Beginning in 2019, the Cybersecurity and Infrastructure Security Agency (CISA) began releasing their Risk and Vulnerability Assessment report. This report compiled several months of testing, audits and remediation efforts carried out on behalf of federal entities. Their assessments of these stakeholders helped them identify common attack vectors, the effectiveness of these attack vectors and how IT systems were responding to these attacks. 

Recently, CISA released their report for FY 2020. While some of the information in the report is insightful and informative, much of it is also becoming unfortunate common knowledge.  

Read More

Wireless networks and always-on connectivity are a blessing and a curse. On the one hand, these technologies give us access to more knowledge and entertainment than ever before. We can work wherever we want, stream video and music wherever we want and have the full Internet experience at the tips of our fingers. 

On the other, however, we have a constant vulnerability to potential attacks. Fraudsters and hackers are consistently working to find new ways to break into devices, steal data and make a profit. One of these ways is a process called “wardriving”, which uses the reality of Wi-Fi hotspots to facilitate attacks. 

Read More

When business professionals talk about security threats, they often talk about external threats: hackers, phishing attempts, DDoS attacks and so on. However, according to a 2020 survey, 66% of organizations consider the threat of an inside attack more likely than external ones. According to another survey by the Ponemon Institute, insider threats increased by 47% from 2018 to 2020. Additionally, the costs of these attacks increased 31% to $11.45M in 2020. 

So, what is an insider threat? Insider threats are breaches, disclosures, or theft of private and protected data by someone inside an organization. These thieves will almost invariably have authorized access to the data in question, or a way to receive that authorization either legitimately or by stealing credentials from a colleague. 

Insider threats don’t just originate from current employees, either. Many of these breaches occur when a former employee continues to have access to sensitive systems, or they communicate with an accomplice that has such access. 

Read More