Business Continuity: Are You Sure You’re Ready?

Oscar Wilde once stated, “To expect the unexpected shows a thoroughly modern intellect.” In continuing our look into being prepared during Cybersecurity Awareness Month, our second installment will focus on business continuity, what it entails, and the ongoing process to ensure it doesn’t become a "set it and forget it.”

October is Cybersecurity Awareness Month, but it’s about more than just awareness. It’s important that your organization is prepared for the inevitability of facing cyberthreats.

There is an old saying that states, “Take care of your house and let others worry about theirs.” This might be valid in the pre-internet world, but with so many dependencies and relationships that have been created between partners and third-party suppliers, the “trust but verify” motto has become commonplace—or has it? Companies are only as strong as their weakest links. Creating a strong cybersecurity program internally is not enough, as the program should include all aspects of business in which data is vulnerable.

I can remember the moment clearly: I was in an early-morning meeting with several of my employees. Several minutes into the meeting, my mobile phone came to life with notifications and a call. Shortly after answering, there was a knock at the door. Almost instantly, I did not feel so well; I knew this couldn’t be good. As if it were rehearsed for stereo effect, I heard the words no one ever wants to hear: “I think we’ve been hacked.” My first response was, “Not possible!” Turns out, it was very possible and very much a reality. To be fully transparent, I thought my life and professional career were over in that moment; 25 years down the drain just like that! I took the cyberattack very personal.

As an Executive Director at one of the largest school districts in my state, I had officially become the next victim of ransomware.

Current Status of Hafnium

Coming on the heels of the still evolving SolarWinds data breach, it is now verified that four previously unknown or "zero-day" vulnerabilities in Microsoft Exchange Server are being used in widespread attacks against thousands of organizations, with many more potentially affected, according to security researchers.

In part one and part two of this blog series, we shared fourteen cybersecurity tips to prepare your organization for 2021. This blog post includes seven final tips to keep your organization safe in 2021.

In the previous installment of this blog series, we shared seven cybersecurity tips to prepare your organization for 2021. This blog post includes seven more tips to help protect your organization from cyber-attacks.

2020 has been a groundbreaking year on many fronts. Unfortunately, the majority of them have not been good ones. On October 28, 2020, the FBI, HHS, and CISA jointly reported on an imminent threat to healthcare organizations (the Health and Public Health Sector) surrounding the Ryuk variant of ransomware and other malware most recently seen accompanying it. “We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” said Charles Carmakal, Chief Technical Officer of the cybersecurity firm Mandiant, in a statement.

Last week, I wrote about the first five steps to creating a culture capable of effectively defending against modern threats. This week, I'll take you through the next five steps. Let’s dive right in.

The best defense against modern cybersecurity threats is not based on technology at all. While there’s currently a great deal of focus on Artificial Intelligence (AI), good-ole human intelligence is the secret ingredient. To effectively prevent your organization from falling victim to cyber attacks, it’s essential that your employees develop strong cyber instincts. We constantly coach customers on the idea that the strongest firewall you can own is a resilient, human firewall. The statistics are staggering: spear phishing accounts for 95% of enterprise network attacks, according to the SANS Institute.