Monthly Archives: November 2020

A Primer on Watering Hole Attacks

Cyberattacks come in many different forms, with new methods being developed all the time. What’s bad is that personal information is now often stored online, be it through social media or through government and healthcare services — and these are juicy targets for criminals. Learn more about one way these criminals steal data — through watering hole attacks. What are watering hole attacks? Watering hole attacks are used to distribute malware onto victims’ computers in a similar way phishing activities are conducted. Cybercriminals infect popular websites with malware, and anyone who has had the misfortune to visit have their computers automatically loaded with malware. The malware used in these attacks usually collects the target’s personal information and sends it back to the hacker’s server. In extreme cases, the hacker will actively take control of the infected computer. But how does … READ MORE »

How Good is Your Disaster Recovery Plan?

You may think you know all about disaster recovery plans (DRP) from attending conferences or reading up on the subject. But one of the best ways to learn is by example, and the following real-life case offers valuable lessons. Learn about the DPR audit of a state government office and the knowledge gained from it. Hosting certain types of data and managing a government network legally bind you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures led to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan. Update and test your plan frequently What was one of the first and most obvious failures of the department’s DRP? It didn’t include plans to restore an essential piece of their infrastructure — the department’s intranet. … READ MORE »

A Smart Approach to Cybersecurity Investment

Cybersecurity is a threat to businesses across industries. Sometimes, organizations invest in security software without realizing the risks that come with it. Here are compelling reasons why identifying threats before buying cybersecurity products is paramount. Uncover threats and vulnerabilities Every business should run a risk assessment to evaluate its current cybersecurity infrastructure. Doing so is one of the easiest ways to identify, correct, and prevent security breaches. After discovering potential issues that cyberterrorists could exploit, rate them based on probability of occurrence and potential impacts on your business.Keep in mind that risk assessments are specific to every business, and there is no one-size-fits-all approach for technology that will work for small- and medium-sized businesses (SMBs). Variables like your line of business and operating environment will account for differences in needs and risks. For instance, manufacturing companies and insurance groups have … READ MORE »