The Ins and Outs of Sandboxing Technology

August 29, 2018 · Mary Chavez · · Comments

It has long been a strategy to try to detect malware by monitoring suspicious behavior. However, the more sophisticated malware becomes, the harder it is to detect.  That’s where sandboxing can help: Sandboxing allows organizations to install and run malware in an enclosed environment – separated from the corporate to reduce the risk of infected […]

Read More

Guarding Against DDoS Attacks

August 29, 2018 · Mary Chavez · · Comments

Distributed Denial of Service (DDoS) attacks, during which multiple compromised systems target a single system, have been plaguing organizations for nearly 20 years. While the tactic is not new, attack techniques, desired targets and even the attacker profiles themselves continue to evolve rapidly and challenge security teams to keep websites, applications, servers and systems up […]

Read More

5 Signs Your Organization is Vulnerable to a Ransomware Attack

July 18, 2018 · Mary Chavez · · Comments

Data breaches are no longer only a problem for security professionals, but for organizations as a whole. According to last year’s Official Annual Cybercrime Report, cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Ransomware attacks, in particular, have many organizations playing security catch up due to […]

Read More

Is Your Security Operations Center Equipped to Handle the Growing Ransomware Threat?

July 18, 2018 · Mary Chavez · · Comments

Ransomware poses a threat to organizations of all sizes but can be particularly devastating for small and midsized businesses (SMBs) that often lack the technology, resources and funding that larger enterprises have at their disposal to combat attacks.  After all, the financial toll of a ransomware attack extends far beyond the ransom itself. Businesses must invest […]

Read More

The 5 Most Vulnerable Ransomware Entry Points to Your Organization

June 28, 2018 · Mary Chavez · · Comments

Employee cyber security awareness has no doubt risen in recent years due to the endless barrage of highly-publicized cyber attacks waged on businesses and individuals, including WannaCry, Petya and Bad Rabbit. While ransomware, malware and other methods have driven companies to take more proactive measures, you may still have multiple entry points that are vulnerable […]

Read More

The Top 5 Security Threats for 2018

April 18, 2018 · Mary Chavez · · Comments

We are now well into 2018. Though we have left the large security breaches of 2017 behind, their lessons remain.  New challenges will arise in the coming year as well. In this post, we’ll review the 5 top security threats for 2018 and how your team can respond to each. 1. Ransomware The most prominent […]

Read More

The Costs of Hiring and Retaining IT Security Staff

January 31, 2018 · Mary Chavez · · Comments

Anyone considering building an internal IT security team has run up against the realities of hiring, training, and retaining top cybersecurity talent. Qualified employees can be tricky and expensive to find and even more expensive to recruit and retain. These factors pose hardships on CIOs/CISOs, and stem from multiple factors in the cyber security space, […]

Read More

Five Ways to Outsmart the Hacker Mindset

July 5, 2017 · Mary Chavez · · Comments

In our previous blog, “Think Like a Hacker to Stop Cyber Crime,” we addressed the hacker mindset and how by gaining an understanding of cyber criminals’ motives and tactics, organizations can stop threats at any point in the attack cycle. Beyond just applying hackers’ tactics to technical infosec activities, organizations need to develop a holistic […]

Read More

Think Like a Hacker to Stop Cyber Crime

July 5, 2017 · Mary Chavez · · Comments

As the saying implies, it takes a thief to catch a thief. The same goes with cybersecurity. To stop hackers from compromising or stealing digital assets, you have to think like one—which involves anticipating their moves and identifying their targets. Profile of the Modern Hacker The profile of people who break into computer systems has […]

Read More

Petya Variant Ransomware: How to Detect the Vulnerability and Exploits

June 27, 2017 · Mary Chavez · · Comments

Another ransomware variant based on Petya and known as GoldenEye has landed today initially hitting hard in Ukraine and other European countries, but we’re seeing a surge in the states as well.  A variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya […]

Read More

WannaCry Microsoft Vulnerability Attack – What Happened and How to Protect Your Organization?

May 15, 2017 · Mary Chavez · · Comments

Last week the largest ransomware campaign in history was launched. The “WannaCry” malware targets a known vulnerability in Windows. However, what sets this malware apart is that it is spread with no interaction with users (a worm). As a result, over 200,000 users were victimized in about 150 countries. Despite the discovery and execution of […]

Read More

Choosing the Right SIEM Solution

April 11, 2017 · Mary Chavez · · Comments

Concurrent with the ongoing digitization of organizations large and small, cybercrime is on the rise. Consider the following statistics: According to the 2016 Verizon Data Breach Investigations Report, more than 100,000 security incidents were reported in 2015. Approximately 3,000 were confirmed as data breaches. A report released in January 2017 showed that in 2016, the […]

Read More

5 Building Blocks for Effective Intent-based Network Security

March 27, 2017 · Mary Chavez · · Comments

The Internet of Things (IoT) is here, and it’s driving big changes in enterprise networks. Gartner finds that nearly half (43%) of businesses worldwide planned to have some kind of IoT implementation by the end of 2017, with average deployment sizes in the billions. How can IT effectively keep the network secure and up and […]

Read More

Building A Culture of Security In Business

February 13, 2017 · Mary Chavez · · Comments

One of the biggest risks to business network security is the everyday behavior of the people that interact with it. The growing acceptance of this reality has made cybersecurity awareness — a core component of any network protection strategy. As you take steps to build a more cohesive culture of security at your organization, it […]

Read More

3-Point Endpoint Protection Primer

January 25, 2017 · Mary Chavez · · Comments

Attackers always take the path of least resistance. Today that path is clearly through the endpoint. As recent SANS research shows, user actions at the endpoint represent the most common way threats enter organizations today, with 75% entering via a malicious email attachment, 46% executed by users clicking malicious links in email, and 41% involving […]

Read More

Reality Check: # 2017 Cybersecurity Predictions

January 25, 2017 · Mary Chavez · · Comments

Ransomware, attacks from sovereign nations, botnets taking down sites on two continents – the cybersecurity industry saw dramatic changes in the landscape in 2016. Now that we’re almost a month into 2017, it’s time to get real about what’s coming. Trends that shaped 2016 It’s hard to look at the year past and pick out […]

Read More

What Merchants Need To Know About POS Malware Prevention

December 7, 2016 · Mary Chavez · · Comments

Point-of-sale (POS) malware attacks are experiencing a resurgence — a troubling trend for retailers on the brink of peak holiday shopping season. This may explain why most retailers are immediately concerned about cybersecurity. A recent Security Magazine report noted that all respondents in the 2016 BDO Retail RiskFactor Report were concerned about security breaches and […]

Read More

Ransomware: Why Backups Can’t Wait

October 14, 2016 · Mary Chavez · · Comments

Ransomware attacks are exploding. Recently, the U.S. Department of Homeland Security and the Canadian Cyber Incident Response Center issued a joint statement warning of the worsening ransomware situation targeting Windows, OS X, and Linux platforms. While prevention is important, malware and malware-less attacks are proliferating and becoming increasingly harder to detect. Organizations can not afford to […]

Read More

How To Approach Encryption Inspection

October 5, 2016 · Mary Chavez · · Comments

A full 30% of America’s internet traffic is now encrypted, a number that is expected to double by the end of 2016. SSL-encrypted traffic is rapidly becoming a standard. With the right approach, it can improve data security without compromising employee productivity or creating network maintenance headaches. The Dark Side Of Encryption Nevertheless, there’s a […]

Read More

5 Top Threats To Campus Cybersecurity

September 7, 2016 · Mary Chavez · · Comments

With students heading back to campus this month and classes set to resume for another semester, many higher education IT professionals are worrying about the cyber threats that lay ahead. With so much sensitive information at risk, it helps to have a solid idea of the threats that exist and how to deal with them […]

Read More

What to Take Away from the Threat Hunt

September 7, 2016 · Mary Chavez · · Comments

Faced with ever more stealthy and insidious attacks, many organizations are pivoting away from reactive security approaches and toward more proactive strategies. One is threat hunting, an exercise in which security actively and aggressively intercepts, tracks and eliminates malicious programs and code before they can wreak havoc on the network. While the biggest benefit is […]

Read More

What You Need To Know About Ransomware

September 7, 2016 · Mary Chavez · · Comments

As new generations of highly sophisticated ransomware threaten data security with increasing stealth and ferocity, protecting yourself from this insidious cyber crime wave can feel like an uphill battle. A tactic once primarily launched via email phishing, ransomware authors have honed their powers of deception. Today, they embed malicious ransomware programs in every-day business and […]

Read More

3 Reasons to Perform a Cyber Threat Assessment

August 31, 2016 · Mary Chavez · · Comments

A business can’t effectively protect assets and data if it doesn’t understand the threats it’s up against. That’s why it’s critical to perform regular cyber threat assessments — especially when threats change constantly, and network attack surfaces become more porous with the growth of BYOD, the cloud and other technology trends. A cyber threat assessment […]

Read More

Breaking the Cyber Kill Chain: Lessons Learned From the Ukrainian Power Grid Hack

July 25, 2016 · Mary Chavez · · Comments

In December 2015, a shocking and unprecedented attack took place at three separate power distribution centers in Western Ukraine. These facilities, responsible for controlling and directing electricity to hundreds of thousands of nearby residents, found themselves the target of what could be one of the most sophisticated cyber attacks in history. What Happened? At the […]

Read More

Can Cybersecurity and Connectivity Coexist in Higher Ed?

June 22, 2016 · Mary Chavez · · Comments

The open and connected environments in higher education help foster collaboration and innovation. Yet these environments are also creating cybersecurity vulnerabilities. With tight budgets that are focused largely on educational resources, IT teams at colleges and universities are not only constantly competing for funding but also fighting a losing battle against cybercriminals. Higher Ed a […]

Read More

With HIPAA Audits Looming, How Will You Get Around Data Security Roadblocks?

June 22, 2016 · Mary Chavez · · Comments

In healthcare, staying HIPAA-compliant is a priority. But the rise of cloud computing, mobility and the Internet of Things (IoT) have added additional complexities that make protecting patient information and staying HIPAA-compliant all the more difficult. With a new round of OCR HIPAA compliance audits scheduled, it’s time for healthcare firms to review their current […]

Read More

Why Your Private Data May Be Safest in the Cloud

April 22, 2016 · Mary Chavez · · Comments

Cloud adoption is on the rise, but some still question the security of data in it. Put your mind at ease by understanding the real risks in the cloud and knowing how to avoid them. First it’s important to understand the cloud isn’t going away anytime soon. It simply provides too many business benefits. Not […]

Read More

As Malware Gets Smarter, So Must Your Security Sandbox

March 21, 2016 · Mary Chavez · · Comments

“Targeted malware” is a real threat these days, with Verizon showing in its latest Data Breach Investigations Report that 70%-90% of all malware reported was unique to an organization. Even more alarming was the finding that on  average, companies went 205 days between the time they were breached and the day they discovered it. The […]

Read More