0 Comment
The CDK Global Data Breach
A Worldwide Wake-Up Call Last week, automotive software-as-a-service (SaaS) provider CDK Global reported a Data Breach that has had ongoing catastrophic effects on the company, its customers, and consumers. While the event has devastated the dealerships, the story is a worldwide wake-up call for all. What happened? What are the effects? What can affected companies […]
0 Comment
Secure by Design
TraitWare Signs the Secure by Design Pledge, Joining in CISA’s Quest for Strong Security for All. In April 2023, CISA launched the Secure by Design initiative with the participation of other national and international organizations. This attempts to shift the responsibility of security from the consumer to the technology manufacturer. As part of their ongoing […]
0 Comment
Enterprise Cybersecurity: Practice vs. Risk
Are We Getting It Wrong? Due to the rising severity and frequency of cyber-attacks, Enterprise spending on cybersecurity is also rising worldwide. But debate is heating around which security methods we should employ. Where are organizations focusing their efforts, and where is the most risk? According to experts, companies may not be getting their priorities […]
0 Comment
SHOULD GOVERNMENTS REQUIRE STRONGER CYBERSECURITY FOR COMPANIES?
Rising cyber threats and incidents of cyber-attack across the globe have many calling for federal intervention to protect our digital valuables. What’s Happening … In recent news, the United Health Group (UHG) paid a $22 million ransom to the BlackCat ransomware gang for a late February cyber-attack on subsidiary Change Healthcare. The attack, which was […]
0 Comment
Privileged Identity Account Takeover – Risks and Solutions
OFFER ISRAELI GVP & GM, Identity Threat Defense, Proofpoint recently wrote: “Attackers are increasingly focused on privileged identity account takeover (ATO) attacks because they can compromise organizations much more easily and quickly this way, as compared to the time, effort, and cost to exploit a software vulnerability (a common vulnerability and exposure or CVE). And […]
0 Comment
Cyberattack: Where the Blame Goes. And Where Kudos Belong
There have been so many articles and posts about the recent Securities Exchange Commission (SEC) lawsuit against SolarWinds and their #ciso – and plenty written about recent breaches via the Okta platform. So much has been said about how attackers used social engineering to lure users to give up information or reset accounts. … Still, I feel like […]
0 Comment
What has happened in cybersecurity since Biden called in 2021?
Two years ago (August 25th, 2021) business leaders – including some of Silicon Valley’s biggest Tech players, water and energy companies, banking and insurance firms, and academic institutions – were summoned to the White House to discuss one of the world’s most pressing concerns: Cybersecurity. The meeting came in the wake of several cyber-attacks – […]
0 Comment
7 Reasons you should NOT use Free Authenticator Apps for Security
And why you should use Strong MFA instead Despite the call from world leaders for strong Multi-Factor Authentication (MFA) to protect individuals and organizations against cyber-attack, the vast majority just isn’t up to snuff when it comes to security. Most of us know that security starts with Identity and Authentication – ensuring that users Are […]
1 Comment
What is the FTC Safeguards Rule? And Will it Affect You?
What is the FTC Safeguards Rule? In 1999, The Federal Trade Commission (FTC) initiated The FTC Gramm-Leach-Biley Act’s (GLBA) Safeguards Rule in an effort to safeguard consumers and protect personal information from getting into the wrong hands. FTC Summary: “The Safeguards Rule requires financial institutions under FTC jurisdiction to have measures in place to keep customer […]
0 Comment
Norton LifeLock and LastPass Breaches Raise Doubt about the Security of Password Managers
But are the Wrong Questions Being Asked? Recent news of cyber-attacks on two major security companies has many asking, “Are password managers secure enough to protect our data?” But perhaps there’s a more important question that needs to be addressed. This week, news came of a cyber-attack on Norton LifeLock. Several thousand customers were reportedly […]
0 Comment
Why MSPs are at Risk of Attack
And How MSPs Can Reduce Risk In a joint advisory issued this May, several International government agencies — the Cybersecurity and Infrastructure Security Agency (CISA), the UK’s National Cyber Security Centre (NCSC-UK), the Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), US National Security […]
0 Comment
Phight the Phish with Phishing-Resistant MFA
This is something worth thinking about as cybercrime continues to grow and evolve, and as companies are looking to protect themselves and company valuables from costly attack. Cybercriminals are getting craftier with their methods. Take recent news of a Phishing attack targeting Microsoft 365 email accounts. This large-scale campaign used a relatively new method called AiTM or Adversary […]