Friday, March 29, 2019

UK consumers most likely to jump ship on breached businesses

UK consumers most likely to jump ship on breached businesses
According to a recent study from PCI Pal, 41% of British consumers said that they would stop spending with a business or brand forever in the event of a breach. This compares to just 21% in the US.
The divergence in attitudes continues in their views of small businesses vs national companies. Over half of UK respondents felt that they could trust a local store with their data more than a national chain. On the other hand, only 47% in the US felt that they could trust a local business more than a national company, citing adherence to security protocols (28%) and cybersecurity investments (25%) as main reasons.
Public perceptions carry significant influence on the business landscape, and companies must build a reputation for security in order to win their customers’ hearts. As the world becomes increasingly cyber vigilant, consumers will start to think twice before placing their data in the wrong hands.

Thursday, March 28, 2019

In Other News:

In Other News:
How American companies can benefit from a global perspective
There’s a reason why we cover breaches from countries around the globe. Over the last few years, cybercrime has exploded into an international phenomenon, leaving no continent unturned. By examining how the cybersecurity measures of other countries, the US can borrow pages from their playbooks and predict the future. Here are a few thought starters inspired by China, India, Brazil, and the UK:

1. Improve authentication
Internal control measures are becoming a topic of discussion, given the climate of employee-related data scandals in recent years. By building in reporting systems that have fail-safes and multi-factor authentication, companies can stop fraud in its tracks.
2. ID proofing
Establishing added trust in a credential such as a mobile ID can go a long way in protecting consumers from identity theft. By authenticating devices and users and understanding common fraud patterns, companies can take their security to the next level.
3. Validation certificates
Image-based phishing is growing increasingly sophisticated and effective against consumers, and it’s up to businesses to help them navigate safely. By implementing secure browser certificates, users can feel reassured that they are logging into a trusted source while distinguishing your brand from the fraudsters.

Darkweb Trends

This week, a Dutch academic publisher is exposed, US sleep companies snooze on payment fraud, UK police face ransomware attack and Uber might be spying on us (again)…
Dark Web ID Trends:Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: Domain (99%)
Top Industry: Construction & Engineering
Top Employee Count: 11 - 50 Employees 

Tuesday, March 26, 2019

March Newsletter: Bit by Bit Earns Top-Tier Award for Exceptional IT Managed Services





Monday, March 25, 2019

What is one free, but impactful change companies can make today to skyrocket their security posture?


Eighty percent of Internet traffic is secure (HTTPS) which means your company’s firewall cannot inspect it (since it’s encrypted).  This means that 80% of the traffic coming through your firewall into your organization is not getting inspected for malware!  It’s simply dubious security to have a firewall and not have it configured to decrypt, inspect, and re-encrypt HTTPS web traffic.  All business-grade firewalls have an option labeled something like SSL Decryption or SSL Inspection.  Work with your IT person or provider to get this turned on so you’re able to inspect the malware that is coming in under your nose.

Friday, March 22, 2019

What are some common mistakes made by business owners when implementing cybersecurity measures?


The largest root-cause for poor cybersecurity in an organization is a lack of upfront leadership buy-in and identified roles for cybersecurity.  Without top-down buy-in, cybersecurity simply cannot be effective. Another erroneous mindset is that “I’m in the cloud, so I have nothing to secure”.  This couldn’t be farther from the truth!  While most cloud applications and environments come with security options, it’s every individual organization’s responsibility to actually configure these options.  Additionally, it’s quite easy for hackers to take over online accounts with phishing and brute force attempts.  So, every online workflow should be protected by multi-factor authentication.

Wednesday, March 20, 2019

How does a company get started with cybersecurity when they’ve never addressed it seriously?

To get started with cybersecurity, companies must understand what data they have, what regulations apply to them, and the overall leadership attitude towards risk, cybersecurity, and protecting information assets.  From here, the company needs to pick a cybersecurity framework such as HIPAA, PCI, NIST, or ISO that most closely aligns with their goals.  Once a framework is selected, a gap analysis should be performed.  Then the company can proceed with implementing controls to address the unique weaknesses and vulnerabilities that face it.

2019's New Frontier of Cybersecurity Threats and Trends

Remaining vigilant and proactive are key strategies for cybersecurity experts in 2019. Hackers find new ways to exploit vulnerabilities on public and private computer networks. Information technology (IT) industry leaders appeal to everyone from consumers to corporate technical architects to adopt protocols that make technology safer and more reliable to use. Here are some cybersecurity threats and trends to watch in 2019. 

Viruses as Weapons of Mass Destruction 

When diplomacy doesn't work, leaders of national governments have been known to resort to unconventional warfare tactics to effect change. Instead of directly declaring war and dropping bombs, these governments have been known to stage cyber-attacks on other countries' public and private networks.

In December 2018, the U.S. Department of Justice put out a statement about the criminal charges that it levied against two Chinese hackers who breached a network to steal intellectual property. The hackers worked for China's Ministry of State Security. Was pressure to fix trade imbalances between the United States and China the motive for the attack?

More recently, Venezuelan leaders accused the United States and its allies of sabotaging Venezuela's power grid and causing a country-wide blackout. Some have hinted that attackers used the computer virus Stuxnet to bring the power grid down; the worm is not detected by most antivirus software. The two countries have been at odds about the use of Venezuela's gold and oil assets as they relate to U.S. business interests. 

Hijacked Hardware for Crypto Mining 

Many national currencies are in a state of decline or instability as financial experts look for solutions that'll bring permanent economic health and prosperity to their respective countries. These leaders are giving digital currencies a serious look. Meanwhile, cybercriminals attempt to grow their cryptocurrency wealth by any means necessary. They often hijack the computer systems of individuals and businesses for crypto mining activities.

Biometric Authentication 

Stealing authentication credentials and cracking passwords are common skills for today's cybercriminals. These thieves continue to steal credentials because it works, and their first acts aren't usually thwarted by sophisticated antivirus software. Biometric-based authentication systems such as fingerprint readers and iris scanners eliminate network breaches that are caused by stolen credentials.

Labor Shortage of Cybersecurity Talent 

People who are worried about global competition for IT jobs need to check out the field of cybersecurity. According to industry analysts, there is a growing shortage of trained, cybersecurity talent. Someone who wants to break into a computer security job needs training and credentials. Four-year degree seekers take programs such as Drexel's BS in Computing and Security Technology. Those who already have a bachelor's degree often earn certificates through specialized training programs such as the EC Council's Certified Ethical Hacker course.

Conclusion 

In 2019, IT security specialists will continue to use their knowledge of network protocols and advanced antivirus tools to prevent, contain, and clean up cyberspace's most costly digital messes. Hackers will use old viruses in new ways to exploit vulnerable computer networks everywhere. Their attacks have a surprising bright side, however, for people who are willing to get the proper education and training.



Bit by Bit can help with your network security assessment you can help up at Contact us

Tuesday, March 19, 2019

Why is cybersecurity important for small and medium businesses?


Large companies tend to have the time, money, and resources to invest in cybersecurity.  Small and medium businesses (SMBs) generally don’t have a single point person devoted to the organization’s cybersecurity.  SMBs generally lack the knowledge and expertise to ensure that risk is both discovered and addressed.  This is why most SMBs outsource the cybersecurity function to a trusted third party with the certifications, experience, and know-how to combat cyber risks.  SMBs who don’t outsource this important role are at significant risk of damaging information loss and downtime.

River Legacy Speaker Series


Monday, March 18, 2019

Why does HIPAA apply to me if I am not in the medical field?


HIPAA, the acronym for the Health Insurance Portability and Accountability Act, is a regulation administered by the Department of Health and Human Services.
Most people are aware that hospitals, long-term care facilities, health insurance companies, doctors offices, & the like must comply with both the privacy and security components of HIPAA. However, many people are fuzzy on the fact that other organizations also have to follow a minimum set of security standards under HIPAA.
Any organization who provides services to any of the entities above has to sign what is called a business associate agreement or BAA. This agreement is essentially an attestation that the business associate will exercise due care while handling medical records.
Here are some examples of business associates:
- An outsourced IT firm
- A third-party cybersecurity firm
- A CPA firm who provides accounting services and has access to PHI in the process
Any time a business associate discloses, handles or uses PHI, they must comply with HIPAA Security Rule and HIPAA Privacy Rule mandates.
The HIPAA Security Rule requires periodic risk assessments, users to be trained on security best practices, and penetration testing to ensure that the business associate is not adding unnecessary risk to the handling of protected health information.
Essentially, anybody coming in touch with protected health information needs to align their cybersecurity posture with HIPAA requirements.
Managed Security Team

Cross-border e-commerce is booming:

Cross-border e-commerce is booming: it is expected to bring in $203 billion annually by 2021. Yet many U.S.-based merchants hesitate to engage in global transactions. To be sure, risks abound, but so do misconceptions about payment fraud.
Using local payment methods (LPMs) — that is, payment methods beyond credit cards — may lessen risk and allow global expansion. Linked to local banks, they typically have built-in security safeguards. In China, for instance, 49 percent of online transaction take place via e-wallet and only 23 percent by credit card.
Risk is reduced because such push-payment methods, where the customer initiates payment, do not require the business to collect consumers’ payment data, thereby lessening exposure to chargebacks due to misuse of stolen cards.
Bank transfers — which move money directly from the purchaser’s bank to the merchant’s — are another avenue to pursue. Used in nearly half of online transactions in Germany, bank transfers are performed via redirect during checkout, through a real-time or offline transfer process.

In Other News:

In Other News:
The U.K. has seen its first group litigation case concerning data breach, and the organization in question, the supermarket chain Morrisons, was found vicariously liable for the actions of one of its employees.
A disgruntled employee posted a file on a file-sharing website that included data on nearly 100,000 of his colleagues. That employee was found guilty of several charges related to the incident, including fraud and gaining unauthorized access to computer materials, and sentenced to eight years in prison.
Then 5,518 of the individuals whose personal data was published sued Morrisons. In this class-action-type suit, Morrisons — which was determined to have been compliant with data security laws at the time — was found vicariously liable for its rogue employee’s actions. It now faces large compensation costs.
Notable not only for being the first of its kind around data breach in the U.K., this case is also interesting for setting a high standard of responsibility among companies for their employees’ actions. As data breaches increase in both frequency and scope in Europe, those affected by them are likely to look to class-action claims under the provisions of the GDPR, which gives data subjects’ more rights and increases defendants’ penalties.
A side note: Similar claims but concerning nonmaterial damage like emotional distress may be enabled by the GDPR and the Irish Data Protection Act 2018 to be brought to Irish courts.

Thursday, March 14, 2019

Dark Web ID Trends:


Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: Domain (99%)
Top Industry: Business & Professional Services
Top Employee Count: 11 - 50 Employees 

Wednesday, March 13, 2019

Are you among todays victims of cyber-crime?



Ask how bit by bit can help protect you from cyber crime..


contact us at 877.860.5831 x190

Tuesday, March 12, 2019

What we can do to stop putting our data at risk of identity theft

What we can do to stop putting our data at risk of identity theft
As we continue to flip through news headlines of identity thefts that read like scary movies, the average American consumer is growing increasingly aware of the data breach landscape. However, recent data suggests that such awareness has not converted into any serious action. For the most part, we are doing nothing to prevent data breaches, and instead it seems that we are contributing to our own demise.
According to a study conducted by CreditCards.com, 9 in 10 U.S. adults have been committing at least one of the following four risky behaviors regarding data in the past year...

Thursday, March 7, 2019

Dark Web ID Trends:

Dark Web ID Trends:Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: Domain (99%)
Top Industry: Medical and Healthcare
Top Employee Count: 11 - 50 Employees 

Spring Break Family Fun at the Science Center



E-News header
Donate Now

Quick Links
Thanks to our 2019
Annual Partners!



 

2019 Event Sponsors

 
Randol Mill Pharmacy Logo 


Pratt Industries
Guaranteed Hydromulch
Browning Seed, Inc.
Hello Nature
May Financial Solutions
Archer Western Construction
Martin Sprocket and Gear
The Thompson Group @ Classic Chevrolet
MMA
SPSD

To join our list of annual partners and event sponsors, contact 
Becky Nussbaum at 817.860.6752, ext. 120.

Upcoming Events

Conservation Saturday - Trash Clean Up
11 am- 1 pm, March 16, River Legacy Living Science Center. Meet at the Science Center for supplies, maps and direction before heading out to pick up trash from the Science Center and Park trails. After collecting trash, participants will meet back at the Center to return supplies and receive a FREE Discovery Room Pass for your garbage collection efforts. Limited to ages 5 and up (16 and under must be accompanied by an adult). Space is limited. Please RSVP to 817.860.6752.

River Legacy Speaker Series
7 pm - 8:30 pm, March 19, River Legacy Living Science Center. Come join us for a lively discussion featuring Ruth Jackson, E.A. of the RBJ Agency, discussing the "Tax Cut Job Act of 2018 Changes" to help prepare us for the upcoming tax season. This Speaker Series is sponsored by Callaway Financial Services as a fundraiser for River Legacy. Tax-deductible donation of $20. RSVP to 817.860.6752, ext. 102.

Nature Adventurers - Adventures with Honeybees!
10 am - 11:30 am, March 21, River Legacy Living Science Center. Join us for Adventures with Honeybees! This series of occasional classes provides a special hands-on learning opportunity designed especially for preschoolers and an adult partner. Children ages 2 years 6 months to 5 years old with a parent/caregiver will participate in a hands-on lesson, classroom activities, story and song time, and go on a guided nature walk. Cost is $15 per child/adult pair per class with $5 for 1 additional child (max 2 children per adult). Space is limited. RSVP to 817.860.6752, ext. 102. Payment is due at time of registration.

Snake Encounters - Adult Workshop
1 to 2 pm, March 23. Find out what to do when you encounter a snake along a hiking trail or even in your own backyard during this workshop led by Nature's Edge Wildlife Rescue. Best suited for ages 12 and up. FREE. Space is limited. RSVP to 817.860.6752.

Artini Hour
6 to 8 pm, March 28, River
Legacy Living Science Center. Create an upcyled art project while enjoying wine and refreshments. This month, create twisted rope bead bracelets. All supplies provided. Cost is $20 per person. Valid ID required for drinks. Sign up online here.

Nature Walk
2 to 3 pm, March 30, River Legacy Living Science Center. Explore the nature trails surrounding the Science Center on a family-friendly guided nature walk. FREE. Space is limited. RSVP to 817.860.6752.






Check out our full calendar of events at 

Contact Us
Facebook Logo Pinterest Logo

March 2019

Enjoy a Spring Break Stay-Cation with FUN Family Adventures!

Staying close to home for Spring Break? Plan a stop at River Legacy Living Science Center. We have a week full of daily, family-fun activities waiting for you:

Tree Hikes - Monday, March 11
Go on a hike with a Naturalist to look for and identify common trees found in the forest. Magnifying glasses available to further examine the trees. Hikes depart from the Science Center.

Reptile Adventure - Tuesday, March 12
Get an up-close look at turtles, snakes or lizards during an animal investigation followed by a related craft.

Aquatic Adventures - Wednesday, March 13
Grab a dip net and see what interesting watery inhabitants you can find living in our pond. 

Mammal Adventure - Thursday, March 14
Get an up-close look and learn about different mammals found in Texas during animal investigations followed by a related craft.

Creepy Crawlers - Friday, March 15
Get an up-close look at some of our Creepy Crawler animal friends - spiders, cockroaches and more found in your own backyard or across the world, followed by a related craft.

All activities will take place at either 11:30 am; 1:30 pm or 3:30 pm. 

Two ways to participate:
  1. $2 per person for Spring Break Activity ONLY
  2. Spring Break Activity is included with purchase of Discovery Room admission ($5 for adults; $3 for children; $4 for seniors)
Ages 2 and under are free for all events, and children must be accompanied by an adult for all programs. Registration will be available beginning at 10 am the day of the event. Tickets must be purchased in-person at River Legacy Living Science Center.


Registration NOW Open for
Summer Camps & Fall Programs

Summer Class
Don't delay in making your summer or fall plans! You can register online NOW for all of River Legacy Living Science Center's engaging and exciting educational programs!

River Legacy Living Science Center has a variety of weeklong summer classes in June & July that are sure to beat those summertime boredom blues (and your students may even learn something too!) Age-appropriate classes for preschoolers to elementary students explore wildlife, science, ecology and the environment.
Outdoor Adventure Camps for grades K-6 provide tons of outdoor fun all in the setting of the best classroom on Earth - NATURE. An Extreme Outdoor Adventure for grades 7th & 8th will have your students kayaking, hiking, and rock climbing while learning some valuable outdoor skills.

Visit www.riverlegacy.org  for a complete schedule of class days, dates and times. For more information, contact registrar Jennifer Zamboni at 817.860.6752, ext. 102.

This unique preschool enrichment program gives children ages 3 to 6 a natural place to learn, play and grow where lessons venture outside the classroom and into nature. Nature School provides small, enriching classroom environments, captivating live animals, nature walks, story times, art and dramatic play. Half day and extended day options are available, as well as a two-day-a-week program on Tuesdays & Thursdays for 4-year-olds.  An engaging and advanced curriculum for children ages 5 to 6 is held on Fridays and is a great supplement to Mother's Day Out, alternative kindergarten programs, and home school.

Learn more at www.riverlegacy.org or contact Education Director Sherrie Ripple at 817.860.6752, ext. 105 to schedule a classroom visit.

Enrich your science curriculum using the abundant resources of River Legacy Park and River Legacy Living Science Center. Classes explore the plant and animal life of River Legacy Park through outdoor nature walks, live animals, specimens and more. Classes meet once a month on selected Wednesdays from 2 to 4 pm September through April (except December).

Get the 2019-2020 class schedule here or contact registrar Jennifer Zamboni at 817.860.6752, ext. 102 to learn more.

Students in grades K-6th explore the plants, animals and habitats of a riparian forest in the middle of the Metroplex during fun and engaging After-School Clubs. From trees, to frogs to the weather, a different topic is explored each month and sometimes includes a field trip or off-site visit.  Clubs meet once a month on selected Tuesdays  from 4:15 to 6:15 pm September through April (except December).

Get the 2019-2020 schedule here or contact registrar Jennifer Zamboni at 817.860.6752, ext. 102 to learn more.

Registration is available online for all of these programs.


We Put the FUN in FUNdraisers!
Two upcoming fundraisers support the environmental educational programs at River Legacy Living Science Center!



Regatta Build and sail a cardboard boat or just come to soak up the event-day festivities during this fun-soaked day at Six Flags Hurricane Harbor. Boat registration is available through April 1. Sink or sail, this wildly popular event is fun for all ages! Event day highlights include building a boat on site; winning fabulous FUN prizes in our Whale Sail; enjoying live entertainment and activities in Splashwater Beach; and participating in fun games and contests in our Children's Area that includes Hula Hoop and Limbo contests and a Mini-Boat RainGutter Regatta! For more information, visit www.riverlegacy.org or contact Kristi Payne at 817.860.6752, ext. 107. Event sponsorships with marketing and advertising benefits are also still available.

Clay Shoot Logo Join emcee Scott Murray and Jay Novacek for fun friendly competition at our annual Sporting Clay Shoot at Defender Outdoors Clay Sports Ranch. Highlights of the event include 100 rounds of clays; supplied shells, lunch, awards, live auction, raffles and prizes! Sponsorships and team registration are available now through May 6. For more information, visit www.riverlegacy.org or contact Shannon Porter at 817.860.6752, ext. 119.
Future environmental stewards start here. Make a difference. Support the work of River Legacy Foundation.
River Legacy Foundation, 703 NW Green Oaks Boulevard, Arlington, TX 76006