Archives for August 2018

In order for businesses to counter the ever-growing amount of network security risks, having an effective security plan has become increasingly critical. The plan must implement strong IT security tools, and there must be a strategy for emerging threats. You and your team can become part of the detection process by making use of the following tips.

Know how to spot phishing emails
Phishing refers to the practice of sending emails that try to induce individuals to reveal personal information, such as passwords and credit card information. Most recently, it is designed to spread Ransomware and other malicious threats.  While some phishing emails are extremely easy to spot, others require more due diligence in reviewing the email prior to clicking the links or opening the attachments. You can find out what percentage of your employees is susceptible to phishing attempts with our free phishing security test.

Locate unusual activity on your network
This is a cornerstone to identify a potential cyber threat. Unusual activity includes logging into the system after hours, multiple login attempts, or activity from IP addresses that are overseas. Utilizing a logging tool or network access control can assist in reviewing this activity.

Don’t ignore a slow network or computer
Your users should be able to identify when their systems are not working to the level that they are accustomed.  Slow networks or machines can indicate trojans or malware that is working behind the scenes.  Review your log files from your firewalls to review the network traffic.

Keep software up-to-date
When developers release updated versions of their software, it often includes a security update. You and your team can help to reduce the likelihood of an attack by ensuring all software programs are up to date.

Run a scan on your network
Even with all of the security tools available today, there is a chance that you may already be compromised. Running a compromise assessment can proactively discover the presence of active or dormant threats that may have evaded your organization’s security defense.

As a business owner, it’s important to recognize if or when you may lose confidence in your organization’s defenses against cyber attacks. If this sounds familiar, it’s likely time to seek a cyber security consulting service. But how do you know if you’re choosing an organization that is truly qualified? Here are some key questions you should ask when hiring a network security consultant.

What experience does your team have with IT security?
While many cyber security consultants have spent the time to bulk up their resumes with impressing-looking credentials and accreditations, this does not equate to having real-world experience. Rather than what they would do in a potential situation, ask for specifics on what they have done for real clients in the past. If you’re looking for an IT support specialist with a strong understanding of cyber security, they should be able to safeguard your company from all cyber-attacks while maintaining data integrity.

What is my company’s most significant security risk?
By asking this question, you can determine if the consultant is using buzzwords of today’s cyber threats or if they truly understand the risks that your particular organization would be privy to. Each organization is different, and as such, the risks may be different as well.

What communications can I expect during the process?
Some cyber security consulting companies do not want to provide the details of their work, nor discuss with the client baseline results as they progress. Communication is key to ensuring that the consultant is working with your best interest in mind. With a lack of communication, you will likely be disappointed by the results. Rather, ensure that you work with the consultant in providing a statement of work with definitive baselines, as well having them discuss methodologies and procedures. Above all else, remember to ask questions.