CISA

CISA Adds Single-Factor Authentication to List of Bad Practices

One Layer Isn’t Enough The Cybersecurity and Infrastructure Security Agency (CISA) in the United States recently announced adding single-factor authentication to their list of Bad Practices.  CISA’s Bad Practices list contains a collection of exceptionally risky cybersecurity practices. Although intended for all industries, the practices listed are considered especially dangerous in organizations that support critical infrastructure or National Critical Functions (NCF).  …

healthcare

Employee Password Security in the Healthcare Sector

The healthcare industry sector is increasingly the target of cybercriminals. According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. Why is this happening, and what can we do to address it? The Culprits Weak and Compromised …

ransomware (1)

Reimagining Ransomware Responses

Planning, Protecting and Not Paying Your company is aware of the many attempts that hackers make every day to infiltrate organizations, steal data, and demand ransoms. Hacking methods seem to propagate rapidly, but ransomware has been making the headlines regularly in the past two years. Ransomware, a form of malware, accounted for about ten percent of the breaches collated in …

cybersecurity tips

Top Five Digital Tips for Thriving in the New Normal

Reports, op-eds, and documentaries point out that many 2020 pandemic-prompted changes are likely here to stay. From contactless takeout food delivery to the widespread adoption of virtual meetings, the disruption of COVID caused many technological and digital shifts for organizations. According to recent information from PWC, which surveyed businesses cross-industry, CEOs plan to make their companies more digital and virtual. …

e-learning

Attacks on Digital Learning

How School Districts can defend themselves from increased cyberattacks. While there are changes for each generation of students to experience, it’s safe to say that the impact of the pandemic on the scholastic world in 2020 was dramatic and immediate. The transition from in-person classes to web-based learning was startling for everyone, but especially K-12 students because of the rigid …

active defense (1)

Developing Active Defense from Password Spraying & Credential Stuffing

Microsoft Active Directory (AD) is ubiquitous across the corporate landscape; you probably use it to authorize access at almost every level. Due to its popularity and importance, AD is a perfect target for cyber attacks. Hackers frequently use password spraying and credential stuffing as attack methods, especially against AD. With many traditional password ‘best practices’ being outdated, are you prepared …