Cyberlibility Insurance: Are You Covered?

Jennifer Noto Compliance, Security Leave a Comment

John Coupland, Executive Vice President at HUB International, was a major contributor to this blog post. With the increasing number of data breaches, ransomware, and cyber-attacks, many organizations have adopted cyberliability insurance to protect them in the event of an incident. The marketplace for cyber liability insurance policies is now very competitive, with offerings by many insurance companies. However, beware …

Phishing Attack Targets Office 365 Users

Jennifer Noto Security Leave a Comment

A new Office 365 phishing attack uses malicious links in SharePoint documents to harvest your login credentials. The attack was leveraged against 10% of Office 365 customers. How does this scam work? An Office 365 user receives an email with a link to a SharePoint document. The email is nearly identical to an invitation to collaborate with a SharePoint document. …

Spectre and Meltdown Update

Jennifer Noto Security Leave a Comment

The recent articles on CVE-2017-5715, 5753 and 5754, more recently known as Spectre and Meltdown, focus on flaws or vulnerabilities in a modern processor technique known as Speculative Execution and Branch Prediction. This impacts a wide range of devices including Windows PCs, Apple MacOS, iOS, Linux, Android phones, and tablets. Which systems are affected by Meltdown and Spectre? Desktop, laptop, …

Cybersecurity Checklist Part 8 – Improving Compliance in Your Organization

Jennifer Noto Security Leave a Comment

Part 1 – The Basics Part 2 – How do you Manage? Part 3 – Tracking Changes, Patching, and Endpoint Security Part 4 – Identifying and Classifying Data, Encryption Strategy, Backup and Disaster Recovery Part 5 – Securing Groups, Assigning Permissions, and Web Monitoring Part 6 – Protecting the Inside of Your Network Part 7 – Risk Management, Security, and …

Cybersecurity Checklist Part 7 – Risk Management, Security, and Metrics Reporting

Jennifer Noto Security Leave a Comment

Part 1 – The Basics Part 2 – How do you Manage? Part 3 – Tracking Changes, Patching, and Endpoint Security Part 4 – Identifying and Classifying Data, Encryption Strategy, Backup and Disaster Recovery Part 5 – Securing Groups, Assigning Permissions, and Web Monitoring Part 6 – Protecting the Inside of Your Network This week’s blog continues to focus on …

The Importance of Multi-Factor Authentication

Jennifer Noto Security Leave a Comment

As the number of data breaches increases, it’s important that users implement as many security controls as possible. Many organizations are moving to multi-factor authentication as an added security measure. What is multi-factor authentication? Multi-factor authentication (also known as two-factor authentication or two-step verification) is a computer access control in which users are granted access only after successfully providing several …

Cybersecurity Checklist Part 5 – Securing Groups, Assigning Permissions, and Web Monitoring

Jennifer Noto Security Leave a Comment

Part 1 – The Basics Part 2 – How do you Manage? Part 3 – Tracking Changes, Patching, and Endpoint Security Part 4 – Identifying and Classifying Data, Encryption Strategy, Backup and Disaster Recovery In this week’s blog, we focus on how you can designate access for groups and users within your networks. Network Segmentation – Network segmentation allows your …

Cybersecurity Checklist Part 4 – Identifying and Classifying Data, Encryption Strategy, Backup and Disaster Recovery

Jennifer Noto Security Leave a Comment

Part 1 – The Basics Part 2 – How do you Manage? Part 3 – Tracking Changes, Patching, and Endpoint Security Now that you have set up a management system, a process for tracking changes, and developed your endpoint security, it’s time to take a closer look at the data you have so you can best secure it. Identifying and …

Cybersecurity Checklist Part 3 – Tracking Changes, Patching, and Endpoint Security

Jennifer Noto Security Leave a Comment

Part 1 – The Basics Part 2 – How do you Manage? You’ve started to protect the perimeter of your environment with the basics of security and managing your assets and vendors. Now it’s time to track the changes that occur in your environment to mitigate risks and solve problems that may occur. Configuration Management – Configuration management involves the …