Small and mid-sized businesses (SMBs) face unique challenges when choosing a security solution. While large businesses enjoy entire departments devoted to addressing the many facets of security – video surveillance cameras, video management, access control, network infrastructure – SMBs have limited resources to help them select and maintain a security solution.
Bob Kolasky, acting assistant secretary for infrastructure protection at the Department of Homeland Security’s National Protection and Programs Directorate, has been named director of the National Risk Management Center (NRMC), reported Meritalk.
Phishing emails remain the number one delivery mechanism for ransomware. The ransomware attack on the Lansing Board of Water and Light in Michigan, which forced the utility to shut down its accounting system, email service and phone lines, succeeded because a single employee opened an attachment to a phishing email.
When undertaking a cloud migration, it’s critical to remember that the security protocols that work in the enterprise will not necessarily work in the cloud.
In the simplest terms, the “attack surface” is the sum total of resources exposed to exploit within your enterprise. Defending the attack surface was a lot less complicated when a defined corporate “perimeter” existed, neatly separating a company’s assets from the outside world. But, next-gen technologies (e.g., cloud computing and software-defined networking) have dissolved the perimeter, causing the attack surface to grow exponentially.
Patching used to need more planning and manual intervention, but as internet access has improved, many manufacturers now provide built-in Updater Services. Microsoft have taken this further, resorting to patch-guerilla tactics: Ambush Updates. They know what’s best for you, and if you won’t restart your PC then they will. Usually this will always be when it’s least convenient for you, such is Murphy’s Law.
After a data breach, regulators strive to evaluate if an enterprise fulfilled "reasonable" cybersecurity standards… without defining what "reasonable" looks like.
There seems to be a constant supply of news stories involving high-profile, high-impact criminal cyber activity. More often than not, the data breaches that we hear about occur at large businesses or global organizations. This leads many people to think that it’s only those big companies who are at risk of being attacked. They incorrectly assume that today’s cybercriminal is always looking for a giant financial payout or a huge cache of personal data. But the reality is that small and mid-size businesses (SMB) are actually at greater risk.
