On May 12th, 2021 President Biden signed into effect an Executive Order on Improving the Nation’s Cybersecurity.
There’s no disputing that we need to up our cybersecurity! 2020’s SolarWind’s breach gave a foreign power (most likely Russia) access to companies that probably included Microsoft, Intel, and Cisco; the list of federal agencies so far consists of the Treasury, Justice, and Energy departments and the Pentagon.
Most recently, the Colonial Pipeline ransomware attack left many scrambling for gas all along the Eastern Seaboard. Someone most likely clicked on a link in an email to become infected!
Typically, executive orders only apply to the federal government. We’ll be watching as these orders take effect and let you know how they may affect you.
The day after signing his Cybersecurity Executive Order, President Joe Biden gave a briefing about the Colonial Pipeline cyberattack. After describing the current situation and getting the pipeline back online, he turned to cybersecurity in general.
“And last night, I signed an executive order to improve the nation’s cybersecurity. It calls for federal agencies to work more closely with the private sector to share information, strengthen cybersecurity practices, and deploy technologies that increase reliance against cyberattacks.”
“Private entities are in charge of their own cybersecurity, and we need — and we have to — we know — we know what they need. They need greater private-sector investment in cybersecurity.”
We hear you, President Biden!
We’re helping the private sector invest time in cybersecurity with our “Safer Every Day” program. Becoming more cybersecure can seem like an overwhelming task. We’ll be posting “How to Become a” Human Firewall” One Day at a Time” on all our social media platforms and you can view them all here.
We hope that you will use these tips to make you and your business more secure.
Use the Password Manager that WE Use!
Take control of your passwords and system access—and get peace of mind Features at a glance: No more remembering dozens of passwords Faster access to websites and applications Folders to organize and categorize credentials [...]
How strong is your password?
You know that "password12345" is a BAD password but do you know if your password, especially your most important email password is strong? Go to HowSecureIsMyPassword.net and see how long it would take to [...]
Have defenses in place BEFORE you suffer an attack!
Business Email Compromises (BEC) can have big payouts to the hackers, but the most common scam involves crooks tricking victims into sending gift cards worth as little as $250. A common tactic is to [...]
Business Email Compromises
The FBI reports that Business Email Compromises (BEC) are one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct personal and professional [...]
How to report cybercrime
If you are the victim of online or internet-enabled crime, file a report with the Internet Crime Complaint Center (IC3) as soon as possible. What details will you be asked to include in your [...]
Security Awareness Training Works!
Users must be armed against highly variable, increasingly sophisticated, targeted phishing attacks. The most successful “bait” includes: Current events Package delivery notices Social media passwords need to be changes Credit card expired Users need [...]
Are you in the majority? Do you really want to be?
According to an infographic from Businesswire.com: · Only 31% of IT professionals use a password manager, which is an effective tool to securely create, manager and store passwords · 42% of IT professionals report [...]
The 10 most frequently-used subject lines in attacks are:
Request Follow up Urgent/Important Are you available?/Are you at your desk? Payment Status Hello Purchase Invoice Due Re: Direct Deposit More than 95% of malware-distributing emails require human action such as following links or accepting [...]
The Most Impersonated Companies
According to The Webroot Threat Report, the most impersonated companies used for phishing attacks in 2019 were: Facebook Microsoft Apple Google PayPal Dropbox Chase Bank Yahoo Adobe Wells Fargo Rampant password reuse and heavy [...]
Ransomware Ruin
Ransomware disaster is waiting around every corner for businesses these days. Companies saw a more than 80% increase in cybercrime overall in 2020, but there was a seven-fold increase in ransomware. Cybercriminals aren’t pulling any punches either – ransomware has been [...]
Low Cybersecurity Standards Lead to Disaster
Don’t Settle for Good Enough Whether they’re caused by neglect, negligence, ignorance, or spite, most breaches are preventable with the right combination of solutions and a solid commitment to practicing good cybersecurity hygiene throughout an organization. Over 80% of businesses have experienced [...]
Why Is It Called Phishing?
Like a person fishing lures a fish with bait, a hacker lures their victims with the bait of information they would like or are curious about. It is reported by Computerworld that the “F” [...]
Don’t Take Google Docs from Strangers
There’s a new scam out there where victims get an email with a Google Doc on their particular interest. When they click on the link to download the document, they are redirected to a [...]
Time for the Talk
It’s important for every business to create a workplace that takes cyber readiness seriously. This begins with clear and open dialogue. But most business owners aren’t cybersecurity experts, so how do you start the [...]
Determine your dependence on IT
Consider how much your organization relies on information technology to conduct business and make it a part of your culture to plan for contingencies in the event of a cyber incident. Identify and prioritize [...]
Approach cyber as a business risk
Ask yourself what type of impact would be catastrophic to your operations? What information if compromised or breached would cause damage to employees, customers, or business partners? What is your level of risk appetite [...]
Have a comprehensive asset management approach
From the CISA.gov Ransomware Guide: □ Understand and inventory your organization’s IT assets, both logical (e.g., data, software) and physical (e.g., hardware). □ Understand which data or systems are most critical for health and [...]
Stop Using Your Debit Card
We know it’s supposed to be fast and just like cash, but it’s got risks. We’ve gone pretty much cashless. Just a few years ago, credit card transactions had minimum limits, and now, using [...]
Layer Sensitive Data Accessibility
Each employee should have access to only the information necessary for their job and not “Permissions” to any other sensitive area. Immediately remove access when an employee changes positions or leaves. A study by [...]
Keep Your Portable Devices Safe
When Smartphones and tablets are used outside the safety of the office and home, they need even more protection than “desktop” equipment. Switch on PIN/password protection/fingerprint recognition for mobile devices Configure devices so that [...]
Password Facts That You’ll Want to See – #8 – 10
On average, 20% to 50% of all IT help desk tickets each year are for password resets. An estimated 60% of passwords that appeared in more than one breach in 2020 were recycled or reused. Almost 25% [...]
Password Facts That You’ll Want to See – 5 – 7
5. An overwhelming majority of passwords fit into one of 24 common categories. (not all these categories are bad First or common names General dictionary word Keystroke pattern – easy to remember Sport, sports [...]
Password Facts That You’ll Want to See – #1 – 4
Microsoft says that 99.9% of password-based threats can be stopped with multifactor authentication. Credentials were the top type of information stolen in data breaches worldwide in 2020. Approximately 60% of data breaches involve the [...]
Protect Your Data
Make sure all laptops, MACs, and PCs use encryption products that require a password to boot. Switch on password / PIN protection or fingerprint recognition for mobile devices. Even better, enable multi-factor authentication (2FA) for [...]