1.888.749.9800

paul

How important is AWS certification for career success?

Many companies specify the need for a certification in job postings simply to weed out unqualified candidates as quickly as possible. The reality is that for most companies, real world experience and demonstrated success will count more than a certification.

For a long term career path with few limitations a much better choice is to […]

By |April 17th, 2019|Blog|Comments Off on How important is AWS certification for career success?

How Companies Can Protect Themselves from Ransomware

I was recently asked about ransomware and how companies can defend themselves. The most common vectors of infection for ransomware are via email, such as attachments and malicious links in the email,  and exploit kits, which are usually executed when a victim visits a compromised websites.

Some organizations assert that approximately 60 percent of […]

By |April 2nd, 2019|Blog, Security Breach|Comments Off on How Companies Can Protect Themselves from Ransomware

AI in Cybersecurity: How it can be tricked

Using AI to provide cybersecurity solutions has received a lot of press in the past two years. The reality is that most “AI cybersecurity” products use Machine Learning (ML) techniques, which is just one subset of a broader range of techniques associated with deep AI.

ML techniques are being used in several cybersecurity domains including:

By |February 25th, 2019|Blog|Comments Off on AI in Cybersecurity: How it can be tricked

Protecting from Phishing and Spear-Phishing

SystemExperts Corporation is aware that many companies are seeing spear-phishing attempts where the emails purport to be from internal employees. We have also heard reports that compromised email accounts have been used to send spear-phishing emails to third-parties and the owner of the compromised accounts do not see the emails being sent on their behalf, nor the […]
By |October 15th, 2018|Blog, Security Breach|Comments Off on Protecting from Phishing and Spear-Phishing

Three Cyber Security Tips for Small Businesses

There are three critical security controls that all small businesses should implement if they are just starting to address security. These are:

  1. Keep your systems up to date by applying all security updates
  2. Make sure you have daily backups of all critical data and be sure to test the […]
By |June 28th, 2018|Blog|Comments Off on Three Cyber Security Tips for Small Businesses

How to Prevent a Ransomware Attack

It is always better to be proactively prepared and prevent ransomware attacks than having to react after an attack occurs. Paying the ransom is not recommended.

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The “No More Ransom” website is an initiative by […]

By |February 16th, 2018|Blog, Security Breach|Comments Off on How to Prevent a Ransomware Attack

Intel’s Meltdown and Spectre Vulnerabilities

By now you have probably read some articles about the Meltdown and Spectre vulnerabilities but you may still be seeking guidance for how your organization should react.

First a quick recap, Meltdown and Spectre were announced early in January of 2018. Unlike most other vulnerabilities, Meltdown and Spectre exploit critical vulnerabilities in modern processors. Meltdown primarily […]

By |January 29th, 2018|Blog|Comments Off on Intel’s Meltdown and Spectre Vulnerabilities

Tips to Prevent Online Identity Theft

There are few new trends in online identity theft, although some attacks are becoming more sophisticated, the basic steps to prevent exploits remains the same.

Be on the lookout for attacks that use broken English in the message body. While most now use proper English and use the same style and logos that are used by […]

By |April 24th, 2017|Blog, Security Breach|Comments Off on Tips to Prevent Online Identity Theft

Network Access Control (NAC)

Controlling access to the network is fundamental security control. For shared networks, the capability of users to connect to the network should be restricted. Well known security frameworks such as ISO 27002, Information technology – Security techniques – Code of practice for information security management, includes this control as a recommendation. And the […]
By |April 11th, 2017|Blog, ISO 27002, Uncategorized|Comments Off on Network Access Control (NAC)

Impact of a Data Breach on a Small Business

While our main focus is as a provider of IT compliance and security consulting services, we have been called in to help a few small businesses handle security incidents and data breaches. These calls come to us after the client has discovered there’s been a security incident or data breach and as a result is seeking to […]
By |February 20th, 2017|Blog, Security Breach|Comments Off on Impact of a Data Breach on a Small Business

Important Sources of Threat Intelligence for Security Teams

The goal of threat intelligence (TI) is to recognize indicators of attacks as they progress and act upon those indicators in a timely manner. TI is not a mature area for most organizations.

While tools to automate TI exist and are evolving, most organizations are still using informal ad hoc mechanisms or a small number […]

By |September 26th, 2016|Blog, Security Breach|Comments Off on Important Sources of Threat Intelligence for Security Teams

Cybersecurity Responsibilities for SMBs

Cybersecurity is a topic that many small and most medium-sized businesses care about due to all of the news stories about data breaches, identity theft, and ransomware that have appeared in the last several years.  Some small and medium-sized businesses have realized that having a strong cybersecurity program can be a strategic asset for their particular market […]
By |September 9th, 2016|Blog, Security Breach|Comments Off on Cybersecurity Responsibilities for SMBs
  • Permalink Gallery

    DNS: How it Works and Best Practices to Defend Against DNS-based Threats

DNS: How it Works and Best Practices to Defend Against DNS-based Threats

The Domain Name System (DNS) is a central element in the addressing and routing of all communication over the Internet. Many enterprise IT security professionals don’t always know how DNS works, or how attackers might use it to compromise their data. Following is a discussion about recent attacks and exploits that use DNS and some best practices for defending […]
By |July 6th, 2016|Blog|Comments Off on DNS: How it Works and Best Practices to Defend Against DNS-based Threats
  • Permalink Gallery

    Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

Based on the science of cryptography, encryption is the process of coding and decoding messages to keep them secure, and is often touted as the silver bullet for cybersecurity woes. But is it really the cure-all?

The classic model of information security starts with the triad of Confidentiality, Integrity, and Availability. Cryptography is critical to providing […]

By |March 15th, 2016|Blog, Security Breach|Comments Off on Encryption Implementation: Is It the Cure-all for Cybersecurity Woes?

So You Had a Security Breach – Now What Do You Do?

A great way to start out the New Year is to review your company policies and procedures in the event of a security breach. Following is a checklist to help you get started:

  1. Document company policy, plans and procedures.
  2. Make sure the plans and procedures are fully tested […]
By |January 21st, 2016|Blog, Security Breach|Comments Off on So You Had a Security Breach – Now What Do You Do?