Why Attacks on Critical Infrastructure Are Dangerous

Critical Infrastructure (CI) comprises physical and cyber assets vital for the smooth functioning of societies and nations across the globe. The sectors that make up critical infrastructure differ from one country to another. For example, the USA considers 16 sectors to be vital as opposed to 13 in the UK. The disruption or damage of CI can have severe direct and indirect effects.

4 Reasons Cybersecurity Attack Surfaces Are Expanding

The COVID-19 pandemic impacted individuals and businesses all over the world in one way or another. Almost overnight, it disrupted the way people went about their daily routines and how companies operated. Amidst all the chaos, changes to the cyber landscape increased at an unprecedented pace. Some of the trends that powered these changes and continue to fuel them are:

How Can Cyber Resilience Protect SMBs?

Small and Medium Businesses (SMBs) usually invest less in cybersecurity, making them easier targets for cybercriminals. Close to 30% of businesses experience a cyberattack at least once per week.1

The need for constant vigilance and defense against hackers has led many SMBs to complicate cybersecurity matters. Though the percentage of businesses that have adopted formal, business-wide incident response plans has increased from 18% in 2015 to 26% in 2020, the ability to contain an actual attack dropped by 13%.2 This is because: (1) businesses do not consistently test threat-readiness of incident response plans and (2) many of them use too many security products that hamper the ability to identify and respond to a cyberattack.

How to Build a Security-First Culture That Empowers Your Hybrid Workforce

Tools are only as good as their users. This should be your guiding philosophy as the world shifts to a hybrid work model to deal with the complexities posed by the COVID-19 pandemic. While it’s great to define and implement essential security controls and tools, if it isn’t backed up by workforce buy-in and participation, you could be in for a bumpy ride.

Top 9 IoT-Related Security Threats Businesses Face

The Internet of Things (IoT) is rapidly changing the technology landscape as we know it. Businesses worldwide are leveraging IoT for benefits such as seamless collaboration, access to comprehensive data and the ability to make stronger business decisions based on insights derived from substantial data. Experts estimate the total number of installed IoT-connected devices worldwide to amount to 30.9 billion units by 2025.

However, as we know, all that glitters is not gold. Due to the exponential growth of the number of IoT devices, the increasing amount of sensitive data these devices handle and their ability to function with minimal human intervention, the doors have been left wide open to high-level cybersecurity risks. IT professionals consider about 60% of IoT devices to be vulnerable to medium- or high-severity attacks.

All You Need to Know About Least Privilege

In IT, the principle of least privilege (PoLP) refers to the concept that any process, program or user must be provided with only the bare minimum privileges (access or permissions) needed to perform a function. For instance, if a user account has been created for accessing database records, it need not have admin rights. Also, a programmer responsible for updating lines of legacy code can do so without access to the company’s financial records.

Kaseya VSA Ransomware attack

We at ITNS Consulting would like to commend Kaseya for their amazing transparency during this difficult time. As many of you may know Kaseya suffered a ransomware attack on an epic scale. Their quick response to this attack spared hundreds of thousands of businesses worldwide from suffering a dismal fate. We were notified within an hour of the onset of the attack and Kaseya has remained extremely transparent and communicative throughout the entire process. We would like to emphasize Kaseya put their customers first by reaching out to industry experts and their communities for assistance in addressing this breach. Ransomware has become a global issue which requires a global response. In the world we live in “it’s not whether a breach will happen, but when”, and how your business will recover. ITNS Consulting is a Kaseya VSA partner, and we are one of the companies protected by Kaseya’s actions. Their quick response to the ransomware attack on Kaseya VSA stopped this attack from affecting any of our clients.

Your Biggest Cybersecurity Risk: Your Untrained Employees

Security Awareness Training

Cybercriminals work round the clock to detect and exploit vulnerabilities in your business’ network for nefarious gains. The only way to counter these hackers is by deploying a robust cybersecurity posture that’s built using comprehensive security solutions. However, while you’re caught up doing this, there is a possibility you may overlook mitigating the weakest link in your fight against cybercriminals — your untrained employees.

Best Practices for a Secure Supply Chain

Your business’ cybersecurity posture must prioritize detection, evaluation and mitigation of risks posed by your supply chain. It is vital that your security is upgraded on a regular basis to better prepare for any worst-case scenarios.
Having said that, it should come as no surprise that a vulnerable third party that your organization deals with can weaken your supply chain as well. Although controlling a third party’s cybersecurity can be challenging, it must be taken seriously since a security compromise at their end could put your business at risk.

How to Effectively Manage Supply Chain Risks

Digital transformation has made many things easier for businesses, right from inventory management and order processing to managing financials. On the flip side, however, it has also made companies more vulnerable to cyberattacks and data breaches. A breach occurring anywhere in the supply chain could end up seriously disrupting your operations. So, how do you safeguard your business against these threats?