The IT Support Education Center
The most educational business technology blog for Southern California executives, featuring insider tips, articles, and videos on how to get the best IT results.
The word “Maturity” is part of the Cybersecurity Maturity Model Certification for a reason. Essentially, the Department of Defense wants their chain of suppliers to “grow up” in their security. When companies act like “grown-ups” in the way that they manage cyber risk, they’re a lot more serious about their responsibilities and they’re accountable for the outcome.
What would you say if you answered the phone, and it was the FBI investigating a cyber attack incident? “Hello, this is the FBI.” “Yeah, right...” When a call like this came into our office here at Accent, we were skeptical...but it turned out to be legit. The FBI was collaborating with Microsoft to shut down a global malware scheme, and they needed our help taking down one of the devices at a client’s site.
Optimize your business's IT function, understand proper - and cost effective - IT staffing, and learn from the mistakes others have made.
When you get started on your journey to Cybersecurity Maturity Model Compliance (CMMC), one of the first things that you’ll need to do is to perform a gap analysis. A CMMC gap analysis lets you know where your security controls are good and where you have, well… gaps. If you have expertise with NIST 800-171 security regulations along with a lot of extra time, then there’s no reason why you can’t do a DIY gap analysis, but many companies are finding that a facilitated gap analysis is more efficient and actually saves money in the long run.
Millions of Americans began working from home for the first time in March 2020 when the pandemic hit in full force. While some companies had the ability to provide laptops or send office desktops home with them, many more needed workers to use personal computers for work. If their computer is still running Windows 7, this inadvertently created a security vulnerability. Continuing to use Windows 7 in any capacity – even if you have antivirus and a firewall – is risky since Microsoft ended support for Windows 7 on January 14, 2020. Let’s explore why, and what you should do now...
When a high profile password hack makes the news, it's disconcerting to say the least. And more often than not when the passwords are revealed, they couldn't be more obvious. Things like: password123, iloveyou, qwerty, or 123456. (If that just hit a little too close to home, you should go change your passwords right now).
In a previous blog article, Marty Kaufman recounts the story of meeting with a business owner who was panicked and in crisis mode because of a cyber attack. If we could backtrack to the days, weeks and months before the attack, we'd probably find that the business owner did not pay much attention to cyber security because he thought the odds of a data breach happening to him was low. As it turned out, the odds were higher than he thought, and it did happen. We can’t go back in time and undo all the damage that has been done by this cyber attack, but we can help other executives avoid stumbling over some common misconceptions that unknowingly increase cyber risk.
If you missed the Cyber Security Q&A Panel Discussion that we held earlier this month, you missed out on something big. On November 6th, we had 56 business leaders join us for a live online event where experts answered burning questions submitted by our clients and local business leaders. The panelists represented multiple disciplines so that we could cover cyber security and cyber risk from many angles - IT, legal, crisis and reputation management, and insurance. Thank you to the Accent team for putting this event together, and to our panelists - Crystal Rockwood from Rockwood Communications Council, Brian Reider from BBK LLP, Glen Carlson from McGriff Insurance Services, and Peter O’Campo with Accent. Don Pierro from Empower Lab did a great job moderating.
There’s a new term you should learn if you don't know it already: Business Email Compromise (BEC). It’s a formal way of saying someone’s email was used as a part of a cyber attack. The FBI calls BEC “one of the most financially damaging online crimes” and according to the cyber security awareness training company, KnowBe4, more than 90% of successful data breaches began with an email tactic called phishing. Phishing is an email scam designed to trick your user into doing some kind of action, like clicking a link or downloading a file, to get access to your organization’s network. Email is a prime target for cyber criminals and it continues to be a necessity in business, even though executive concerns about email security are increasing.
As if we didn’t have enough to deal with during a pandemic, cyber criminals have increased their attempts to take over accounts, invade networks, kidnap data, and generally wreak havoc during 2020.
You probably know of an organization that has been the victim of a cyber attack because according to the 2020 Verizon Data Breach Report, 28% of all data breaches involved small businesses.