Call (716) 373-4467

Managing a business on your own is challenging enough without worrying about cyberattacks. However, there is cause for alarm as hackers are using artificial intelligence (AI) to launch sophisticated cyberattacks to steal your data and disrupt business operations.

The good news is there are steps you can take to protect your business. This blog will explain how AI is being used in cybercrime and how you can safeguard your business.

 

How Hackers Use AI

Here are some of the ways cybercriminals are exploiting AI:

 

Deepfakes:

Hackers use AI to create highly realistic fake videos or audio recordings to impersonate someone you know, like your boss or a trusted friend. These deepfakes can be used to trick you into sending money or sharing sensitive information.

How to spot it: Closely look for details like unnatural facial movements or sloppy voice synchronization.

 

AI-Powered Password Cracking:

With the help of AI, cybercriminals can effortlessly crack common and easy passwords. Hackers with access to advanced computation offered by AI can automate the breaching process, so they can try millions of combinations to guess your password.

How to fight back: Always use unique passwords. Consider reaching out to Databranch to start the process of using a password manager.

 

AI-Assisted Hacking:

Hackers no longer have to spend hours looking for vulnerabilities. Instead, with the help of AI, they can create automated programs that not only identify weaknesses in your system but also create new types of malware.

How to stay ahead: Keep your security systems and software updated. Also, a mandate should be set up to scan for vulnerabilities routinely.

 

Supply Chain Attacks:

Threat actors use AI to insert malicious code into legitimate vendor products, which eventually will compromise your system as well. In a Business Email Compromise (BEC) instance, a hacker can also insert malicious content into reply chain emails coming from vendors vendors and suppliers

How to protect yourself: Only download software from trusted sources. Always be vigilant with updates, patches, and any email links.

 

Boost Your Defenses

AI-powered cybercrime is a growing threat. That’s why having Databranch by your side can be the ultimate weapon in your arsenal. Partner with us to leverage advanced technology to fortify your defenses.

Reach out to us today at 716-373-4467 option 6, or [email protected] for a free consultation and learn how our team can secure your business against evolving cyber risks.

AI has become a buzzword that often evokes a mix of awe, doubt, and even fear. Especially when it comes to cybersecurity. However, the fact is that if used effectively AI can revolutionize the way businesses like yours operate.

That’s why you must cut through the noise and separate fact from fiction if you want to leverage AI effectively. In this blog, we’ll debunk some common misconceptions about AI in cybersecurity.

Let’s dive in.

AI in Cybersecurity: Fact from Fiction

There’s a lot of misinformation surrounding AI in cybersecurity. Let’s dispel some of these common AI myths:

 

Myth: AI is the Cybersecurity Silver Bullet

Fact: AI isn’t a one-size-fits-all solution for cybersecurity. While it can efficiently analyze data and detect threats, it’s not an easy fix for everything. You can use AI security solutions as part of a multi-pronged cybersecurity strategy to automate tasks and pinpoint complex threats.

 

Myth: AI Makes Your Business Invincible

Fact:  Cybercriminals are always finding new ways to exploit your IT systems, and it’s only a matter of time before they discover ways to breach AI solutions as well. AI alone can’t protect your business. Think of AI as a top-notch security system that is made better through regular vulnerability updates and staff education.

Databranch believes that investing in employee security awareness can transform your workforce into a formidable line of defense, safeguarding your business from cybercriminals and ensuring a more resilient future. Visit us here to learn more.

 

Myth: AI is a Perfect Tool and Always Knows what it’s Doing

Fact: Don’t trust all the marketing gimmicks around AI. Yes, AI security is indeed a “super cool” tool. But keep in mind that AI is still an evolving technology, and there’s much to be perfected. Some companies make loud claims about their AI security tools. An honest vendor, however, will tell you that AI is not magic. If you give it time, AI can learn and adapt on its own.

 

Myth: AI Does Everything on its Own

Fact:  AI doesn’t fly solo! While AI is great at sniffing out suspicious activities, it still requires human intervention. You can set the goals for AI, analyze what it finds and make the final call on security decisions. There are also times when AI can sound the alarm for no reason; that’s when you need the expertise of your security team to say, “False alarm!”

Databranch utilizes an Managed Detection and Response (MDR) solution for M365 that has an integration into your Cloud environment where the MDR application begins collecting user, tenant and application data.

If the software detects unusual behavior within your tenant, it sends an alert to a 24/7 Security Operations Center (SOC) which is comprised of experts who analyze and interpret these threats in real time. An MDR employee will then review your threat detection, provide an incident report, and will deliver actionable remediations to help you resolve the issue.

Having a balance between computer automations plus employee reviews are important in cybersecurity. 

 

Myth: AI is for Big Companies with Deep Pockets

Fact:  AI security solutions are now within reach for businesses of all sizes as they are becoming more affordable and easier to use. Moreover, the availability of cloud-based AI solutions means that businesses, regardless of their size, can leverage AI without breaking the bank.

 

Empower your cybersecurity

Fortify your business with the help of AI-powered cybersecurity solutions. Don’t do it alone. Get some expert help by partnering with an experienced IT service provider like Databranch. Our IT experts can assist you in understanding your security needs, finding the perfect solutions for your business and ensuring they’re implemented effectively.

Contact us today at 716-373-4467 option 6, [email protected] or visit us here for a free consultation and learn how we can keep your business safe in the digital age.

Are you prepared to face a cybersecurity breach, a natural disaster or a system failure? Such disruptive events can strike at any moment, causing chaos and confusion.

But don’t worry. With an effective incident response plan in place, you can handle any incident with confidence.

This blog is intended to help you enhance your plan simply and straightforwardly. So, let’s dive in and make sure you’re ready for whatever comes your way.

 

Best Practices for Effective Incident Response Planning

To be well-prepared for any incident, it’s important to follow the steps below:

 

1. Identify and Prioritize Critical Data and Assets

Knowing precisely what resources you have helps you allocate them efficiently during an incident, saving time and minimizing overall damage. Threat modeling is a process used in cybersecurity that is beneficial in this regard. It involves identifying potential threats and vulnerabilities to an organization’s assets and systems.

 

2. Establish a Dedicated Team

A cohesive and well-trained team with clearly defined roles can work together to ensure an efficient and effective response.

 

3. Conduct Regular Trainings

Regular training helps keep your team informed of the latest techniques and threats, ensuring they can handle any situation with confidence. Our Breach Prevention Platform and Security Awareness Training that comes with simulated phishing tests that will train your employees in spotting real world threats.

 

4. Implement Continuous Monitoring 

Continuous monitoring systems can detect incidents early and take action before they escalate, potentially saving your organization from significant damage.

It is critical for any business to survive and thrive in today’s cybersecurity environment which is why Databranch provides a 24 x 7 proactive monitoring and alerting service for our managed clients. Visit us here to learn more and get started.

 

5. Establish Clear Communication Channels 

Clear communication channels within your team and with external stakeholders ensure that everyone is on the same page during the response, minimizing confusion and errors.

 

6. Develop a System to Categorize Incidents

Categorizing incidents based on their severity and impact ensures that you can respond appropriately to each incident, minimizing long-term damage to your organization.

 

How we can Help

All businesses today must have a solid incident response plan against ever-evolving cybersecurity threats. That’s where Databranch can be your strategic partner and your first line of defense against cyberstorms.

If you’re uncertain about how to approach incident response planning, we can help you in the following ways:

 

  • We’ll customize an incident response plan that aligns with your goals and challenges.
  • We’ll identify vulnerabilities and rank incident response planning through risk assessments.
  • We’ll help you build a fully equipped incident response team with clear roles.
  • We’ll suggest and apply advanced security technologies to boost your detection and responsibilities.
  • We’ll establish continuous monitoring to detect and respond to potential security incidents quickly.
  • We’ll ensure that your incident response plan complies with legal and regulatory requirements.
  • We’ll assist with post-incident analysis to refine response plans based on lessons learned.

 

Take Control of your Incident Response Plan

Don’t wait for a security breach to happen. Our team has years of experience and expertise to ensure the safety of your data. Take charge of your incident response plan now by contacting us at 716-373-4467 option 6, or [email protected] to schedule a no-obligation consultation with our team of experts.

You can also download our infographic to review the 4 stages of an incident response plan.

Your Essential Incident Response Plan

Don’t wait for a security breach to happen. Be proactive and plan your incident response now to address and mitigate potential threats effectively.

Name(Required)
Email(Required)

Keeping sensitive data and critical tech safe from cyberattacks is crucial for businesses like yours. Your survival and growth depend on how well your organization can withstand cyberthreats. That’s where cyber risk management comes into play.

Businesses with solid cyber risk management strategies can build formidable cyber defenses and reduce risks without compromising business growth. Besides enhancing security, it also ensures your business stays compliant.

In this blog, we’ll share the core principles of cyber risk management and show you how integrating it with a simple but effective security framework can help you achieve strategic success.  

 

Key Characteristics of Risk-Based Cybersecurity

Risk-based cybersecurity helps organizations focus their efforts and resources on the most critical risks. This approach aims to reduce vulnerabilities, safeguard what matters most to you and ensure you make informed decisions.

Here are the key characteristics of risk-based cybersecurity:

Risk reduction: By proactively identifying and neutralizing threats, you can reduce and minimize the potential impact of a cyber incident.

Prioritized investment: By identifying and assessing risks, you can concentrate your investment efforts on areas that need your attention most.

Addressing critical risks: Dealing with the most severe vulnerabilities first can help you strengthen your business security. That is why it is important to conduct vulnerability assessments regularly, at least every quarter if not more frequently. 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices to assist with vulnerability management. Visit us here to learn how we can help take this off your IT plate.

 

Cyber Risk Management Frameworks

Cybersecurity risk frameworks act as a guide that helps businesses achieve the full potential of a risk-based approach. Here are several ways frameworks can help you enhance your current cybersecurity posture:

  • Takes away the guesswork and give businesses a structured way to assess their current cybersecurity posture.
  • Helps organizations systematically focus their investments on addressing the most critical and relevant risks.
  • Provides organizations with the right guidance that helps build security, which is crucial for building customer trust.
  • Are built using controls that have been tried and tested. They essentially help businesses implement effective security controls.
  • Designed to help organizations achieve compliance with government and industry regulations.

 

NIST Cybersecurity Framework

The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) is a popular, user-friendly framework that empowers business leaders like you to boost organizational cybersecurity. Think of it as a valuable tool created by top security experts to help you protect and secure your digital assets.

Here’s how the NIST CSF supports a risk-based approach:

  • It helps you understand your risk by identifying what is most valuable to you.
  • It gives you a high view of people, processes, technology, information and other business-critical aspects that need to be secured from threats so your business can operate successfully.
  • It helps you prioritize your risks based on their impact on your business.
  • It helps you allocate your resources where they matter most and ensures you maximize your investment.
  • It promotes continuous monitoring and helps you adapt to evolving threats.

 

Secure your Future

Safeguarding your business from cyberthreats is critical for the survival and growth of your business. Don’t leave your business security to chance. Partnering with Databranch as your managed IT provider, means your business will have the security of knowing that your network is being monitored and maintained on a 24/7 basis.

Download our infographic, “Assess Your Cyber-Risks in 7 Critical Steps,” and strengthen your defenses against lurking cyber dangers.

 

Assess Your Cyber-Risk in 7 Critical Steps

In today’s ever-evolving threat landscape, fortifying your business against cyber-risks is paramount.

Name(Required)
Email(Required)

We live in an era where organizations are increasingly aware of the ever-changing cybersecurity landscape. Despite billions of dollars invested worldwide to fend off cyberthreats, cybercriminals still manage to penetrate even the strongest security defenses.

They relentlessly exploit vulnerabilities with one primary target in mind — employees. Cybercriminals perceive employees as the weakest link in an organization’s cybersecurity perimeter. However, you can address and shore up this vulnerability through proper training.

Strengthening employee security awareness is paramount in safeguarding your business. In this blog, we’ll look at why employees are prime targets for cybercriminals and explore the critical significance of enhancing their security awareness. By recognizing vulnerabilities, we can proactively mitigate risks and empower your workforce to actively defend against cyberattacks.

 

The Vulnerabilities Within

Is your organization dealing with any of the following?

 

Lack of Awareness

One of the key reasons employees fall prey to cybercriminals is their limited knowledge of common cybersecurity threats, techniques and best practices. Cybercriminals can launch phishing attacks, malware infections and social engineering ploys by exploiting this knowledge gap among your employees.

 

Privileged Access

Employees often hold privileged access to critical systems, sensitive data or administrative privileges that cybercriminals crave. By compromising your employees’ accounts, cybercriminals can gain unauthorized access to valuable assets, wreaking havoc within your organization.

 

Social Engineering Tactics

Cybercriminals are masters of manipulation, leveraging social engineering tactics to deceive employees into disclosing sensitive information, sharing login credentials or unwittingly compromising security measures. These tactics can exploit human emotions, trust and curiosity, making your employees unintentional accomplices in cybercrime.

 

Bring Your Own Device (BYOD) Trend

The rising trend of BYOD can expose your organization to additional risks. Employees accessing business information and systems from personal devices that often lack the robust security controls of company-issued devices create vulnerabilities that cybercriminals can exploit.

 

Remote/Hybrid Work Challenges

The shift towards remote and hybrid work arrangements introduces new security challenges for businesses like yours. Unsecured home networks, shared devices and distractions can divert employee focus from cybersecurity best practices, increasing their susceptibility to attacks.

 

Best Practices for Developing an Engaging Employee Security Training Program

To fortify your organization’s security, implement an engaging employee security training program using these best practices:

 

Assess Cybersecurity Needs

Understand the specific cybersecurity risks and requirements your organization faces. Identify areas where employees may be particularly vulnerable.

 

Define Clear Objectives

Set concrete goals for your training program, outlining the desired outcomes and essential skills employees should acquire.

 

Develop Engaging Content

Create interactive and easily digestible training materials for your employees. Use real-life examples and scenarios to make the content relatable and memorable.

 

Tailor Targeted Content

Customize the training to address your organization’s unique challenges and risks. Make it relevant to employees’ roles and responsibilities.

 

Deliver Consistent, Continuous Training

Establish a regular training schedule to reinforce cybersecurity awareness and foster a culture of ongoing learning. Keep your employees up to date with the latest threats and preventive measures.

 

Measure Effectiveness and Gather Feedback

Continuously evaluate your training program’s effectiveness through assessments and feedback mechanisms. Use the data to refine and improve the program.

 

Foster a Cybersecurity Culture

Encourage employees to take an active role in cybersecurity by promoting open communication, incident reporting and shared responsibility for protecting company assets.

 

Collaborate for Success

Investing in employee security awareness can transform your workforce into a formidable line of defense, safeguarding your business from cybercriminals and ensuring a more resilient future.

Ready to empower your employees as cybercrime fighters but unsure where to start?

Contact Databranch today at 716-373-4467 x6 or [email protected]. We can discuss our Breach Prevention Platform and Security Awareness Training with simulated phishing tests that engages your team and strengthens your organization’s defenses against evolving cyberthreats.

 

What is Ransomware?

Ransomware is a type of malware that encrypts data on a computer or network into an unreadable format until a sum of money, or ransom, is paid.

 

How does Ransomware Work?

When run, ransomware will scan the file storage disk for files to encrypt – typically documents, spreadsheets, etc. The files are encrypted with a key that only the attackers know, thus preventing your access to the files. Then, threat actors hold you files hostage, demanding a ransom to be paid for you to get your access back.

 

How do Hackers Sneak into an Environment?

Hackers are stealthy and can sneak in using many different approaches. Here are a few of the most popular ways that hackers gain access:

  • Phishing: This is when a threat actor tricks someone into handling over their sensitive, personal information, such as a credit card or Social Security number. The victim believe they’re handing over their information to a trustworthy resource when in reality, they’re giving their information to threat actors.
  • Public-Facing Vulnerabilities: Threat actors scour the internet looking for systems with known vulnerabilities. Then, they exploit them to gain access to the environment.
  • Drive-By Downloads: This is when someone navigated to a malicious webpage and unknowingly downloads malicious code to their computer – all by visiting the webpage.
  • Purchased Access: There’s a marketplace for everything these days, and cyberattacks are no exception. The dark web is a treasure trove of hackers for hire and deployable ransomware for download.

 

Ransomware Prevention

  1. Keep your computer updated and patched.
  2. Verify, then trust.
  3. Make sure your connection to a site is secure before submitting any personal information.
  4. Stay up-to-date on the latest cybersecurity education.

 

Ransomware Detection

Prevention is only part of the puzzle. Some attacks are virtually impossible to prevent. It all comes down to fast detection and response times, which help you combat tomorrow’s threats that may not be detectable today.

The most efficient way to detect ransomware is to leverage the tools in your security stay. 

Secure your business with a cybersecurity platform that secure your business and detects hackers. To protect our managed clients, we deploy a suite of cybersecurity tools that are backed by a 24/7 Threat Operations Center that worked to protect your assets and evict malicious actors.

Reach out to Databranch today at 716-373-4467 x115 or [email protected] to learn more.

 

Companies both large and small share this one cybersecurity problem. They have computers that are still running older operating systems. Staff might use these devices only occasionally or the company may be running customized software that won’t run on newer OS versions.

The problem is that when the OS becomes outdated, the system is open to cyberattacks. When Microsoft or another developer retires an OS, it means that it is no longer supported. No more feature updates and no more security patches for newly found vulnerabilities.

The latest operating system to lose all support is Windows 8.1. Microsoft released the OS in 2013, and it was officially retired on January 10, 2023. Microsoft issued the following warning for companies:

“Continuing to use Windows 8.1 after January 10, 2023 may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.”

Here are a few facts you should know about what this retirement of Windows 8.1 means.

 

The OS Will Still Technically Work

When an operating system reaches its end of life, it doesn’t just stop working. Thus, many companies go on using it without realizing the security risk. Technically, the OS will work as it did the day before retirement. But it’s a lot less safe due to the loss of support.

 

Your System Will No Longer Receive Security Patches

Software and OS vulnerabilities are sought out and exploited all the time. This is what hackers do for a living. The vulnerability cycle usually begins with hackers finding a software “loophole.” They then write code to exploit it that allows them some type of system access.

The software developer learns of this, usually once hackers start breaching systems. They write code to fix that vulnerability. Developers then send the fix to users via an update that they install. This protects the device from one or more hacker exploits.

When an OS reaches its end of life, these fixes are no longer made. The developer has moved on to focus on its newer products. So, the vulnerability remains. It leaves a device vulnerable to hacks for days, months, or years afterward.

Approximately 61% of security vulnerabilities in corporate networks are over five years old.

Visit us here to learn more about penetration testing and how it helps identify the vulnerabilities in your business.

 

Options for Upgrading

If you have a computer that is still running Windows 8.1, you have two options for upgrading. You can opt for Windows 10 or Windows 11. If the computer is running such an old OS, there is a chance your system may not meet the requirements for one or both. In this case, you may need to buy a new device altogether.

Microsoft states that there is no free option to upgrade from 8.1 to Windows 10 or 11. Some of the advantages you gain when upgrading include:

  • Better built-in security
  • Faster processing
  • Capability for more modern features (like facial recognition)
  • Improved accessibility features
  • Updated productivity tools (like snap layouts in Windows 11)

 

What Happens If I Don’t Upgrade?

 

Security & Compliance Issues

Your data security is at risk if you stay on Windows 8.1. Without any security updates, any vulnerabilities will stay unpatched. This leaves your system highly vulnerable to a breach. One hacked system on a network can also cause the breach or malware infection to spread to newer devices.

If you have to comply with a data privacy regulation, like HIPAA, you’ll also run into issues. Data privacy rules dictate making reasonable efforts to protect data. Using a device with an outdated OS jeopardizes meeting compliance. 

 

Slowed Productivity

The older a system gets, the slower it will get. Staff that must work on outdated software often complain that it hurts productivity. 77% of surveyed employees were frustrated with outdated tech. Employees dealing with outmoded systems may also quit. They are 450% more likely to want to leave and work elsewhere.

An outdated operating system can hold your staff back. They miss out on modern time-saving features. They can also run into problems with bugs that will no longer get fixed.

 

Incompatibility With Newer Tools

Software and hardware developers aren’t looking back. Once Microsoft retires an OS, they aren’t prioritizing its compatibility. In fact, some may not want their product to be compatible with it because of the liability.

When you have issues using modern software and hardware it hurts your business. You become less competitive and begin to fall behind. Staying on an outmoded OS keeps you stuck in the past.

 

Get Help With Your Windows Upgrades

 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. To learn more about how we can help take this off your IT plate or help your organization upgrade to a system with a supported operating system, call 716-373-4467 x 115, email [email protected] or visit us here to learn more.

 

Article used with permission from The Technology Press.

 

When the year is coming to a close, it’s the perfect time to plan for the future. Most businesses begin the year with the hope of growing and improving operations. Much of how a business operates depends on technology. So, it makes sense to look to your IT for areas of optimization.

A year-end technology review provides an opportunity to look at several areas of your IT. The goal is to take time to focus on improvements you can make to boost your bottom line. As well as what tactics to take to reduce the risk of a costly cyberattack.

A recent study by Deloitte looked at digitally advanced small businesses. Small businesses that make smart use of technology are well ahead of their peers. Here are some of the ways they excel:

  • Earn 2x more revenue per employee
  • Experience year-over-year revenue growth nearly 4x as high 
  • Had an average employee growth rate over 6x as high

The bottom line is that companies that use technology well, do better. They are also more secure. According to IBM, businesses that have an incident response plan reduce the costs of a data breach by 61%Using security AI and automation can lower costs by 70%.

As the year is coming to an end, take some time to do a technology review with one of our experienced team members. This will set you up for success and security in the coming year.

 

Considerations When Reviewing Your Technology at Year-End

The goal of a year-end technology review is to look at all areas of your IT infrastructure. Security, efficiency, and bottom-line considerations will be the key drivers for future initiatives.

 

Technology Policies

When technology policies get outdated, people stop following them. Review all your policies to see if any of them need updating to reflect new conditions. For example, if you now have some staff working from home, make sure your device use policy reflects this.

When you update policies, let your employees know. This gives them a refresher on important information. They may have forgotten certain things since onboarding.

 

Disaster Recovery Planning

When is the last time your company did an incident response drill? Is there a list of steps for employees to follow in the case of a natural disaster or cyberattack?

Take time to look at disaster recovery planning for the new year. You should also put dates in place for preparedness drills and training in the coming months.

Interested in learning more? Click here to read about the backup recovery and disaster recovery solutions we have available to protect your business.

 

IT Issues & Pain Points

You don’t want to go through a big IT upgrade without considering employee pain points. Otherwise, you might miss some golden opportunities to improve staff productivity and wellbeing.

Survey your employees on how they use technology. Ask questions about their favorite and least favorite apps. Ask what struggles they face. Let them tell you how they feel technology could improve to make their jobs better.

This, in turn, benefits your business. It can also help you target the most impactful improvements.

 

Privileged Access & Orphaned Accounts

Do an audit of your privileged accounts as part of your year-end review. Over time, permissions can be misappropriated. This leaves your network at a higher risk of a major attack.

You should ensure that only those that need them have admin-level permissions. The fewer privileged accounts you have in your business tools, the lower your risk. Compromised privileged accounts password open the door to major damage. Read more about local admin privileges and the associated risks.

While going through your accounts, also look for orphaned accounts. You need to close these because they’re no longer used. Leaving them active poses a security risk.

 

IT Upgrade & Transformation Plans for the New Year

If you make IT upgrades and decisions “on the fly” it can come back to bite you. It’s best to plan out a strategy ahead of time, so you can upgrade in an organized way.

Have a vulnerability assessment performed. This gives you a list of potential problems your company should address. Eliminating vulnerabilities improves your cybersecurity and planning ahead will allow you to budget for your upgrades while avoiding unplanned expenses

Request your free baseline security assessment here.

 

Cloud Use & Shadow IT

Review your use of cloud applications. Are certain apps hardly used? Do you have redundancies in your cloud environment? A review can help you cut waste and save money.

Also, look for uses of shadow IT by employees. These are cloud applications that are being used for work but did not go through approval. Management may not even be aware of them. Remove this security risk by either closing the accounts or officially approving them.

 

Customer-Facing Technology

Don’t forget to look at the customer experience of your technology infrastructure. Go through your website and contact process as a customer would.

If you get frustrated by things like site navigation, then your customers and leads may be too. Include optimizations to your customer-facing technology in your new year plans.

 

Schedule a Technology & Security Assessment Today!

We can help you with a thorough review of your technology environment to give you a roadmap for tomorrow. Contact us today at 716-373-4467 x 115, [email protected], or fill out the form below to see how we can make the most out of your technology infrastructure for next year.

 

 

Article used with permission from The Technology Press.

 

Software vulnerabilities are an unfortunate part of working with technology. A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.

The developer issues a patch to fix the vulnerability but it’s not long before a new feature update causes more. It’s like a game of “whack-a-mole” to keep your systems secure.

Keeping up with new vulnerabilities is one of the top priorities of IT management firms. It’s important to know which software and operating systems are being attacked.

Without ongoing patch and update management, company networks are vulnerable while these attacks are completely avoidable. 82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities. 

What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA).

 

Make Sure to Patch Any of These Vulnerabilities in Your Systems

 

Microsoft Vulnerabilities

Microsoft vulnerabilities include those in three of its products. Internet Explorer (IE) is one of them. Microsoft discontinued IE in June of 2022. You should remove this from any computers that still have it installed.

You’ll see the acronym “CVE” used in the vulnerability names. This is an industry-standard naming structure. It stands for Common Vulnerabilities and Exposures.

Here is a rundown of these vulnerabilities and what a hacker can do:

  • CVE-2012-4969: This Internet Explorer vulnerability allows the remote execution of code. This is a “critical” vulnerability because of the damage it enables. Hackers can release this via a website. Thus, formerly safe sites can become phishing sites when hackers exploit this loophole.
  • CVE-2013-1331: This is a flaw in the code for Microsoft Office 2003 and Office 2011 for Mac. It enables hackers to launch remote attacks. It exploits a vulnerability in Microsoft’s buffer overflow function. This allows hackers to execute dangerous code remotely.
  • CVE-2012-0151: This issue impacts the Authenticode Signature Verification function of Windows. It allows user-assisted attackers to execute remote code on a system. “User-assisted” means that they need the user to assist in the attack. Such as by opening a malicious file attachment in a phishing email.

 

Google Vulnerabilities

Google Chrome and applications built using Google’s Chromium V8 Engine are also on the list. These applications are targets of the following vulnerabilities.

  • CVE-2016-1646 & CVE-2016-518: These both allow attackers to conduct denial of service attacks. They do this against websites through remote control. This means they can flood a site with so much traffic that it crashes.
  • Those aren’t the only two code flaws that allow hackers to crash sites this way. CVE-2018-17463 and CVE-2017-5070 are two others that both do the same thing. Like all these others, they both have patches already issued that users can install to fix these holes.

 

Adobe Vulnerabilities

People use Adobe Acrobat Reader widely to share documents. It makes it easy to share them across different platforms and operating systems. But it’s also a tool that’s on this list of popular vulnerabilities. 

  • CVE-2009-4324: This is a flaw in Acrobat Reader that allows hackers to execute remote code via a PDF file. This is why you can’t trust that a PDF attachment is going to be safer than other file types. Remember this when receiving unfamiliar emails.
  • CVE-2010-1297: This memory corruption vulnerability. It allows remote execution and denial of service attacks through Adobe Flash Player. Like IE, the developer retired Flash Player. It no longer receives support or security updates. You should uninstall this from all PCs and websites.
  •  

Netgear Vulnerability

Netgear is a popular brand of wireless router. The company also sells other internet-connected devices. These are also vulnerable, due to the following flaws. 

  • CVE-2017-6862: This flaw allows a hacker to execute code remotely. It also enables bypassing any needed password authentication. It’s present in many different Netgear products.

 

Cisco Vulnerability

  • CVE-2019-15271: This is a vulnerability in the buffer overflow process of Cisco RV series routers. It gives a hacker “root” privileges. This means they can basically do anything with your device and execute any code they like.

 

Patch & Update Regularly!

These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added here.

How do you keep your network safe from these and other vulnerabilities?  You should patch and update regularly. Work with a trusted IT professional to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network.

 

Automate Your Cybersecurity Today

Patch and update management is just one way that we can automate your cybersecurity. Contact us today at 716-373-4467 x 115, [email protected] or fill out the form below to learn how else we can help by scheduling a consultation today. 

 

Article used with permission from The Technology Press.

Heads Up Financial Institutions!

The Federal Trade Commission (FTC) announced the first cybersecurity updates to the Gramm Leach-Bliley Act (GLBA) Safeguards Rule since 2003. The new rule strengthens the required security safeguards for customer information. This includes formal risk assessments, access controls, regular penetration testing and vulnerability scanning, and incident response capabilities, among other things.

Most of these changes go into effect in December 2022, to provide organizations time to prepare for compliance. Below, details the changes in comparison to the previous rule.

Background on the Safeguards Rule

GLBA requires, among other things, a wide range of “financial institutions” to protect customer information. Enforcement for GLBA is split up among several different federal agencies, with FTC jurisdiction covering non-banking financial institutions in the Safeguards Rule. Previously, the Safeguards Rule left the implementation details of several aspects of the information security program up to the financial institution, based on its risk assessment.

The Safeguards Rule broad definition of “financial institutions” includes non-bank businesses that offer financial products or services — such as retailers, automobile dealers, mortgage brokers, non-bank lenders, property appraisers, tax preparers, and others. The definition of “customer information” is also broad, to include any record containing non-public personally identifiable information about a customer that is handled or maintained by or on behalf of a financial institution.

Updates to the Safeguards Rule

Many of the other updates’ concern strengthened requirements on how financial institutions must implement aspects of their security programs. Below is a short summary of the changes.

Overall Security Program

Current rule: Financial institutions must maintain a comprehensive, written information security program with administrative, technical, and physical safeguards to ensure the security, confidentiality, and integrity of customer information.

Updated rule: The updated rule now requires the information security program to include the processes and safeguards listed below (i.e., risk assessment, security safeguards, etc.).

Effective date: December 2022

Risk Assessment

Current rule: Financial institutions are required to identify internal and external risks to security, confidentiality, and integrity of customer information. The risk assessment must include employee training, risks to information systems, and detecting and responding to security incidents and events.

Updated rule: The update includes more specific criteria for what the risk assessment must include. This includes criteria for evaluating and categorizing of security risks and threats, and criteria for assessing the adequacy of security safeguards. The risk assessment must describe how identified risks will be mitigated or accepted. The risk assessment must be in writing.

Effective date: December 2022

Security Safeguards

Current rule: Financial institutions must implement safeguards to control the risks identified through the risk assessment. Financial institutions must require service providers to maintain safeguards to protect customer information.

Updated rule: The updated rule requires that the safeguards must include

  • Access controls, including providing the least privilege;
  • Inventory and classification of data, devices, and systems;
  • Encryption of customer information at rest and in transit over internal networks;
  • Secure development practices for in-house software and applications;
  •  Multi-factor authentication;
  • Secure data disposal;
  •  Change management procedures; and 
  • Monitoring activity of unauthorized users and detecting unauthorized access or use of customer information.

Effective date: December 2022

Testing and Evaluation

Current rule: Financial institutions must regularly test or monitor the effectiveness of the security  safeguards and make adjustments based on the testing.

Updated rule: Regular testing of safeguards must now include either continuous monitoring or periodic penetration testing (annually) and vulnerability assessments (semi-annually).

Effective date: December 2022

Incident Response

Current rule: Financial institutions must include cybersecurity incident detection and response in their risk assessments and have safeguards to address those risks.

Updated rule: Financial institutions are required to establish a written plan for responding to any security event materially affecting confidentiality, integrity, or availability of customer information.

Effective date: December 2022

Workforce and Personnel

Current rule: Financial institutions must designate an employee to coordinate the information security program. Financial institutions must select service providers that can maintain security and require service providers to implement the safeguards.

Updated rule: The rule now requires designation of a single “qualified individual” to be responsible for the security program. This can be a third-party contractor. Financial institutions must now provide security awareness training and updates to personnel. The rule now also requires periodic reports to a Board of Directors or governing body regarding all material matters related to the information security program.

Effective date: December 2022

Scope of Coverage

Updated rule: The FTC update expands on the definition of “financial institution” to require “finders” — companies that bring together buyers and sellers — to follow the Safeguards Rule. However, financial institutions that maintain customer information on fewer than 5,000 consumers are exempt from the requirements of a written risk assessment, continuous monitoring or periodic pen testing and/or vulnerability scans, incident response plan, and annual reporting to the Board.

Effective date: November 2021 (unlike many of the other updates, this item was not delayed for a year)

Incident Reporting

In addition to the above, the FTC is also considering requirements that financial institutions report cybersecurity incidents and events to the FTC. Similar requirements are in place under the Cybersecurity Regulation at the New York Department of Financial Services. If the FTC moves forward with these incident reporting requirements, financial institutions could expect the requirements to be implemented in early 2023.

Financial institutions with robust security programs will already be performing many of these practices. For them, the updated Safeguards Rule will not represent a sea change in internal security operations. However, by making these security practices a formal regulatory requirement, the updated Safeguards will make accountability and compliance even more important.

 

Interested in speaking with an experienced team member about the material covered in this article? Contact us today at 716-373-4467 x 115 or [email protected] to schedule your appointment.

Administrative Privileges AI AI algorithms AI in Cybersecurity Annual Security Training Anti-Virus Artificial Intelligence Authenticator App Backup and Recovery Backup Redundancy BCDR BEC breach prevention Breach Prevention Platform Breaches business continuity Business Email Compromise Business Email Compromises Business Phone System Business Software BYOD Call Directory Cisco Cloud Accounts Cloud Data Backup Cloud Infrastructure Cloud Security Cloud Solutions Comprehensive Cybersecurity Compromised Credentials computer support Computer Upgrades Conditional Access Credential Theft Cyber Attacks Cyber Criminals Cyber Defenses Cyber Insurance cyber liability insurance Cyber Risk Management Cyberattacks Cyberinsurance cybersecurity Cybersecurity Awareness month Cybersecurity Breach Cybersecurity Culture Cybersecurity Strategy Cybersecurity Training Cybersecurity Webinar Dark Web Dark Web Monitoring Data Backup Data Backup and Recovery Data Backup Solution Data Breach Data Breaches Data Governance Data Management Data Privacy Compliance Data Privacy Regulation data protection Data Recovery Data Restoration Data Security deepfake Deepfakes Defense in Depth Denial of Service Device Security Disaster Recover Disaster Recovery DNS Filtering doug wilson employee cybersecurity training Endpoint Detection and Response field technician Foundation Security Gift Card Scams Hackers Hosted VoIP i.t. service provider Identity Theft incident response plan Incident Response Planning Insider Threats Internet Explorer Internet of Things Intrusion Detection Intrusion Prevention IoT Devices IT Compliance IT Infrastructure IT Myths IT Partner IT Policies IT Resource IT Security IT Service Provider IT Services Juice Jacking Local Admin local admin privileges Lost Devices M365 malware Managed Clients Managed Detection and Response Managed IT managed service provider managed services Manages Services MDR MFA Microsoft Microsoft 356 Microsoft 365 Copilot Microsoft Office Mobile Devices MSP MSP501 Multi-Factor Authentication Network Monitoring Network Security Network Testing New Computer NIST Framework Offboarding Office 365 Outlook Outsourced IT password management Password Manager Password Managers Password Protection password security Passwords Patch Management Patches Patching PC Performance Penetration Testing Personal Data phishing Phishing Attacks PII Proactive Monitoring Processor productivity Professional Tune-Up Public WiFi Push-Bombing RAM Ransomware Ransomware Prevention Recovery point objective Recovery Time Calculator Recovery time objective Remote Monitoring Remote Working repeatbusinesssystems Ring Groups risk assessment Risk Management Risk Tolerance Rock-It VoIP RPO RTO RTO Costs SaaS Scammers Scams security Security Assessment Security Awareness Training Security Defaults Security Key Security Scans SLAM Method Smishing SMS Social Engineering Social Media Security Software-as-a-Service Solid-State Drive Sponsored Google Ads SSD stolen credentials Storage Teams technical support scam technology best practices Technology Management Technology Policies Technology Review Threat Detection Threat Identification Threat Modeling Updates virus VoIP Systems VPN Vulnerabilities Vulnerability Assessment Warning Signs Webinar Windows 8.1 Work Computers World Backup Day