Wednesday, December 30, 2020

2021 Trend Watch: Ransomware Never Goes Out of Style

Ransomware is the monster under the bed that every company should be worried about these days. From stealing data to disrupting operations and even nation-state hacking, ransomware was a favored tool of cybercriminals worldwide in 2020 – and that looks set to continue in 2021.

Ransomware surged at the start of the pandemic, with an incredible 148% increase in attacks in March 2020alone. In Q3 2020, researchers estimate that cybercriminals successfully completed at least 1 new ransomware attack every day. That’s not a trend that your business wants to get in on.

Protecting your business from cybercrime like ransomware starts with building a strong cybersecurity culture. It’s important to make sure that every one of your staffers is up to date on the latest threats and following cybersecurity best practices – after all, they’re part of your security team too.

Using a solution like BullPhish ID to help employees learn to spot and stop phishing attempts is essential these days- phishing messages are the number one delivery system for ransomware. Plus, adding a secure identity and access management solution like Passly adds powerful protection against cyberattacks including ransomware by adding multifactor authentication, a recommended risk mitigation by CISA and other experts. 

Take smart precautions now to ensure that your business isn’t a trendsetter because no company can afford to be a part of the expected wave of continued growth in ransomware attacks in 2021.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Tuesday, December 29, 2020

Millions of Stolen User Records Create Risk for Your Business

Millions of Stolen User Records Create Risk for Your Business 

It’s not just information that’s stolen from your company that puts your business in jeopardy. Your company’s security is also in danger because of information stolen in data breaches at other businesses or through breaches at hospitals, government agencies, utilities, colleges, and other organizations – and that risk is growing every day as more information makes its way to the Dark Web.

Dark Web activity has exploded in 2020. The combination of millions of people suddenly working from home, a thirst for knowledge about the pandemic, and advancements in ransomware and other cybercrime technology has made it easier than ever for cybercriminals to get their hands on the information that they need to target and attack organizations – 60% of the information on the Dark Web has the potential to harm enterprises. 

One common way that cybercriminals use this information is to gather or obtain huge lists of passwords that have been stolen in data breaches around the world. It’s a well-known fact among bad actors that people tend to recycle passwords, often using a few that they cycle through for both work and home applications. If those passwords are stolen in a data breach and hit the Dark Web, they’re added to the pool that cybercriminals draw from when gathering ammunition for attacks.

That can create severe risks for your business. For example, if one of your staffers is recycling a favorite password by using it for both their company O 365 password and their personal Spotify account, and that password gets stolen in a data breach (Spotify has had 3 data breaches in 2020 alone), then cybercriminals now have a key that unlocks the front door to your business.

That’s why you should add Dark Web monitoring with a dynamic solution like Dark Web ID to your security plan. Find out that one of your company’s credentials has been compromised before the bad guys do with 24/7/365 monitoring using human and machine analysis. Dark Web ID constantly sweeps Dark Web data markets to find your potentially compromised credentials and alert your IT team immediately when one pops up.

Don’t take chances on an unexpected credential compromise incident, because even the best-laid security plan can be undone in a second with one compromised credential that goes undetected, allowing cybercriminals to slide right in to your business. Include reliable, affordable Dark Web monitoring in your 2021 security plan and gain peace of mind against unpleasant surprises like credential compromise from the Dark Web.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Wednesday, December 16, 2020

Fake Zoom Invites Bring Real Trouble

Is that Zoom invite from a new client or a cybercriminal? As many companies continue working from home, fake Zoom invites, bogus password reset messages, and social media ploys are just the latest tool that bad actors are exploiting to get their foot in the door at your business.

Scams like this are abundant this time of year, as people get busy with holiday activities or take time off and many offices are a little more lax. Without IT experts to turn to, your staffers could be at risk of falling for a malicious Zoom invite, a malware-laden LinkedIn message, or other unexpected phishing threat without knowing what to do about it.

Email attachments have become so notorious that cybercriminals are hunting for new ways to launch phishing attacks. But if you’re keeping your security awareness and phishing resistance training up to date, your staffers probably won’t fall for the ploy. Businesses that engage in regular security awareness training that includes phishing resistance reduce their chance of having a cybersecurity incident by up to 70%.

As long as it’s regularly refreshed, that is. Studies show that staffers retain the knowledge and skill developed through phishing resistance training for about 3 months. By instituting quarterly training at minimum, you’re not only keeping your staff on their toes to encourage good cybersecurity habits, but you’re also making sure they’re up to date on the latest threats.

BullPhish ID is the ideal training solution for in-office and remote staff. We add 4 new plug-and-play phishing resistance training campaigns every month to make sure that your employees are ready for the latest threats, including COVID-19 scams, Google’s biggest phishing topic in history.

Don’t wait until the newest phishing scam like fake Zoom invites or maladvertising is rocking your business, disrupting your operations, and draining your budget – commit to a dynamic security awareness training program now and save yourself a raft of headaches later.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Cyber Security Statistics

  • 41% of respondents in a survey of business owners had a cybersecurity mishap related to COVID-19
  • 94% of executives say their firms have experienced a business-impacting cyber-attack or compromise within the past 12 months
  • 47% of businesses reported experiencing five or more attacks in the last 12 months
  • 78% of respondents said they expect an increase in cyber-attacks over the next two years
  • 63% of security leaders admit it’s likely their systems suffered an unknown compromise over the past year
  • 65% of attacks involved operational technology assets
  • 21% of companies have adopted formal, enterprise-wide security response plans
  • 74% have ad-hoc plans or no plans at all for any type of incident
  • Only 39% of organizations with a formal, tested incident response plan experienced an incident, compared to 62% of those who didn’t have a plan
  • Having a tested incident response plan can save 35% of the cost of an incident.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Thursday, December 10, 2020

Amazon Brings Unwanted Holiday Gifts to Businesses

Amazon Brings Unwanted Holiday Gifts to Businesses 

Everyone loves giving and getting gifts – it’s part of what makes this season special. It’s the most wonderful time of the year for cybercriminals too. As you and your staffers buy everything from business essentials to toys on Amazon this holiday season, you’re opening your business up to extreme risk from phishing. 

While an increase in holiday-time phishing attacks isn’t unusual, the combination of people shopping from home because of the pandemic plus a huge increase in overall cybercrime spells trouble for your company in 2020. A recent report shows that Amazon-related phishing messages have more than doubled this year, and they’re continuing to climb, with a more than 60% increase in November alone. 

So how can you protect your business? By making sure that all of your employees are well-versed in the types of phishing schemes that cybercriminals are bringing to the table this year. Up-to-date training that’s regularly refreshed can lower your incidence of a cybersecurity problem by up to 70%, making it a smart investment in your business. 

insider threats like human error represented by the silhouette of a woman with her head in her hands in front of a laptop.

Is your company’s biggest security threat a member of your team? Learn to spot insider threats with this free resource package! GET IT>>

BullPhish ID is perfect for training your employees to be vigilant about the latest threats. We constantly update the plug-and-play phishing resistance training kits that are available to use for your business, including adding 4 new ones per month covering all the latest scams like COVID-19 threats.

Get your business a gift this holiday season – improved cyber resilience with a commitment to security awareness training with BullPhish ID that reduces your chances of becoming a victim of cybercrime. Your IT team will thank you when your well-trained staff avoids major cybersecurity blunders that would have caused huge problems – and your accounting department will thank you too because BullPhish ID is cost-effective and it could save you a fortune if you avoid even one cybersecurity disaster.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Tuesday, December 8, 2020

Monday, December 7, 2020

Wednesday, December 2, 2020

My second published book!! Chapter 8 Are you as secure as you feel? Why you should be intrusion testing your business network.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Cyber Risk Literacy is Critical for a Strong Defense

Cyber Risk Literacy is Critical for a Strong Defense 

Business cyberattack threats have never been higher. Massive increases in phishing (more than 600%), ransomware (more than 150%) and other cybercrime might keep you up at night, but are your staffers aware of exactly how important cybersecurity really is to your business? Your employees might not be on the same page as you are about cybersecurity risks – and that’s a problem that could end up costing you a fortune. 

For most people outside of directly technology-related positions, a cyberattack is a vague, hard to understand threat. It just doesn’t seem possible that one misclick on an email could cost a company millions. That’s why making risk literacy a top priority for every employee is crucial to maintaining a strong defense against cybercrime.

One effective way to increase your employees’ risk literacy is with regular, engaging security awareness training that includes phishing threats since phishing is by far the most common delivery system for cyberattacks. Over 90% of incidents that end in a data breach start with a phishing email and no company can afford that right now.

Insider threats include phishing. Explore cybercriminal tricks to stop phishing with our new book represented by a light blue comic panel of a phishing hook and old-fashionesd comic book style in light blue on dark blue

Uncover Cybercriminal Secrets to See How They Trick You Into Falling for Phishing Attacks & How to Fight Back!

Read Phish Files Now>>

BullPhish ID is the ideal choice to increase your staff’s risk literacy with memorable, easy-to-understand security awareness and phishing resistance training in 8 languages. Using engaging video lessons, risk information is served to your employees in bite-sized pieces for easy comprehension no matter how tech-savvy they may be. 

Online testing measures their retention of the lessons, giving you the information that you need to see who has a handle on security awareness and who needs more help. More than 80 training campaigns are available for you to use right now, and 4 more are added every month, including content about the latest threats like COVID-19 scams.

Training your staff to be aware of potential threats pays handsome dividends for your business – companies that engage in regular security awareness training have up to 70% fewer damaging cybersecurity incidents. By establishing a strong culture of cybersecurity awareness and giving everyone the help that they need to be part of the team, your company gets a huge overall cybersecurity boost that can make the difference between success and failure for cyberattacks now and in the future.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

Go Inside the Ink to Get the Inside Scoop on Cybercrime

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863