Author Archive

6 Reasons Why an Antivirus is not Enough

Monday, November 18th, 2019

Regular Antivirus software detects, stops, and treats viruses and worms, but antivirus alone is not enough for SMBs with business-critical data. Targeted cyberattacks are on the rise, and this means your approach to protecting your data should also evolve.

Regular antivirus software may be sufficient for individual devices if they don’t store private data. SMBs who do have these assets, which make them targets to more advanced attacks, require a more proactive approach.

A study by Panda Research has found that a typical antivirus will only stop 30-50% of new malware when it first appears. Antivirus protects you from classic dangers like known viruses, but with sophisticated attacks on the rise, SMBs require a multi-layered approach to cybersecurity. A trusted managed services provider like Simply Secure, can ensure that your business-critical data is protected proactively against the evolving threat landscape.

Data from the National Cyber Security Alliance shows that 60 percent of SMBs close after six months following a cyber attack. Companies may be subject to an extreme loss in revenue from the time taken to fix a data breach or fall victim to ransomware demands. Additionally, when your company falls prey to a cyberattack, you may lose credibility and customers’ trust, risking potential new clients or repeat business.

There are many services offered by managed cybersecurity professionals, which benefit SMBs in addition to antivirus software.

1. Customized protection from cyberattacks:

Cybersecurity companies protect their clients from cyberattacks before they occur. Unlike antivirus, which is predominantly reactive, managed cybersecurity is proactive. Also, security solutions are customized to fit a company’s unique infrastructure and budget, unlike general antivirus software. The products are more efficient in detecting and remediating potential threats by actively monitoring and updating defenses.

2. Proactively identify weaknesses in your network’s infrastructure:

Companies are often unaware that their computer networks harbor security vulnerabilities that allow attackers to enter. Cybersecurity companies have the tools and knowledge to provide a thorough audit of every piece of hardware used to identify these gateways. They then create a plan to fix security holes and strengthen network weaknesses. Services like a regular Vulnerability Assessment will proactively protect your network against cyberattacks before they occur.

3. People Power:

Untrained employees can be the most significant vulnerability to a company’s online security. According to Verizon’s 2019 data breach investigations report, 33% of breaches are due to social engineering. Companies must train their employees on how to identify phishing and business compromised emails. Cybersecurity teams provide helpful tools and resources to teach correct cybersecurity habits.

 4. Adapt to the changing threat landscape:

Also known as a ‘bug fix,’ a patch is a set of changes to a computer program or its supported data, which will update, fix and improve its performance or security. When a cybersecurity company initializes its services for a business, they apply patches to hardware and software in the organization. They will perform routine patch-management and ensure they are up-to-date to protect your networks from malware and other security vulnerabilities.

5. 24/7 Detection and Remediation:

By providing 24/7 monitoring through a security operations center (SOC), threats are identified in real time. For smaller businesses, an outsourced SOC enables immediate access to talented, certified cyber professionals around the clock, shared threat intelligence, segregation of duties, scalability and reduced barriers to entry and lower ongoing costs. Cybersecurity professionals use security information event management (SIEM) tools to identify and remediate issues as they arise. A remediation plan saves businesses an exponential amount of time and potentially loss of revenue and irreparable damage to reputation.

 6. Compliance:

Data breaches have become a mainstream topic; therefore many governments have applied laws for corporations to protect their clients’ data. It is the responsibility of the company to keep their systems safe from potential attacks. Failure to meet these governmental requirements can result in hefty fines or lawsuits large enough to put smaller companies out of business. By trusting a cybersecurity company to handle your networks, you are guaranteed to meet these requirements specific to your country and industry.

Antivirus forms part of a cyber security framework however will not be able to protect your system against all threats. For enhanced security, your business needs a multi-layered, proactive approach.

Talk to the experts at Simply Secure Group about your businesses’ specific cybersecurity needs to protect your systems before a crisis occurs. It only takes one virus to cost your company exponential damage in lost revenue, clients, and future business

Six Benefits of a Vulnerability Assessment for Small to Mid-Size Businesses

Friday, November 1st, 2019

A Vulnerability Assessment is a critical first step that SMBs can take to protect their business from cyber threats before they occur. When you hear or see a pop up which says “Threat Detected”, automatically, you’re alerted to respond. If your computer warns you of a suspicious site or activity, most people will not proceed to an untrusted source. Regular antivirus systems help identify and attempt to treat online viruses, but a Vulnerability Assessment is crucial in preventing damage before it occurs to your business-critical data.

A Vulnerability Assessment is a process of identifying, analyzing, and prioritizing the vulnerabilities in a system. Some examples of where the assessments are performed include information technology systems, energy, and water supply systems, and communication systems.

For small to mid-size businesses especially, regular Vulnerability Assessments (VAs) are essential. Security vulnerabilities can enable hackers to access IT systems and applications. Organizations have significant amounts of very valuable, private data, and attackers seek to steal or lock this information for financial gain. SMB’sare often viewed as easy targets, as they may not have the technical expertise of larger enterprises.

According to research posted on CBSN, 61% of breach victims in 2018 were companies with under 1,000 employees. They estimated that ransomware damage costs will rise to $11.5 billion by the end of 2019 and that a business will be harmed by a ransomware attack every 14 seconds.

In 2017, Wannacry ransomware used a cryptoworm designed to target computer systems using Microsoft Windows operating systems. This ransomware attack was massive, affecting and taking money from organizations globally. Companies that had strong VAs in place were able to detect the vulnerability and apply a patch, a remediation tool, released by Microsoft to prevent disaster.

Regular antivirus systems are not enough when a company has files and information worth millions of dollars. Organizations of any size should invest in a skilled cybersecurity team to provide a professional Vulnerability Assessment annually as their first line of defense.

Here are some of the main benefits for companies to hire professional Cybersecurity Services to provide Vulnerability Assessments: 

 

1. Gather information & discover: Cybersecurity service professionals will go through all of a company’s software and hardware present in the environment. They go through thoroughly to understand the systems, specific to the organization. By network scanning, they discover the hosts most likely to be attacked, and by port scanning, they detect the servers and protocols which may be vulnerable.

2. Provide a clear report: A vulnerability assessment discovers different types of vulnerabilities or threats and can provide an organization with a full report on the security weaknesses specific to their environment. They determine the full extent of what is known as an ‘attack surface’ vulnerable to hackers.

3. Asses the risks:  From the information gathered in the report, the cybersecurity team can provide the company with direction on how to asses the risks associated with identified weaknesses and evolving threats. Guidance is provided to reduce future risks with the aide of remediation tools and ongoing assessments to detect new threats. 

4. Apply remediation tools: After using detection tools or vulnerability repositories such as the National Vulnerability Database (used by the US Government), remediation tools can be applied. These are solutions to patch, configure, or debug assets to reduce or eliminate threats to a system.

5. Provide ongoing analysis: Ongoing analysis is essential, as there are always new and emerging risks and threats in any cyber system. Cybersecurity experts provide clients with the option to receive regular assessments to ensure that their systems and databases are not vulnerable to cyberattacks.

6. Prove to clients they’re protected: Businesses working with an expansive database of customers benefit from regular vulnerability assessments, especially from expert cybersecurity teams. Customers trust their personal information and data in the hands of companies in healthcare, law, financial services, and other industries. By investing in expert assessments, these customers are more likely to continue doing business with a company and recommend their services to others.

At Simple Secure Group, the trusted team of experts provide a detailed report of findings which include: 

  • Key observations
  • Recommendations
  • A risk analysis workbook that assesses overall risk determination based on the likelihood and impact of their clients’ vulnerabilities. 

By working with cybersecurity professionals, you can ensure your recommendations are accurate to maximize the education of future risks to your company’s valuable systems and data.

For a limited time, Simply Secure is offering a Vulnerability Scan for the introductory price of $1,000. To take advantage of this exclusive offer, email: info@simplysecuregroup.com or call +1 561 332-4844.

Six Benefits of Outsourcing your Security Operations Center by Rob Mayo-Smith

Friday, September 27th, 2019

Read our new blog detailing the benefits of outsourcing your Security Operations Centre.

Six Benefits to Outsourcing your Security Operations Center (SOC) by Rob Mayo-Smith

Thursday, September 26th, 2019

Security Operations Centers (SOC) are facilities that house cybersecurity teams who monitor, detect, and respond to threats providing a critical element of all good I.T. security programs. Here I make an argument why outsourcing to a managed 24/7 SOC can often be more effective than having an in-house team. 

It enables immediate access to talented, certified cyber professionals around the clock, shared threat intelligence, segregation of duties, scalability, reduced barriers to entry, and lower ongoing costs. 

SOCs are generally vastly different from an organization’s critical operations, therefore it makes sense to leave it to those who consider it their core business.

 

1. Finding and maintaining a talented SOC team is expensive

Deploying a SOC locally requires hiring new employees who are 100% conversant with the security industry and experienced with Security Information and Event Management (SIEM) tools. Unfortunately, finding talented people to address all SOC related issues can be difficult and time-consuming. Cyber attacks don’t just happen during business hours. 24/7 monitoring guarantees the quickest response time to identify and remediate potential threats, however the added complexity of shift rotation related to around the clock resourcing creates an additional burden on HR, facilities and management. Even if successful in hiring security experts, it may be difficult to justify keeping them in-house due to the high costs of their salaries. Although security attentive, most organizations have a limited budget and outsourcing the SOC and SIEM is a good middle ground.

 

2. Outsourcing provides segregation of duties and lowers conflict of interest between departments

Organizations know the expectations and implications of outsourced SIEM and SOC beforehand, including service requirements and budgeting. Contrary to this, locally deployed SIEM undergo a “learning curve.” As new security teams master the industry, their needs can encroach on other departments. A good example is when the security team insists on purchasing high ticket items when the company is strapped for cash. Of course, this will raise eyebrows, yet failing to comply with the team’s requirements may lead to an incomplete and compromised SOC.

 

3. Long-term return on Investment

Outsourced managed security providers that have focused on mastering the security industry with specific focus on SOC and SIEM are highly effective and productive in their space. They have regular experience implementing SIEM tools and have greater access to specialized talent. Not only does outsourcing reduce the time to become operational it also reduces the cost of implementation and ongoing management. This provides a good long-term return on investment getting everything at a fraction of the cost if completed internally.

 

4. Benefit of trends and detection on other customers

Outsourced SOC takes advantage of optimized services based on trends and the detection of other customers. Designing an in-house SOC requires time and investment, and ultimately is likely to fall short of an optimized, integrated solution. Since a local security center relies on a limited set of data, there are many benefits from the best practice an outsourced SOC provides

 

5. Enhancing efficiency in order to concentrate on core operations

Have you ever asked whether you are getting enough time to concentrate on your core operations? Due to their nature, SOCs are generally vastly different from most organizations’ core focus. They require a secure environment, highly capability IT security personnel working around the clock with specific toolsets. Outsourcing enables management to get back to what matters in their organization.

 

6. Scalability and flexibility

All business needs are not the same. For instance, a start-up company may require only a single security expert working for a few hours a day. When the service is outsourced, the needs are pooled with those of others to hire a full-time team. The team is also effective through collaboration and developing solutions together to react quickly. There is the benefit of access to additional resources. This can range from immediately in the event of a severe incident or the more gradual growth of a business and consequential data to protect. With a quick and effective response time to cyber threats, it can save a company millions of dollars from legal costs, reputational damage, customer churn, and business disruption.

 

Click here to download the article as a PDF.

Simply Secure Group is run by a team with a wealth of experience delivering cybersecurity solutions and specializes in running an Outsourced Security Operations Centre for their clients in line with the above article. 

Simply Secure Group and LDM Global Join Forces to Protect Clients

Monday, September 23rd, 2019

Miami – Simply Secure Group (www.simplysecuregroup.com) and LDM Global (www.ldmglobal.com) are excited to announce their partnership to offer trusted cybersecurity solutions to a broader global client base.

Simply Secure Group is an information security solutions team specializing in threat assessment, security management, and incident response services. They have teamed with LDM Global, an information management, data solutions, and litigation support firm providing Digital Forensics, eDiscovery, Document Review, and Cybersecurity to law firms, government agencies, and corporate legal departments. The partnership further bolster’s LDM Global’s cybersecurity offering.

LDM Global CEO Conor Looney (left) and CEO & Co-Founder of Simply Secure Group Rob Mayo-Smith.

With a globally recognized profile, LDM Global’s clients are supported 24 hours a day, seven days a week, from five secure global data centers, in Europe, the United States, Australia, China, and the Caribbean. By joining forces with Simply Secure Group, LDM’s clients will benefit from an extensive portfolio of cybersecurity services, including Simply Secure’s powerful application suite.

The resulting suite of services provides a complete cyber offering to LDM Global’s clients around the world, complementing the company’s three pillars of protection: employee education, threat detection, and due diligence. 

Headquartered in Fort Lauderdale, Florida, Simply Secure Group is run by a team with a wealth of experience in information security and cybersecurity. Known for their proven technical expertise in delivering end-to-end solutions to improve their clients’ resilience, Simply Secure Group offers a powerful cyber-defense platform that monitors and defends against threats to critical IT infrastructure 24/7. 

Simply Secure CEO and co-founder Rob Mayo-Smith said, “The partnership joins the expertise of Simply Secure and our Security Operations Center with LDM’s years’ of industry experience, established reputation, and global client base, specifically in the legal field. The partnership will provide full protection of customers’ environments with a powerful portfolio of cybersecurity products.”

LDM Global CEO Conor Looney also commented on the partnership, saying “Protecting client data has always been our primary priority for us, and with the risk of data breaches increasing for everyone, we want to be sure clients are taking all reasonable efforts to safeguard themselves, as well. I have known many of the security experts at Simply Secure Group for many years and feel confident the partnership will provide exceptional value to our clients.”

 

About Simply Secure Group

Simply Secure Group is an information security solutions team specializing in threat assessment, security management, and incident response services. The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions worldwide. https://www.simplysecuregroup.com

 

About LDM Global

Founded in 1996, LDM Global is an information management, data solutions and litigation support firm. The company is an international provider of eDiscovery, Digital Forensics, Document Review and Cybersecurity services to law firms and corporate legal departments.   https://www.ldmglobal.com/)

Avoiding Ransomware Threats on Social Media

Thursday, September 5th, 2019

Ransomware is one of the biggest cyber threats right now, where hackers threaten the victims’ data unless a ransom is paid. With an estimated 2.77 billion people using social media in 2019, it’s no surprise cybercriminals use it for easy attacks. They have become one of the most significant gateways for malware, spread through shortened URLs or social media ads.

Reports of cybercrime on social media are now showing that hackers will base their ransom demands on what you post. For example, you make yourself a target if you post things like your fancy new BMW, a trip to a five-star resort, or anything else determined a luxury. Ransomware determines the type of scams you are likely to click on based on your interests. They then place the value to release your files and information perceived amount you’d be able to spend. Through ransom software, the hackers target individuals of social media and can lock their desktop, files, and even SmartPhones.

Using social media platforms, including LinkedIn, Facebook, and Skype, hackers demand payments using the untraceable cryptocurrency. Victims entering their Credit Card information enables this. 

Social Media On Digital Tablet

So does your wealth increase your chances of being victimized for a cybercrime? Yes, but not everyone who posts their proudest material possessions on social media is rich. In turn, the companies these individuals work for are often held with the charges.

According to research, 43% of attacks are aimed at small businesses, as they use social media to promote online. The hackers target the company’s employees by what they post. When employees link their information to their employers, their personal information and interests can be used against them. Phishing scams explicitly catered to an employees’ post are more likely to be opened, and in turn, infect the software systems used by their employers. 

Avoid these 7 common social media pitfalls:

 

1. Linking personal profiles with company social media pages: 

Whether one person acts as the main administrator for a companies social media pages, or there are multiple key players with access, it is best to create professional accounts rather than link personal accounts.

2. Posting sites where you like to engage in online shopping 

This information can be used to craft a targeting phishing email with a malicious link. Often, a sign appears warning fraudulent activity, promoting the user to click the link, which then launches the attack.

3. Relying solely on the security features given by social media providers

While platforms like Facebook, LinkedIn, Instagram, etc, work hard to make users feel safe against cybersecurity threats, it is best for organizations to create their own social media policies. Staff education and training play an essential part in adhering to the security posture businesses want. A trusted cybersecurity partner can assist with staff training to improve security culture and decrease the chances of a successful ransomware attack.

4. Overlooking privacy settings

Make your profile as it appears to the public as limited as possible. For personal social networks like Facebook, where you show your possessions and interests, ensure your basic information such as employers, school, hometown, etc. are not visible. Business networks like LinkedIn, which are used for professional networking, should not be used to display personal interests.

5. Posting your possessions

As mentioned above, showing off your fancy material possessions can be used as a target against you. Ads and links created for your interests are more likely to get your attention, and the more money you appear to have, the higher hackers set their ransom. 

6. Meeting Over the Internet

Internet dating apps and social media platforms have made it easier than ever to find a date. However, one of the biggest problems with online dating is ‘cat fishing’. The term refers to users who create a profile with false information and photos. Some do this simply because they wish only to communicate and not meet in person. Disappointment is not the biggest issue here; their goal may be to get you to reveal your personal and financial information.

7. Leaving accounts unattended

If you leave an account unattended for too long, you could enable attackers to break into your account. Hackers can commit fraud, post inappropriate messages, and perform illegal activities under your name. This cybercrime can be damaging to your personal or your brand’s reputation.

What we post on social media could pose a threat to ourselves or the company we work for. Even if we can’t offer much to a cyber hacker in terms of a hefty ransom, they may target our employer. Small to mid-size businesses posses files rich in clients’ personal data, subject to be worth thousands of dollars in cryptocurrency. Protect yourself and the future of your career by taking precautions and using cybersecurity. 

The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area

Security Information and Event Management (SIEM)  by Simply Secures, Steven Gross.

Tuesday, August 27th, 2019

Head of Technical at Simply Secure, Steven Gross, is a cybersecurity expert with over 20 years of experience. He’s skilled in delivering end-to-end solutions, so we sat down for a chat about (SIEM) and how it can help your business.

What is SIEM?

SIEM is essentially a software tool that combines the capabilities of two cybersecurity solutions, Security Event Management (SEM) and Security Information Management (SIM). It captures data events, and stores and manages the information. It provides greater visibility, enabling your cybersecurity team to detect potential threats.

SIEMs can provide a variety of services, depending on the needs of your business. Services include log and event management, threat detection, security alerts, and regulatory requirements.

 

Why is SIEM important?

In business, we work with and create large amounts of data every day. This big data has become more significant and near impossible for individuals to manage without help. With big data, it can be tough to spot anomalies or evaluate risk, so companies use SIEM systems to monitor, log, and report suspicious events.

SIEM software can identify and categorize events from large data to pinpoint potential threats quickly. It provides real-time analysis of security alerts generated by applications and network hardware. In short, your cybersecurity team gains better visibility and the ability to respond to threats quickly.

 

What type of threats can SIEM detect?

The threat landscape is continually changing, but here are some of the major ones.

  • Insider Threat Detection

An insider threat could be an unknowing employee targeted by a malicious email or a disgruntled employee with malicious intent. We’re seeing an increase in targeted attacks against employees spreading Malware to hold your data ransom.

  • Compliance and Regulatory Adherence

Poor adherence to regulatory requirements can leave your business wide open. SIEMs will monitor compliance frameworks to ensure the latest rules and regulations are followed. It will also provide an audit trail so your business can provide evidence of compliance.

  • Advances Security

SIEMs can provide real-time threat detection. An example would be an alert when a virus or malware is detected, or give an early warning alert for brute force attacks, password guessing.

 

What are the key capabilities of SIEM?

A robust SIEM solution will deliver many benefits, but here are some of the important ones.

  • Compliance

Compliance is a hot topic, and SIEM reporting capabilities have expanded to meet the demands. Compliance and regulatory requirements bind almost all businesses. It can be a daunting and impossible task for business owners to manage without help.

SIEMs provide audit support to make sure that regulatory requirements are met. An example would be gathering data and recording it for SOX audit. Also, SIEMs provide log collection infrastructure to access recent log data, as well as archival and retrieval of older log data.

A SIEM can identify which IT systems are in compliance with internal policies and standards, and alert about violations in real-time and create compliance and regulatory reports.

  • Log Management

Log management provides the ability to manage and process vast amounts of data. Log data is the digital fingerprint of all activity that occurs across a network. Every action we do leaves a data trail behind. This data contains valuable information such as user activity, data traffic flow records, and autonomous functions.

Having the ability to look at data from many sources makes spotting potential threats easier. For business SIEM, your log management will allow better visibility and faster search functions.

Additionally, log management offers data storage, compression, and encryption, further securing your data and providing a clear audit trail when needed.

  • Data Storage

We know that we’re generating more data, so it’s no surprise that we need help to store it securely. SIEM offers storage compression and encryption.

  • Threat Detection Alerts

SIEM can connect your cybersecurity team to multiple threat intelligence feeds. These keep your enterprise up-to-date with the latest information and threats affecting your industry.

 

SIEMs through MSPs

SIEMs can be costly to manage and may require 24/7 monitoring for peace of mind. Hiring a skilled MSP like Simply Secure can help to keep costs down by enabling clients to pay for a fraction of the team while providing highly qualified security professionals who monitor, identify and respond to threats real-time. As cybersecurity experts, this is what we do best!

Steven Gross and the experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area. For more information about SIEM solutions for your business contact the Simply Secure team at: 15613324844.

Top Tips on Preventing Cybercrime

Monday, August 19th, 2019

The best way to combat cybercrime is by not becoming a victim in the first place. To that end, here are our top tips to simply secure your digital world.

Secure Devices

  1. Don’t download anything to your computer, tablet, or smartphone that you were not expecting to do when you got online.
  2. Bookmark all of your most visited websites. Just as with phishing emails, cybercriminals build websites that look like your credit card company or bank. Tricking users into clicking a link and visiting a phony website, hackers steal your sign-in credentials or infect your computer with malware or ransomware. By bookmarking, you ensure that your most trusted sites are accessed through your browser only.
  3. Ensure that your operating systems are set to update automatically. By having the most updated version, you ensure that you have the best defense available from your device manufacturer.
  4. Block popups on your web browser as they may contain rogue links and clickbait.
  5. Regularly back up your files.
  6. Use a browser that allows you to take your bookmarks with you between devices.

Be Password Savvy

  1. Don’t use names or significant dates as passwords. It’s easier for a hacker to guess your password after doing a little research on you, so it’s always best to avoid this mistake.
  2. Use a passphrase instead of a word. A passphrase is like a password only it’s composed of a combination of words strung together.
  3. Create a strong passphrase by using at least 12 characters, upper and lower case letters and special characters. The length is key to making a passphrase secure so the longer, the better.
  4. Use different passwords or phrases for different accounts.
  5. Use a password management tool.
  6. If you use a password management tool, like LastPass, never use your master password for other accounts.

Use Two Factor Authentication

  1. A two-step verification process is where you use a password or passphrase and a PIN code, most often sent to your smartphone. It can be used to log in to online banking accounts or email. You can set it up for a specific site only, or alert if you are trying to access your account details from a different IP address.

Smartphone Security

  1. Read the terms and conditions and research new apps before you download them to your smartphone. Recent evidence suggests that many popular Android apps can leak sensitive data. Retail, finance, and travel apps were highlighted as potential risks.
  2. Use touch ID or facial recognition functions if available. Not only are they extremely useful in securing your device, but they also make it easier to access.
  3. Never use public Wi-Fi networks to access your private accounts via your smartphone or any other device.
  4. Keep your smartphone operating systems and phone apps updated.

Education

  1. Read up about Phishing, Smishing and Social Engineering, so that you are better equipped to spot a potential rogue email.
  2. Pass on your knowledge to friends and family to better protect them against cybercrime.

Social media

  1. Choose wisely about the amount and type of information shared on social media to avoid becoming a victim of cybercrime. Social media platforms provide one of the main pools where hackers often go looking for the next victim. By merely browsing hashtags on Instagram, you can easily find out where a person lives, when they are away on vacation or attending an event.
  2. Don’t share private information on your social media pages if you have used the same as passwords. We’re talking birthdays, pets names and special events.
  3.  Hackers use social media to determine how much ransom their victims can afford to pay. They base this on what they share, like the car they drive or the clothes they wear.

Many of the simply tips above can be implemented today, increasing your defense against cybercrime.

The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area

Rise of Ransomware 2019

Wednesday, July 31st, 2019

Ransomware 2019 attacks have been hitting the headlines, with an 89% increase in ransom demands over the last 12 months. Soft targets, with outdated infrastructure, older software and poor security culture are being exploited every day. 

Here are some recent attacks making headlines.

  • Lake City, Florida’s city government paid ransomware attackers about $530,000 or 42 Bitcoins, to restore access to systems.
  • The City of Riviera Beach, Florida, paid ransomware attackers about $600,000.
  • LaPorte County, Indiana paid over $130,000 worth of Bitcoins to ransomware hackers to regain access to part of its computer systems.
  • Capital One was the victim of a massive data breach affecting approximately 100 million consumers in the United States and 6 million in Canada. The company expects to spend $100 to $150 million in customer notifications, credit monitoring, technology costs, and legal support.
  • This week, Louisiana Governor John Bel Edwards activated a state of emergency in response to a wave of ransomware targeting school districts.

With targeted attacks on the increase, business owners are looking for solutions to avoid a data hostage crisis!

What is causing the Ransomware boom?

Ransomware attackers are becoming more sophisticated and targeted with the event of spear-phishing attacks. Spear-phishing is a targeted malicious email, often disguised as a legitimate user or company. The aim is to spoof the user into giving away personal and sensitive information or click on a link that contains malware.

Once the user opens the email, Malware is executed quickly, and the business-critical data is compromised and encrypted. The unknowing user is sent a ransom demand, often with payment required using a cryptocurrency like Bitcoin. Cryptocurrency is commonly used to avoid any traces back to the attacker. Once the ransom is paid, often but not always, a private key is sent to the user to recover the data.

 

How can a business defend against targeted Ransomware?

Unfortunately, there is no way to stop a ransomware attack entirely, but there are steps you can take to improve your defenses.

1.    Annual Vulnerability Assessment

Hiring a trusted cybersecurity provider to conduct an annual vulnerability assessment is a great place to start. A vulnerability assessment is a detailed security audit of your current system. It will identify, quantify, and prioritize vulnerabilities in your network, applications, processes and people. What you ultimately gain is in-depth knowledge from your cybersecurity team with recommendations and risk analysis.

2.    Annual Penetration Testing

A penetration test is an authorized attack against your IT systems by an experienced cybersecurity team. The test will identify and exploit security weaknesses to evaluate the real-world risks they pose to your business. The goal is to uncover your weakest links and determine the extent of damage a real malicious attacker could cause your business.

3.     Business Continuity

Effective business continuity and disaster recovery requires a plan to enable a business to be back up and running quickly. The best way to improve your business continuity is by regularly backing up your data. Ensure backups are not permanently connected to the computers and networks they are backing up. Consider using a cloud-based backup solution, alongside on-site and co-location services.  

4    Security Culture

Cybersecurity is everyone’s business, from the CEO to the administrators, a sound security culture will decrease the chances of a successful ransomware attack. An excellent place to begin is with an education strategy, including all employees, to creating awareness. All employees are potential targets and should be aware of the threat of Ransomware and the ways it’s delivered.

Hiring a cybersecurity team to deploy the following techniques will greatly improve your security culture.

  • Awareness Training

If all staff members are aware of potential threats, they will take a more defensive approach and be better equipped to spot a rogue email.

  • Communication & Acknowledgment

Empower your team to talk if they suspect a rogue email or if they open one to report it immediately. 

  • Acceptable use policies and rules

Deploy cybersecurity adherence policies for all employees, including a framework for staff violations and consequences.

  • Sensitive Data Policy frameworks

Deploy clear policies and procedures regarding confidential data and take a zero trust-based approach. Restrict access by privileged users to specific systems, creating a safety zone around your business-critical data.

The recent increase of ransomware attacks shows how quickly the cyber threat landscape can change. Experts warn that attackers are growing in confidence and number, as crippled companies choose to pay to get their data back. Keeping your data safe requires a multilayered approach from a trusted and experienced cybersecurity team like Simply Secure.

The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area.

 

Work toward protecting your Data with a Vulnerability Assessment

Tuesday, June 25th, 2019

A data hostage crisis was experienced recently by Riviera Beach City Council.  An innocent-looking email opened by an employee, quickly escalated, leading to the shutdown of city computers. With their valuable data held hostage by hackers, the city had no choice but to pay the demanded ransom.

Riviera Beach is yet another example of the increasing frequency of sophisticated cyber attacks, spreading targeted ransomware to steal business-critical data. With ever-increasing cybersecurity challenges, what is the best course of action to improve your defenses?

“Many cyberattacks happen because hackers spot network vulnerabilities, such as web-based email services, poor end-user education, and weak passwords.  A detailed vulnerability assessment will identify potential weaknesses, before criminals can exploit them”. says Rob Mayo-Smith, CEO and Co-Founder of Simply Secure.

What is a Vulnerability Assessment?

A vulnerability assessment is a detailed security audit of your current system. It will identify, quantify, and prioritize vulnerabilities in your network and applications. What you ultimately gain is in-depth knowledge from your cybersecurity team with recommendations and risk analysis.

What will a Vulnerability Assessment deliver?

A thorough vulnerability assessment, performed by a certified cybersecurity professional, will deliver the following results.

Define and classify your network systems, resources, applications, hardware, outdated software and older hardware, that often lead to increased threats.

Develop a strategy to tackle identified threats based on their level of severity to impact your business. 

Implement a plan to minimize the consequences of a successful attack.

“Targeted cybercrime is on the rise, and you must make sure that your security software is capable of defending your data. Hiring a trusted and experienced cybersecurity team, to identify vulnerabilities before they are compromised, is a critical first step.” said, Rob Mayo-Smith.

The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area.