[metaslider id=2951] … Read More
Archives for August 2018
Five Ways to Detect a Cyber Threat
In order for businesses to counter the ever-growing amount of network security risks, having an effective security plan has become increasingly critical. The plan must implement strong IT security tools, and there must be a strategy for emerging threats. You and your team can become part of the detection process by making use of the following tips.
Know how to spot phishing emails
Phishing refers to the practice of sending emails that try to induce individuals to reveal personal information, such as passwords and credit card information. Most recently, it is designed to spread Ransomware and other malicious threats. While some phishing emails are extremely easy to spot, others require more due diligence in reviewing the email prior to clicking the links or opening the attachments. You can find out what percentage of your employees is susceptible to phishing attempts with our free phishing security test.
Locate unusual activity on your network
This is a cornerstone to identify a potential cyber threat. Unusual activity includes logging into the system after hours, multiple login attempts, or activity from IP addresses that are overseas. Utilizing a logging tool or network access control can assist in reviewing this activity.
Don’t ignore a slow network or computer
Your users should be able to identify when their systems are not working to the level that they are accustomed. Slow networks or machines can indicate trojans or malware that is working behind the scenes. Review your log files from your firewalls to review the network traffic.
Keep software up-to-date
When developers release updated versions of their software, it often includes a security update. You and your team can help to reduce the likelihood of an attack by ensuring all software programs are up to date.
Run a scan on your network
Even with all of the security tools available today, there is a chance that you may already be compromised. Running a compromise assessment can proactively discover the presence of active or dormant threats that may have evaded your organization’s security defense.
Three Questions to Ask When Hiring a Cyber Security Consultant
As a business owner, it’s important to recognize if or when you may lose confidence in your organization’s defenses against cyber attacks. If this sounds familiar, it’s likely time to seek a cyber security consulting service. But how do you know if you’re choosing an organization that is truly qualified? Here are some key questions you should ask when hiring a network security consultant.
What experience does your team have with IT security?
While many cyber security consultants have spent the time to bulk up their resumes with impressing-looking credentials and accreditations, this does not equate to having real-world experience. Rather than what they would do in a potential situation, ask for specifics on what they have done for real clients in the past. If you’re looking for an IT support specialist with a strong understanding of cyber security, they should be able to safeguard your company from all cyber-attacks while maintaining data integrity.
What is my company’s most significant security risk?
By asking this question, you can determine if the consultant is using buzzwords of today’s cyber threats or if they truly understand the risks that your particular organization would be privy to. Each organization is different, and as such, the risks may be different as well.
What communications can I expect during the process?
Some cyber security consulting companies do not want to provide the details of their work, nor discuss with the client baseline results as they progress. Communication is key to ensuring that the consultant is working with your best interest in mind. With a lack of communication, you will likely be disappointed by the results. Rather, ensure that you work with the consultant in providing a statement of work with definitive baselines, as well having them discuss methodologies and procedures. Above all else, remember to ask questions.
Beware of Phishing
While most of us can spot the most obvious of phishing emails – what happens when it looks like an email came from a trust employee within your own organization.
Read what happened to Unity Point Health in DesMoines Iowa
It is becoming increasing more difficult to spot malicious emails, however by training your staff on what to look for you can reduce the chances of becoming a victim. Security awareness training is not a one off – lunch and learn series – but rather a continuous training method. The training should focus on not just how to spot phishing email, but also texts, as well as safe browsing.
You can run a quick check to see how many would be susceptible to a phishing email by performing a free phish test, in addition you can perform a domain spoof test to see if threat actors can spoof an email within your domain.
Contact us for more information on security awareness software.