Category: Information Security

Small Business is a Big Ransomware Target

More than 70% of ransomware attacks target small business, with an average time of infection to encryption within three (3) minutes. Most data breaches and ransomware outbreaks happen because of two problem areas: 1) The perpetrators take advantage of known vulnerabilities from outdated, unpatched and unmonitored operating systems/applications; 2) The typical end-user is given too much […]

No Ransom, No Cry

The recent WannaCry (WannaCrypt) malware attack further shows how many organizations are still unprepared to prevent, respond and recover from such attacks.  This malware and a lot of other viruses typically take advantage of a well-known exploits, most of which have a fixes/updates to mitigate these issues. Case in point, MS17-010.  This security update had been out almost […]

Protecting Your Organization’s Reputation – Part 3

Welcome to Part 3, of the multi-part series on “Protecting Your Organization’s Reputation”, where we’ll be focusing on the area of Data Loss and Leakage Prevention. As discussed in the previous installment, sender verification, anti-spoofing and messaging signing (digital signature) technologies/controls are a great first step, but that still doesn’t protect from malware and other […]

Protecting Your Organization’s Reputation – Part 2

We’ve all heard of the increases in e-mail phishing/scamming/spoofing. Typical phishing or spear phishing scams usually include a malicious URL or attachment, that attempts to install malware or to gather more information (credit card, bank account, etc…), while whaling is a pure social engineering hack.  If your organization falls victim to these exploits, it can […]

Protecting Your Organization’s Reputation – Part 1

Organizations can get a bad reputation from a variety of externally initiated and/or internally created issues, such as: poor customer service, spamming/spoofing, CEO/CFO spear phishing scams, leakage of customer personal/financial/health information, environmental dumping, financial malfeasance, and the list goes on.  For many of these issues we can mitigate the probability and impact and/or provide corrective actions. […]