1.888.749.9800

jon

Cybersecurity Tips for the Holiday Season

In my last post I offered tips to keep personal online holiday shopping safe and to help prevent fraud on any of your accounts. Today I’d like to offer small retailers some advice to make sure their IT infrastructure is up-to-date and ready to handle the holiday rush.

Before the holiday season kicks into high […]

By |November 15th, 2018|Blog, Security Breach|Comments Off on Cybersecurity Tips for the Holiday Season

Cybersecurity Do’s and Don’ts for the Holiday Season

As the holiday season quickly approaches, I thought it appropriate to share some tips I’ve talked about in the past to keep your online holiday shopping safe and to help prevent fraud on any of your accounts. That leads to my first tip:

  • Consolidate all of your online purchases onto a single credit […]
By |November 6th, 2018|Blog|Comments Off on Cybersecurity Do’s and Don’ts for the Holiday Season

How to Protect Your Security Online

I was recently asked a series of questions about how to protect your security online. I’d like to share the answers here – and please feel free to reach out if you have any comments.

1. How can you create the best passwords that are hacker-proof but easy to remember?  

The best passwords aren’t […]

By |September 11th, 2018|Blog, Security Breach|Comments Off on How to Protect Your Security Online
  • Permalink Gallery

    What Questions Should an SMB Ask When Hiring Outside Cyber Security Help

What Questions Should an SMB Ask When Hiring Outside Cyber Security Help

Choosing the right cyber security consultants for an SMB can feel intimidating, but it doesn’t have to be. You don’t have to know much about cyber security to ask the right hiring questions.

To make an informed decision, an SMB should ask about the consultant’s qualifications, track record, quality of work, breadth of technical services, payment model, and […]

By |May 23rd, 2018|Blog|Comments Off on What Questions Should an SMB Ask When Hiring Outside Cyber Security Help

Top Tips for World Password Day – May 4th

To commemorate World Password Day today, I thought I’d share my top tips for for creating passwords.  They are very basic, but if you follow these guidelines, you will have a added layer of protection for your digital information.

1. A password should not be a dictionary word.

2. A password should not be easily guessable (i.e. “go pats”).

3. A password should not be […]

By |May 4th, 2018|Blog|Comments Off on Top Tips for World Password Day – May 4th
  • Permalink Gallery

    Why Phishing and Social Engineering Continue to be so Popular

Why Phishing and Social Engineering Continue to be so Popular

Phishing and social engineering continue precisely because they are so effective!

Sophisticated User: If you are the vice president of customer service and you receive an email purportedly from the Better Business Bureau that contains a link to Complaint #67587 about one of your products, how do you not click through on that embedded link?

By |January 4th, 2018|Blog, Security Breach|Comments Off on Why Phishing and Social Engineering Continue to be so Popular

Most Commonly Overlooked Components of Operational Security

I was recently asked to comment on the most commonly overlooked components of operational security. To get the correct answer, sometimes it helps to take a step back and make sure you are asking the right question. The question should be “How do you ensure that your security program satisfies your operational security requirements?” With that question, […]

By |September 5th, 2017|Blog, ISO 27002|Comments Off on Most Commonly Overlooked Components of Operational Security
  • Permalink Gallery

    What role should security analytics play in information security programs today?

What role should security analytics play in information security programs today?

No one can argue that analyzing the security state of your IT environment (in a comprehensive and integrated manner) and taking proactive measures to prevent security incidents is the right way to manage an IT operation.  

The problem with Security Analytics isn’t a failure of vision; everyone agrees that we should be able to take […]

By |August 17th, 2017|Blog|Comments Off on What role should security analytics play in information security programs today?
  • Permalink Gallery

    The Future of Our Energy Grid: Vulnerabilities as it Shifts from Fossil Fuels to Renewable Sources

The Future of Our Energy Grid: Vulnerabilities as it Shifts from Fossil Fuels to Renewable Sources

Our electric grid is comprised of generation facilities, high voltage transmission networks, substations, renewable point generation sources, and low voltage distribution networks.

Protecting the electric grid from cyber-attacks is complicated by its enormous scale – upwards of 7,000 power plants, more than 150,000 miles of high voltage transmission lines, and more than 50,000 substations. Some are […]

By |August 1st, 2017|Blog, Security Breach|Comments Off on The Future of Our Energy Grid: Vulnerabilities as it Shifts from Fossil Fuels to Renewable Sources
  • Permalink Gallery

    Some Basic but Effective Advice for Secure Online Transactions

Some Basic but Effective Advice for Secure Online Transactions

Just about everybody shops online these days. Even so, many people worry about security issues and fraud.  I was recently asked if I could share some high-level tips and best practices for online transactions. Here is what I recommend:

  1. Try to consolidate all online purchases onto a single credit or debit card.  That way, you […]
By |March 10th, 2017|Blog|Comments Off on Some Basic but Effective Advice for Secure Online Transactions

Importance of Following IT Security Policies

Just as in the 1980s when manufacturing companies recognized that quality was an attribute that had to baked into every facet of an organization (from design, production, delivery, and through product lifecycle), not inspected in at the end of the process, effective cyber security depends on every employee playing a part in keeping the enterprise secure.

The most sophisticated and […]

By |February 6th, 2017|Blog|Comments Off on Importance of Following IT Security Policies
  • Permalink Gallery

    Why it is Important for Companies to Invest in Cybersecurity Awareness Training

Why it is Important for Companies to Invest in Cybersecurity Awareness Training

Technology is only as effective as the people that operate it.

Cybersecurity awareness training is the most cost effective investment any organization can make in preventing data breaches, system compromise, reputational damage, and loss of intellectual property.

No one is born knowing how to use computers and networks securely. There are basic dos and don’ts […]

By |January 17th, 2017|Blog, Security Breach|Comments Off on Why it is Important for Companies to Invest in Cybersecurity Awareness Training

How are Hackers Tricking Social Media Users?

One of the most popular exploitation methods used by hackers when targeting social media users is social engineering. Using confidence tricks, a hacker can manipulate his target into performing actions or disclosing confidential information. If pulled off successfully, a social engineering attack could result in a hacker gaining complete access to its target’s social media account with little effort.

One […]

By |December 20th, 2016|Blog|Comments Off on How are Hackers Tricking Social Media Users?
  • Permalink Gallery

    Important Tip for Companies Looking to Protect Unstructured Data

Important Tip for Companies Looking to Protect Unstructured Data

Most companies are very good at protecting data that they know about and consider sensitive – they restrict access to the HR systems where compensation data is available.  They put access controls and monitoring procedures on systems that store critical intellectual property like formulas or key financial analytics.

Typically, they have formal policies and associated technology […]

By |October 19th, 2016|Blog, Security Breach|Comments Off on Important Tip for Companies Looking to Protect Unstructured Data

Reducing the Risks of Shadow IT

I was recently asked to comment on what businesses can do to reduce the security risks of Shadow IT. To read the full article click here and if you just want to read my comments – see below.

Plain talk shadow IT exists when corporate IT is failing in a fundamental way.

Weve seen currency traders set up […]

By |July 19th, 2016|Blog, BYOD|Comments Off on Reducing the Risks of Shadow IT