern you’d have for any other threat, that is. This pop-up is just a recent iteration of a common phishing scam that aims to fool people into downloading apps that enable hackers to access personal information.
One of the big advantages that Mac computers have had over the traditional PC is that they “don’t get viruses,” but how true is this claim, really? Research conducted by Elastic Security Labs proves that this is certainly not the case, discrediting the prior claims of ads arguing the former.
We get it—nobody likes to think about the prospect of being impacted by a cybersecurity incident, but it’s like any other unpleasant event in that it is best to prepare for it. In fact, today’s businesses can invest in a cyber insurance policy to help prepare for such an eventuality.
Let’s go over some of the ins and outs of cyber insurance so that you are prepared to make the best choice of provider for your business.
While security researchers do their best to find security vulnerabilities in software and systems before they are actively exploited by attackers, they can’t be successful all the time. There are too many threats and too many variables to consider, and zero-day exploits are often discovered well after they are actively being exploited by threats. How can you keep zero-day exploits from impacting your business?
There is a scam going around that convinces organizations to pay for their Google Business Profile, and if you paid for this free service, you’ve fallen for the trick. Google is taking legal action against the scammers who have dragged their name through the mud, using Google’s notoriety to defraud businesses who just want to look competitive.
With so many threats out in the world, it’s no surprise that some of them target undiscovered vulnerabilities. These types of threats use what are called zero-day exploits to make attempts at your sensitive data and technology infrastructure. What is it about zero-day exploits that you must keep in mind during your day-to-day operations and in planning for the future?
It’s the holiday season, and you know what that means: lots of gift-giving and online shopping. Regardless of what you and your family celebrate this holiday season, you should be prepared to handle the influx of phishing attacks which always surface around this time every year, including both the usual methods and the more sophisticated ones.
Let me ask you a question: how much did you pay Google for your Business Profile? Unfortunately, if the answer was anything other than “nothing,” you’ve been scammed. Google has actually announced that they are taking legal action against scammers who impersonated the company in order to defraud small businesses.
For millions of people, the rubber ducky is a benign reminder of childhood. Depending on when you were a child, the rendition of Sesame Street’s Ernie singing “Rubber Duckie, you’re the one,” is ingrained in your mind every time you hear the term. Unfortunately, the Rubber Ducky we are going to tell you about today has only fond recollection for people who are looking to breach networks they aren’t authorized to access or deliver malware payloads that are designed to cause havoc.
Passwordless authentication has been increasingly spoken of in favor of the typical password-based method, and is gaining traction the more it is talked about. Google recently took steps toward passwordless that we felt warranted some discussion.
It’s easy to get so caught up in what you are doing that you let your guard down. What if there were just one small change you could make in your life that would immediately reduce the chances of falling victim to a phishing attack?
With no unifying federal law that aims to protect data security, individual states—including our home state of New York—have had to take it upon themselves to create such privacy laws.
Here in the Empire State, that law is the SHIELD Act.
If you are going to take away any information about cybersecurity, these four facts are the most important. More importantly, taking them seriously will likely help you and your business stay out of serious danger, avoid data loss, and prevent massive unexpected loss in revenue.
We aren’t going to try and pretend that the investments necessary to preserve your business’ data security are small ones. Especially at first glance, you may very well start to question if such an investment is truly necessary.
The simple fact of the matter is that, compared to the costs that a breach of privacy will incur, the investment you put into your security measures will suddenly seem like a real bargain.
When it comes to your business’ cybersecurity, it can be too tempting to operate under the assumption that the few cybersecurity events you hear about on the news are all that happen. Unfortunately, this is far from actual fact. Let’s review some of the statistics that might change your impressions, especially if you hold the aforementioned assumption.
How Many of These Devices are in Your Office?
The more complex your technology is, the more secure you need to be. If it connects to the Internet, it needs to be hardened to prevent unauthorized access. Virtually any device can be an entrypoint for a cybercriminal or malicious software, but if you have any of these devices in your office, you need to take serious precautions when it comes to your security.
Sometimes the worst scams out there are the simplest ones. Hackers don’t need a fancy or complicated malware or algorithm to create chaos for your organization; all they have to do is convince you that the email you’ve received in your inbox is from someone of authority within your business. Let’s go over how a business email compromise is pulled off and why you need to be wary of threats like these.
Ransomware is one of the more dangerous threats out there today, and since it is so prominent and dangerous, it is a popular choice amongst hackers. To combat this threat, a community has formed around the cause, encouraging users to not pay the ransom by providing free malware removal tools for the most popular ransomware threats.
What do you do if you have forgotten your wireless router’s password? You could restore the router back to its default settings, of course, but what if you have, like a dummy, never changed the router’s password in the first place? This Internet password repository could be your saving grace.
Not long ago, we shared some information about the New York SHIELD Act—Stop Hacks and Improve Electronic Data Security—and what it has changed in terms of business cybersecurity preparedness across the board. This time, we wanted to discuss all that we’ll do to ensure that your business remains compliant with this relatively new law.
No matter how well you protect your network, chances are you’ll suffer from some vulnerability or another. That said, you can take considerable measures toward protecting your business so you don’t have to worry so much about them. Let’s discuss how your efforts today can protect your business now and in the future.
If you watch technology news, you might notice that there is one day out of every month that gets a lot of attention from the technology sector, and that day is what is called Patch Tuesday. This is the day each month when Microsoft issues all of their patches and security updates, and it’s important to know when this day falls each month—at least, for your IT team it is.
Due to the almost faceless nature of many cybercrime acts, it can be easy to see them as nothing more than the acts themselves, which is of course not true in the slightest. Behind these attacks are people, and where people performing illegal acts are concerned, there will always be concerns about other criminal acts which perpetuate the ones at the surface.
We’re not shy about sharing how important it is for a business to have comprehensive cybersecurity throughout its entire infrastructure. That’s why we wanted to share what some recent data has shown about the importance of having visibility into your infrastructure.
Spoiler alert: it’s really, really important.
At first glance, cybersecurity might seem incredibly complicated and difficult to understand, but even a baseline understanding of some of the principles of cybersecurity can go a long way toward protecting your business. Let’s discuss some of the common-sense ways you can keep your business secure, even if you don’t have an internal IT department to ask for help from.
Even if mobile malware doesn’t have nearly as much of a presence in the cyber threat landscape as other major threats like ransomware variants, it is still just as dangerous under the right circumstances. An Android banking malware called Sova, for example, has returned with a vengeance with additional features to make users’ lives miserable.
How often do you get emails from individuals claiming to be working with a business who wants to do business with yours or sell you a product, completely unsolicited and even perhaps a bit suspicious? These types of messages can often land small businesses in hot water, as it only takes one phishing email landing in the wrong inbox at the wrong time to put your business in jeopardy.
This past year saw a dangerous 86% increase in the most dangerous types of malware out there, so we want to ask you an important question: are you ready to protect your business from the different types of threats you might encounter? We know a technology solution that might help this mission along, and we want to share it with you today: artificial intelligence.
Mobile devices have become a key part of our daily lives, to the point that many of us openly feel undressed without our phones. As a result, our phones go everywhere with us. However, it’s important to remember that some applications have requested access to our location information. Do all of these apps need to know precisely where we are?
User authentication is a critical security feature for a business, specifically because it helps to minimize a significant threat to your business. This is why we’re so adamant that you should require multi-factor authentication wherever it is available… but is a better way to authenticate your users on the horizon?
We keep hearing about major ransomware attacks and data breaches, but it never feels good when something is hit close to home. Unfortunately, that’s the case as a recent cyberattack hit a New York medical billing company that impacted more than 942,000 people and 26 healthcare organizations.
It’s easy to use the terms “patches” and “updates” as if they mean the same thing, and they are often used interchangeably within the same context. However, understanding the difference between the two can make a world of difference in terms of how you approach implementing each of them. We’re here to clear things up a bit and help you better understand the patches and updates you deploy on a month-to-month basis.
Okay, let’s say you’ve been infected by a ransomware attack, and (against our advice) you’ve elected to pay the ransom. That’s the biggest cost that comes with it, right?
Unfortunately, wrong. A ransomware attack comes with a lot more financial impact than just the payment the attacker demands. Let’s go over some of these other costs that can actually outpace that of the ransom.
There is always the possibility that you have been involved with a data breach and you simply have not been contacted by the affected party. Plus, if a hacker has managed to crack a website or service without being detected, you wouldn’t be notified in any case, either. Ask yourself this question: if I were to be involved with a data breach, how would I know it, and what can I do about it? And what is my data being used for anyway?
In today’s business, sharing files is easy and something many workers take for granted. Unfortunately, not all file-sharing methods are secure. When efficiency is prioritized over security, it can often lead to extremely troublesome situations. For this week’s tip, we thought we’d go through a half dozen practices you can take to ensure your files get to where you need them to get safely and securely.
Technology has come a long way, but so too have the threats which leverage it to their advantage. How have the cyberthreats which target your organization evolved over time, and what can you do to protect yourself?
Let’s begin by making one thing abundantly clear—all businesses and industries could potentially be targeted by ransomware, regardless of their size or target audience. However, as of late, some industries have been targeted more and more. Let’s examine some of the commonly targeted industries that ransomware is frequently waged against.
How quickly do you think it takes for a hacker to react to the disclosure of bugs and vulnerabilities? According to industry experts, the time for security professionals to react to zero-day threats and vulnerabilities might be decreasing. Is your organization prepared to act when important vulnerabilities like these are disclosed?
Your business is your livelihood, so it only makes sense to invest in its protections so that your livelihood is secure. This will require a strategic approach. Let’s go over what your business needs to remain sufficiently secure, and what you should look for from each to get the best, most secure option.
Chances are pretty good that, by this point, you’ve heard of burnout—maybe you’ve even suffered from it before yourself—but, just in case you’re a remarkably lucky human being, it’s the phenomenon where your employees become disengaged to the point where their performance suffers. While this isn’t good in any facet of your business, it can be especially damaging in terms of your security.
Passwords are just one part of a comprehensive security strategy, but they are a crucial one. You must make sure that you are investing adequate time and effort into making sure your passwords are secure. This is easier said than done, but by the end of today’s short blog article, you’ll have all the information you need to craft excellent passwords for your accounts.
“Wait, I didn’t buy that!”
That’s what many smartphone users have been saying lately, as a prevalent strain of malware has been infecting Android devices. The malware is called “toll fraud malware” and it’s been signing users up to services they don’t want.
Let’s get right to brass tacks. Your business is likely vulnerable to cybersecurity attacks. There are a whole lot of things you should be doing to protect your organization, but this one task is something you can do right now to save your business a lot of stress if something were to take down your network and cause a major disruption.
Have you ever wondered how some platforms will only have you log in once for all of your various needs, even though they might be different applications, websites, or services? This is essentially what single sign-on is, and it’s quite common in the technology world today. What is single sign-on exactly, and what kind of security does it actually provide for organizations that use it?
Insurance is a great asset, should you ever need it… including where your business technology is concerned. If you weren’t aware, there is a form of insurance—cyber insurance—that you can purchase in case your business suffers from a data breach.
Is this additional form of insurance worth the investment? Absolutely.
Your network security is of the utmost importance to your business for numerous, hopefully obvious reasons. However, there are a few errors that are easy enough to make that could easily be the proverbial monkey wrench in the works. Let’s go over what these network security faux pas look like, so you can resolve them more effectively (and don’t worry, we’ll discuss that, too).
When we think about cybersecurity, we usually think about protecting our computers from viruses, right?
I’d imagine a few of our older readers remember a time when you would go to the store and buy antivirus software that came in a big brightly-colored box with a CD in it each year.
As you probably already know, things aren’t as simple anymore.
Cloudflare has foiled the plans of yet another major hacking attack, a record-breaking DDoS attack of the likes we have never before seen. Let’s examine what goes into such an attack and what you can do to keep your business safe from their influence.
Considering what today’s cyberthreat environment looks like, more and more rigorous cybersecurity is strictly needed. One means that businesses have to accomplish this is a cybersecurity practice known as a zero-trust model.
Let’s go over what zero-trust entails, and how to put it in place.
Anyone who has a mailbox or an email knows all about junk mail. We all receive Publisher’s Clearing House entries, calls about your car’s extended warranty, promotions for items and events that you swore that you discontinued by typing “STOP”, and just needless spam that you waste your time going through and deleting. We receive unsolicited messages every single day.
Mobile devices demand a special type of attention in order to ensure security. You want to ensure that your devices are protected as well as possible, but you also need to ensure that this does not come at the expense of your employees’ productivity or efficiency. We’ve put together a list of common security issues you might encounter when securing your mobile devices, as well as a couple of practices you can implement to work toward an adequate level of cybersecurity for your mobile infrastructure.
Businesses today have to deal with more potential problems than in any time in history. They are dealing with cost increases at every turn, personnel shortages, and a regulatory landscape that is always evolving. One of the biggest issues that can have a negative effect on a business is not having the processes and resources in place and working to secure its data and network. Today, we will look at five suggestions that can work to help your business keep its network and data more secure.
We talk a lot about preventing threats from seeping into your company, and hoo boy, there are a lot of them. From ransomware to zero-day exploits to targeted social media attacks, there are a lot of threats out there that business owners need to be aware of. We’re not going to talk about any of those today.
Why? Because you, as the business owner, are likely a threat to your own business.
Here at Directive, we’re big fans of the Keeper password management tool—so much so, that we’re sharing how you can use it to manage and clean up your personal passwords. We’ll start by telling you how to set it up and get started.
Security is an incredibly important part of running a business, but it’s extremely easy for busy employees to fall short of the security expectations you might place on them. This is why it is so important to train your employees on the many facets of cybersecurity. By training them, you are preparing them to tackle the plethora of challenges they will encounter throughout the workday.
We understand that cybersecurity can be difficult to think about at times because of the terminology thrown around by industry professionals, but we want to do our part to help clear up some of the confusion. Today, we’re going to discuss the difference between vulnerabilities and exploits, as well as how your organization can do everything it can to ensure that both are minimized on your company network.
Despite hearing about a constant stream of cyberattacks over the past few years—most of which cause millions of dollars of damage to businesses—it might still be difficult for you to justify spending a lot of money on your business’ cybersecurity plans. There is a finite amount of capital to go around and many times CIOs and network administrators will be rebuffed by management when asking for money to spend on cybersecurity. Today, we thought we’d discuss three ways that you can spend on cybersecurity initiatives and not feel like you are throwing your money down the drain.
A quality surveillance system can help you keep an eye on your business when you aren’t there—a critical responsibility that warrants some serious deliberation if it is to be approached. With so many considerations to make, it is important to make sure that you are balancing your needs with the systems available to you.
How many security solutions does your organization have implemented at any given time? Traditionally, businesses have implemented what we call “point solutions,” which are software tools designed to address a specific part of your security infrastructure. While this approach is certainly better than not having security at all, it presents several problems that must also be addressed in order to most effectively protect your organization.
Unfortunately, cybersecurity is a lot easier to reinforce in the office than it is when your team members are working remotely—and even then, it can be a serious challenge to maintain. However, let’s focus on the remote worker’s situation for a few moments and review a few best practices that can help a remote worker stay secure.
Phishing attacks can be scary to deal with, especially since it is not unheard of for staff members to not even know they are looking at one. To make sure your staff can identify and respond to phishing attacks in an appropriate way, we’ve put together this short guide to help you along the way.
With many people continuing to work remotely to some extent, it would be irresponsible not to acknowledge that remote work can introduce a level of risk to an organization’s cybersecurity. This makes it all the more important that this security is locked down. Let’s discuss the concept behind zero-trust security, and why it is becoming the benchmark that organizations of all sizes should meet.
While we—for reasons that should be obvious—tend to focus our attention on preventing and avoiding cybersecurity breaches, it is important that we address how your business responds to a successful breach attempt. Let’s go over how to create a data breach response plan.
Your company’s email is one of its most important pieces of technology, and since that is true for nearly every business, it is unfortunately one of the most utilized attack vectors used by cybercriminals. Most businesses don’t understand just how vulnerable they are if their email isn’t properly secured and do their best to keep their employees trained on how to spot potential scams.
When it comes to network security, businesses need all the advantages they can get, especially since cybersecurity as an industry is one which is rapidly adjusting and responding to an enormous amount of ever-changing threats. One way in which security researchers have attempted to subvert this security rat race is through artificial intelligence measures, a trend that promises to change the way businesses protect themselves more effectively.
While protecting the credit card data you collect from your customers and clients is obviously important, you likely also have a line of credit for your business’ use that you need to think about as well. Let’s turn our focus to that card for a moment and discuss some tips and best practices to keep this company resource safe.
For every level of business, cybersecurity is a big deal. For the enterprise, they deal with a lot of would-be attacks and need their staff to know how to respond if they are targeted. For the midsize business, the convergence of underwhelming IT support and a growing workforce can be the perfect storm. For the small business, a significant cyberattack could be the beginning of the end for their business. This is why, no matter what size your business is, you need to have a cybersecurity strategy in place that includes tools, monitoring, and protocol. This month, we have put together a list of considerations your business should note to keep your network and data safe.
With many businesses’ increased reliance on their information systems and other IT, they need to do everything they can to keep those systems up and running and secure. This not only includes rolling out security systems that support that goal, it also demands they take the action necessary to keep these systems secure. Let’s look at four things you need to do to keep your business’ IT as secure as possible.
Passwords have been a primary data security measure since 1960, when MIT researcher Fernando Corbató suggested the practice—although even he is reportedly slow to take full credit. Why? Well, if you ask Corbató (and his contemporaries, who were the first to implement passwords as we’d recognize them today), the security concerns were limited.
So, have we reached the point where it would be best to replace passwords as the default authentication measure?
With cybersecurity a priority for every business that depends on their IT, there are a lot of different strategies being utilized out there to keep threats off of networks and data safe. One of the most advanced strategies being used today is enlisting a service that runs a Security Operations Center (SOC). Today, we’ll investigate what a SOC is and how it works to keep threats at bay.
The cloud is far and away one of the most beneficial technologies that a modern business has at its disposal. Unfortunately, the same can be said for modern cybercriminals. The cloud has given cybercriminals new opportunities that are important to acknowledge—as well, of course, to protect your business against.
Ransomware is widely regarded as one of the worst modern cyberthreats out there today, and there's plenty of evidence to support this. These attacks and their aftereffects can devastate businesses of all industries. Let's consider why it is that ransomware is so dangerous, and what can be done to fight it.
How often do you find yourself stressing out about who has access to which data or internal resources on your company network? What about who has access to open the front door of your office or who has access to important physical resources within your building? Ensuring the security of your business’ assets is critical, and access control tools can help your company ensure that only authorized individuals have access to specific parts of your organization’s infrastructure, be it physical or digital.
Whether you’re referring to ransomware, phishing, data theft, spoofing, any of the many forms of cybercrime, it is something that all businesses need to prepare themselves for. While different business sizes will have differing scales to contend with, these kinds of preparations will involve the same basic principles. To help you best defend your company against cybercrime, here are a few tips based on those principles.
Gauging the effectiveness of your cybersecurity can be a bit of a daunting task, especially when asking if it could make a major difference in protecting your organization’s network infrastructure. If you want to track and measure your business’ cybersecurity preparedness, here are four steps to help you perform an evaluation.
Getting your staff to care about your organizational network and data security may be more difficult than you might think, but it’s not a lost cause. Today, keeping your business’ organizational security strong relies heavily on your staff’s willingness to follow the right practices, so today we thought we’d give you seven tips to get your people to care about security
In the business world, it can be difficult to know who to trust in regard to cybersecurity. In many cases, businesses are simply opting to not trust any device, friend or foe, when it comes to their data security. This type of zero-trust model is slowly becoming the norm, and it’s one that your organization might consider moving forward.
Cyberattacks can cost businesses a lot of money. They’re also more prevalent today than ever before. It seems you can’t go a couple of news cycles without hearing about some organization that has been hacked or scammed and it’s resulted in the sensitive data the organization holds being sold online, vast operational downtime, or worse. For this reason, many organizations have deliberately built up their cybersecurity infrastructure, enhanced their policies, and invested in training to ensure that they aren’t the next victim. Unfortunately, this attention doesn’t always work.
Hopefully, you’re aware of how important cybersecurity is today—if not, make sure you come back to our blog often for more information on that. The Internet, for all its benefits, can easily be the source of serious threats. With today’s youth growing more connected, these threats can easily target them… making it all the more important to start teaching cybersecurity awareness and best practices early.
Ransomware has been commonplace for years, with no sign of it going anywhere anytime soon. Let’s take a few moments to examine the state of ransomware right now, and review how to keep it from impacting your businesses.
More workplaces than ever before are utilizing the power of remote technology, but this also creates problems with security that must be addressed. How can you ensure that your organization isn’t putting itself at risk as a result of this general displacement of your workforce? Let’s discuss some action items you might choose to implement for your business.
Penetration testing is a topic that you might often hear and read about on the Internet, but you might not know exactly what it is without having it explained to you by a professional. Today, we want to clear up any misconceptions or ideas you might have about penetration testing and how it relates to your business’ network security, compliance, and regulatory requirements.
Cybersecurity is an important subject for a business’ entire team to appreciate, particularly when it comes to the minute differences between different terms. For instance, a layperson might hear “breach” and automatically think “security incident.” While this technically isn’t incorrect, per se, the two terms aren’t really synonymous.
Let’s take a few moments to dive into the minutiae and define these two terms more clearly.
Workforces have been increasingly distributed and many businesses aim to continue that strategy for the foreseeable future. There are a fair share of challenges that distributed employees have themselves, but for the business, it can be tough getting them to do the things that need to be done to secure the business. Here are a few actions that need to be taken if you want to make that happen.
Look, we are big fans of the cloud, especially for data storage, but you shouldn’t implement the cloud without a solid security strategy. Whether you are using it for your business’ data storage needs or just to take backups of your infrastructure, you’ll still need to keep various facets of security in mind for your cloud storage. It all starts with figuring out how secure your cloud provider really is.
As statistics for cybercrime surge, it’s important to remember that your organization must do all that it can to protect itself. There is, however, a C-suite position that almost exclusively focuses on this task: the chief information security officer, or CISO. Many enterprises have individuals dedicated to the sole task of securing their organization, but smaller businesses might find themselves lagging behind in this regard due to no fault of their own.
Smart devices are everywhere, with the Internet of Things (the blanket term for any device that connects to the Internet for added functionality) growing larger each day. While this is great for convenience (and in many cases, the "cool factor") it can have some chilling ramifications for cybersecurity.
With so many employees still working remotely, organizations have turned to technology to ensure that their workers are actually… you know, working. While the need to know what your employees are up to throughout the workday is important, there is now a discussion happening on whether or not this violates employees’ privacy.
The world is full of people who would try to take advantage of your organization and its employees—or, in less gratifying words, scammers. They will do everything they can to try to fool your company and make a quick buck doing so. How can you make sure that the countless messages and phone calls you receive on a daily basis aren’t crooks trying to scam you out of house and home? It all starts with a little awareness.
The cyberattack on SolarWinds was devastating for many reasons, and Microsoft has officially uncovered yet another type of malware used in the attack on the software provider. This time, it is a backdoor threat they have named FoggyWeb. What does this threat do and why is it so important to look at this incident even now?