1.888.749.9800

paul

Protecting from Phishing and Spear-Phishing

SystemExperts Corporation is aware that many companies are seeing spear-phishing attempts where the emails purport to be from internal employees. We have also heard reports that compromised email accounts have been used to send spear-phishing emails to third-parties and the owner of the compromised accounts do not see the emails being sent on their behalf, nor the […]

By |October 15th, 2018|Blog, Security Breach|Comments Off on Protecting from Phishing and Spear-Phishing

Three Cyber Security Tips for Small Businesses

There are three critical security controls that all small businesses should implement if they are just starting to address security. These are:

  1. Keep your systems up to date by applying all security updates
  2. Make sure you have daily backups of all critical data and be sure to test the […]
By |June 28th, 2018|Blog|Comments Off on Three Cyber Security Tips for Small Businesses

How to Prevent a Ransomware Attack

It is always better to be proactively prepared and prevent ransomware attacks than having to react after an attack occurs. Paying the ransom is not recommended.

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The “No More Ransom” website is an initiative by […]

By |February 16th, 2018|Blog, Security Breach|Comments Off on How to Prevent a Ransomware Attack

Intel’s Meltdown and Spectre Vulnerabilities

By now you have probably read some articles about the Meltdown and Spectre vulnerabilities but you may still be seeking guidance for how your organization should react.

First a quick recap, Meltdown and Spectre were announced early in January of 2018. Unlike most other vulnerabilities, Meltdown and Spectre exploit critical vulnerabilities in modern processors. Meltdown primarily […]

By |January 29th, 2018|Blog|Comments Off on Intel’s Meltdown and Spectre Vulnerabilities

Tips to Prevent Online Identity Theft

There are few new trends in online identity theft, although some attacks are becoming more sophisticated, the basic steps to prevent exploits remains the same.

Be on the lookout for attacks that use broken English in the message body. While most now use proper English and use the same style and logos that are used by […]

By |April 24th, 2017|Blog, Security Breach|Comments Off on Tips to Prevent Online Identity Theft

Network Access Control (NAC)

Controlling access to the network is fundamental security control. For shared networks, the capability of users to connect to the network should be restricted. Well known security frameworks such as ISO 27002, Information technology – Security techniques – Code of practice for information security management, includes this control as a recommendation. And the […]

By |April 11th, 2017|Blog, ISO 27002, Uncategorized|Comments Off on Network Access Control (NAC)

Impact of a Data Breach on a Small Business

While our main focus is as a provider of IT compliance and security consulting services, we have been called in to help a few small businesses handle security incidents and data breaches. These calls come to us after the client has discovered there’s been a security incident or data breach and as a result is seeking to […]

By |February 20th, 2017|Blog, Security Breach|Comments Off on Impact of a Data Breach on a Small Business

Important Sources of Threat Intelligence for Security Teams

The goal of threat intelligence (TI) is to recognize indicators of attacks as they progress and act upon those indicators in a timely manner. TI is not a mature area for most organizations.

While tools to automate TI exist and are evolving, most organizations are still using informal ad hoc mechanisms or a small number […]

By |September 26th, 2016|Blog, Security Breach|Comments Off on Important Sources of Threat Intelligence for Security Teams

Cybersecurity Responsibilities for SMBs

Cybersecurity is a topic that many small and most medium-sized businesses care about due to all of the news stories about data breaches, identity theft, and ransomware that have appeared in the last several years.  Some small and medium-sized businesses have realized that having a strong cybersecurity program can be a strategic asset for their particular market […]

By |September 9th, 2016|Blog, Security Breach|Comments Off on Cybersecurity Responsibilities for SMBs
  • Permalink Gallery

    DNS: How it Works and Best Practices to Defend Against DNS-based Threats

DNS: How it Works and Best Practices to Defend Against DNS-based Threats

The Domain Name System (DNS) is a central element in the addressing and routing of all communication over the Internet. Many enterprise IT security professionals don’t always know how DNS works, or how attackers might use it to compromise their data. Following is a discussion about recent attacks and exploits that use DNS and some best practices for defending […]

By |July 6th, 2016|Blog|Comments Off on DNS: How it Works and Best Practices to Defend Against DNS-based Threats
  • Permalink Gallery

    Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

Based on the science of cryptography, encryption is the process of coding and decoding messages to keep them secure, and is often touted as the silver bullet for cybersecurity woes. But is it really the cure-all?

The classic model of information security starts with the triad of Confidentiality, Integrity, and Availability. Cryptography is critical to providing […]

By |March 15th, 2016|Blog, Security Breach|Comments Off on Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

So You Had a Security Breach – Now What Do You Do?

A great way to start out the New Year is to review your company policies and procedures in the event of a security breach. Following is a checklist to help you get started:

  1. Document company policy, plans and procedures.
  2. Make sure the plans and procedures are fully tested […]
By |January 21st, 2016|Blog, Security Breach|Comments Off on So You Had a Security Breach – Now What Do You Do?
  • Permalink Gallery

    Windows Hello Biometrics: how well do the security options work, what to look out for and when are they appropriate

Windows Hello Biometrics: how well do the security options work, what to look out for and when are they appropriate

Many security pundits have been saying passwords must go for years, and biometrics are an alternative to passwords, but not all security professionals believe biometrics are the best alternative to passwords.

Microsoft Windows 10 provides native support of biometric authentication and as result many people are  making a new look […]

By |December 14th, 2015|Blog|Comments Off on Windows Hello Biometrics: how well do the security options work, what to look out for and when are they appropriate

IT Security Industry Predictions for 2016

While it is impossible to predict the future (since I don’t really have a crystal ball) I can offer the following predictions for security trends to watch for in 2016:

  • We will continue to witness large scale data breaches that could have been prevented if only well established security practices had actually been applied.
  • Companies […]
By |December 3rd, 2015|Blog|Comments Off on IT Security Industry Predictions for 2016

BYOD Security and the Mobile Market

BYOD security is a frequent topic among IT security experts. This, my third BYOD post this year, focuses on the mobile market. (Post one, Always-on Access Brings Always-Threatening Security Risks, June 25, 2015; Post two, Device Settings that Help Prevent Unauthorized Information Disclosure, July 13, 2015.)

The mobile market continues to be […]

By |November 3rd, 2015|Blog, BYOD|Comments Off on BYOD Security and the Mobile Market