Work from home is the new normal. For many, it is likely to continue to some degree long after the COVID-19 crisis. Here are 8 cybersecurity work from home tips to protect yourself digitally. Feel free to download and distribute this infographic. Click to Download
Read More
Version 1 of the much anticipated Cybersecurity Maturity Model Certification (CMMC) framework was release by the Pentagon on January 31. Many news outlets are reporting that, “All DoD contractors must be certified by 2025.” This is a correct statement, but a misleading timeline. Starting in June of 2020, all newly issued RFQs will require CMMC compliance (likely level 1 or 2) in order to receive the Federal Contract Information required to participate in the bidding process. Since multi-year Federal contracts are limited to 5 years, by 2025 all DoD contracts will have cycled through under the new rules, making this […]
Read More
Whether it is about developing an application, managing a network or even organizing files, security guidelines are essential. The organizations that keep their security guidelines aligned and in place from the start not only can assess their options but also make reasonable decisions based on the type of industry and the sensitivity of the information. Threats to business data may change or transform with time, but the basics of security remain the same. Federal Trade Commission (FTC) has outlined a guideline for protecting sensitive and personal information. It guides businesses about how to keep personal information in documents and on […]
Read More
[Updated 2022] IT policies and procedures play a strategic and crucial role in making sure that your company’s corporate information is safe. Policies document how people and other IT systems can access your data and network. Policies and procedures work together with your technical security controls to protect confidential information from unauthorized access, disclosure, corruption, loss, and interference in both physical and electronic formats. When it comes to protecting information, maintaining privacy is just one aspect of security. You also need to be concerned with the information’s accuracy and your ability to access it when you need to. In IT […]
Read More
Do you need it and, if so, what kind? I am not a cyber insurance expert, nor am I qualified to give legal advice, but as someone who thinks a lot about IT vulnerabilities and threats, I believe that every business should evaluate the cost-benefit of cyber insurance to help protect from cyber risk. Such an evaluation starts with a careful consideration of the business’ true exposure to the negative impact of cyber incidents. The next step is to review your current insurance policy to understand any deficiencies in coverage. If unacceptable gaps become apparent, you can likely find a […]
Read More
Like much of IT, cybersecurity is not a one-size-fits-all proposition. The comprehensive approach that large enterprises should employ to identify and address risks and detect and respond to attacks is often out of reach for small businesses. Yet as the frequency and impact of cyberattacks on businesses of all sizes continues to grow, the typical small-business approach of taking the usual precautions and hoping for the best is proving to be inadequate. Many small-business owners are willing to do more to improve their cybersecurity but don’t know what else to do. The number of options — whether products or services […]
Read More
What’s your business’ policy for dealing with mobile device security? The immense popularity of mobile devices is inescapable, yet most small businesses have given little real thought to how best to manage them. Until recently, I shared the opinion that there often isn’t much to worry about. The amount of corporate data on mobile devices was limited (most of it to email) and we can usually remotely erase a lost device, thereby dealing with the most obvious threat. But as the usage of mobile devices has grown, so have the amount and types of sensitive information that they contain. Cloud-file […]
Read More
Cybersecurity awareness is key for business. From a cybersecurity standpoint, the one behavior that leads to more headaches than any other for small or midsize businesses is people clicking (or otherwise acting) on things in emails that they shouldn’t. The IT team can help: Certainly scanning email for malware or signs of phishing is a must. Other techniques that detect and take action on the presence of malware on a computer or network have also proved effective, but there is only so much that anyone can do technically to mitigate the potential impact of email attacks. Cybersecurity Threats are more […]
Read More