As we are about to finish the first week of 2018, its’s time to share the best of Cybersecurity Articles we wrote in 2017. It can be a daunting task to keep up with everything cyber, so we highlight some of the best Cyber Articles for our readers.
Public Wi-Fi networks are incredibly convenient and can be a great resource at the airport, coffee shops, or lengthy train commutes. Alongside convenience with public Wi-Fi, we see a host of unnecessary risks. On open, unsecure networks, information is generally unencrypted, meaning with the use of a wireless network analyzer, it’s fairly easy to see what others are up to. Attackers try to intercept the communication between your computer and the computer you are sending information to so that they can gather useful information. A hacker, for instance, can see what webpages you’ve visited and what credentials you’ve entered into forms.
Common attacks that occur on public wifi:
- Man-in-the-middle attacks
- Wi-Fi Sniffingg
Read more here.
After this holiday season, emerging ‘smart’ technologies such as Amazon’s Echo and Google Home are making their way into many homes, making it simple to find for users to stay up-to-date on the latest news, ask for directions, or hear tomorrow’s weather forecast. The Echo’s voice assistant, Alexa, for example, can complete advanced tasks such as turning on lights and changing the temperature of your home. The Echo is also capable of playing music, giving directions, and can even re-order an item you’ve purchased on Amazon. Google Home has many of the same features that the Amazon Echo has. Google Home is powered by Google Assistant. Smart technology is a playground for hackers.
These devices are effectively always listening and, at some times, recording what you say… so how secure are these devices? It’s important to remember to treat your smart device just as you would any other personal device, and that means keeping security top of mind. Read more on smart technology here.
To assist in guiding your firm with its cyber plan implementation, we’ve outlined a basic calendar of security reminders to help you stay on track. Listed in order of frequency, here’s how often you should plan to take these security steps:
Change your password every 3 months
Conduct a simulated phishing exercise every 3-6 months
Require remote access testing for business continuity every 3-6 months
Conduct a vulnerability assessment (internal/external) and/or penetration test every 6 months
Test your disaster recovery systems every 6 months Conduct internal tabletop exercises for Management and/or Incident Response teams every 6-12 months
There are more, so checkout our full cyber calendar here.
In this article we share 10 of the most common cybersecurity gaps identified during an IT audit/risk assessment including 1) IT Asset Management, 2) Vulnerability Assessments, 3) Patch Management and Social Engineering & User Training. Read the full list here.
We live in a dynamic world. Technology is evolving quickly, and IT outsourcing increasingly makes more sense for firms that aren't able to keep pace with changing requirements and would rather focus on core competencies. But will outsourcing your technology management open you up to more risk or less? Read our thoughts on this topic here.
Cyber threats are on the rise and are increasingly becoming more sophisticated. It can be a daunting task to stay on top of new and evolving attacks and breaches, which is why proactively implementing the right technical and administrative safeguards are essential. Here are the key elements to help to avoid being the next cyber target Understand the Cyber Threats Security Layers – and many of them Incident Response Planning Vendor Risk Management Make Your Employees a Cybersecurity Asset. Read more best practices here.