What’s new in phishing?
I was recently asked to comment on what’s new in phishing. In some sense, phishing attacks are always the same. They count on the fact that some (small) percentages of people will follow links or provide information to sources that haven’t been verified or shouldn’t be trusted. They also know that even though most IT […]
How enterprises can protect themselves against cyber-attacks
I was recently asked to comment on data security in relation to increasing threat of cyber attacks ahead of the upcoming 2020 election. How can enterprises adequately protect the data privacy of their products and services as well as their clients and employees? My response is that there’s no silver bullet to prevent cyber attacks […]
Considering the Use of a CPaaS Provider? Look at the Inherent Risks
The rise of the communications platform as a service (CPaaS) model has many enterprises migrating from on-premises communications to cloud platforms and APIs. CPaaS and APIs offer benefits including improved productivity and third-party app integrations, but before proceeding to adopt CPaaS companies should consider the inherent risks. Remember that the underlying technologies tend to be […]
Ransomware – should you pay or not?
You may have seen the recent news about cities and towns being held hostage to hackers infecting their data. With over 25 years of experience in cyber security, I’ve seen it all. To help guide you in managing a ransomware attack, I’ve outlined the steps you can take to minimize the impact on your organization […]
How significant is the tool sprawl problem?
Following up on my post earlier this month on Shadow IT, I wanted to discuss a related issue – “tool sprawl.” Tool sprawl describes an environment where the deployment and use of tools is not managed by a single IT group: applications, software, and tools are installed by end-users because they believe that waiting for […]
Four Tips for Dealing with Shadow IT
Simply stated, Shadow IT is what happens when people within an organization decide to deploy Information Technology systems and services without approval from the official IT group. On the positive side, this can be the source of real innovation from within the company without the normal formal approval process that can be time consuming and […]
Cybercrime: Impact on Manufacturers
With the rise in value of intellectual property, cybercriminals are now aiming their activity on the manufacturing sector. Manufacturers in the past haven’t practiced the strictest of cybersecurity measures, making themselves quite vulnerable today. The exception to this are industries, such as chemical and pharmaceutical manufacturing, which are subject to federal regulations regarding cybersecurity. Within […]
Disaster Recovery as a Service
Disaster Recovery as a Service, or DRaaS, helps safeguard your company from IT outages and helps build a resilient IT system to maintain servers and network usage throughout recovery processes. DRaaS uses cloud resources to protect applications and data from disruption caused by disaster and gives an organization a total system backup that allows for […]
How important is AWS certification for career success?
Many companies specify the need for a certification in job postings simply to weed out unqualified candidates as quickly as possible. The reality is that for most companies, real world experience and demonstrated success will count more than a certification. For a long term career path with few limitations a much better choice is to […]
How Companies Can Protect Themselves from Ransomware
I was recently asked about ransomware and how companies can defend themselves. The most common vectors of infection for ransomware are via email, such as attachments and malicious links in the email, and exploit kits, which are usually executed when a victim visits a compromised websites. Some organizations assert that approximately 60 percent of ransomware […]
