Cybersecurity is an ever-evolving field with both threats and defensive approaches changing rapidly in the face of advances in technology and the behavior of attackers. No one is beyond the reach of these threats, and as such, organizations of all shapes and sizes must have the tools and guidance they need to manage and minimize risk to their operations.

Never before has that guidance been more important, and with that in mind, the Cybersecurity and Infrastructure Security Agency (CISA) has released the Cross-Sector Cybersecurity Performance Goals (CPGs).

These goals represent a subset of cybersecurity practices, selected to significantly and directly reduce risk

What Is CISA?

CISA is a federal agency within the Department of Homeland Security charged with leading and coordinating cybersecurity strategies and operations for the United States government and critical infrastructure. This agency works in collaboration with both private and public entities, allowing them unique insight into the state of cybersecurity and the threat landscape,

Now, they’ve also come together with the National Institute of Standards and Technology (NIST) and used input from industry experts to identify the most common and impactful threats.

This knowledge resulted in the development of the CPGs.

What Are Cross-Sector Cybersecurity Performance Goals (CPGs)?

The CPGs are a prioritized set of cybersecurity practices aimed at meaningfully reducing risks to both critical infrastructure operations and the American people. The CPGs are meant to be optional and can be adopted by organizations that would like to enable the prioritization of security investments. They can also be combined with broader frameworks like the NIST CSF.

This results in organizations, especially small and medium-sized organizations, getting the help they need to quickly identify and implement basic cybersecurity practices.

How Are the CPGs Different From Other Standards?

Plenty of existing cybersecurity guidance and frameworks exist, such as the NIST Cybersecurity Framework. CISA and the Department of Homeland Security support the adoption of the NIST CSF by every organization, as it helps to build a holistic risk management program and implement additional NIST controls.

The CPGs, however, are intended to serve as a quick-start guide, helping organizations with limited resources or less mature cybersecurity programs to not only identify the most important security investments quickly but also help in communicating the importance of those investments to executives.

And, of course, the CPGs are mapped to the NIST CSF, so no additional work is needed to implement the relevant CPGs if your organization has already adopted the NIST CSF.

What Topics Are Covered by the CPGs?

The CPGs provide a useful guide for organizations to improve their security posture. But what specific topics do they cover?

The goals are spread out amongst 6 main distinct areas offering a wide breadth of topics. These areas include:

• Account Security

• Device Security

• Data Security

• Governance and Training

• Vulnerability Management

• Supply Chain

Within each category, you’ll find specific goals designed to help organizations protect their assets and data, with a focus on preventing, detecting, and responding to cyber incidents.

There is also a bonus “Other” area that covers outlier scenarios.

What Are Some Examples of the Goals?

Within these wide-ranging categories, you’ll find a wealth of specific goals, broken down into tangible, achievable tasks. Here are a few examples of goals at a glance:

• Implementing physical protection measures

• Protecting technology assets from attack

• Using improved logs and encryption to protect sensitive data

• Revoking access for departing employees

• Separating user and privileged accounts

• Reducing the risk of exploitation of public-facing assets

• Understanding and implementing cyber security best practices

• Building stronger relationships between IT and OT cybersecurity

• Response and recovery for cybersecurity incidents

These are amazing goals that every organization should consider to keep their data and assets safe. They, at a minimum, represent a baseline of security best practices to protect organizations from cyber threats.

Remember, the CPGs are not mandated by CISA, but rather provide a minimum baseline of cybersecurity practices that organizations should consider.

Check Out The Full List

The CPGs provide a minimum baseline of security best practices for any organization but are especially helpful for smaller organizations or those with limited resources. If you’re looking to improve your security posture and need a quick start guide to get you on your way, the CPGs can help streamline the process and get you up to speed quickly.

Be sure to check out the full list of CPGs to understand more about the goals in each category and begin working with your team to implement them.

We’ll Help You Meet And Exceed Your Cybersecurity Goals With The Best Security Solutions!

Do you require assistance in determining the best course of action for your cybersecurity requirements?

We can help.

If you currently have an IT team, or are starting from scratch, we can give you insight into our industry knowledge so you can create future-proof cybersecurity solutions.

If you need help or advice, we’re here to help! Contact us today and let us help you get started.

Mobile malware is a scary form of cyber-attack wrecking havoc in organizations across the world. In fact, research indicates that mobile malware attacks have skyrocketed by 500% in the last few years. 

To defend against mobile malware attacks, you’ll need a bespoke strategy. Learn how to create one and better protect your organization below. 

What is Mobile Malware? 

Mobile malware is a form of malicious software that specifically targets mobile devices like smartphones and tablets. These sneaky pieces of code are used by hackers for a range of unscrupulous activities, including spying on users, stealing data from devices, committing fraud and hijacking networks the devices connect to, but to name a few. 

Why Are Mobile Malware Attacks Increasing Each Year? 

There are several reasons for the increase in mobile malware attacks. Firstly, we must remember that smartphones have really come into their own over the last two decades. Nearly everyone in the Western world has a mobile device, and these devices are packed full of sensitive information like personally identifiable data, healthcare information and financial details. 

All of these factors make mobile devices extremely appealing to hackers, who are keen to get their hands on the sensitive data our phones store. Moreover, mobile devices tend to have less robust security measures in place than laptops and desktop computers. In essence, this makes them easier to hack than enterprise infrastructure.

The Anatomy of A Mobile Malware Attack

You’re probably wondering how hackers conduct mobile malware attacks. Well, just as there are numerous forms of malware, there are also numerous ways a hacker can exploit your smartphone or tablet. Some of the most prevalent threats are:  

• Fraudulent malicious applications: One of the most common ways by which hackers break into mobile phones is through the creation of malicious applications that masquerade on popular app stores as legitimate, well-known ones. It can be really tricky to spot a malicious app while looking to download something new. Hackers will imitiate well-known apps with high-levels of accuracy, often using company logos and descriptions to lure users into pressing download. Of course, when the user does download the app, they accidentally enable malware to crawl through their device and data. While popular app stores have tried to crackdown on this threat, it remains prevalent. We recommend looking for typos and app reviews to assess whether an app appears legitimate or not. 

• Social engineering: SMS-ishing and instant messaging social engineering attacks are another favorite amongst hackers targeting smartphone users. In these attacks, a cybercriminal will send their victim a message or text pretending to be a trusted brand, government body or individual. The message will typically include a link to a phony application or webpage, which encourages the user to download a program onto their device or share sensitive information. 

• Man in the middle attacks: Hackers may try to break into mobile phones by hijacking public WiFi networks that people often connect to, such as ones found in coffee shops or airports. If they successfully compromise such a network, the hacker can spy on all communications that occur between devices connected to it, and also exploit the devices connected to it by launching malware - and the victim will be none the wiser.   

How Do I Know If My Phone Has Been Impacted By Mobile Malware? 

One of the scariest things about mobile malware is how hard it is to spot until it is too late. It’s in a hacker’s best interest to stay stealthy and unnoticed. Victims may not realize their phone is compromised until they receive a notification from their bank asking about unusual login attempts, or their corporate network is taken down by a ransomware attack. 

Both personally and professionally, mobile malware can have huge repercussions, with your employees’ devices effectively acting as trojan horses that allow hackers into your network.

As we all know, data breaches and cyber-attacks are bad for business. The compliance landscape is increasingly rigorous and citizens are more aware of their data protection rights than ever before. Companies simply can’t afford to suffer a successful mobile malware attack.

Protecting You and Your Company From Mobile Malware 

With so much at stake, putting the right tools and awareness policies is crucial to beating the mobile malware threat. Here’s how to protect your company: 

• Put in place a security awareness and education initiative that educates users on social engineering attacks, malicious applications and the security risks of public WiFi networks.

• If your employees use corporate devices, deploy mobile device management (MDM) on these tools to heighten security.  

• Combine MDM with a solid mobile device usage policy that governs how employees should use their corporate mobile devices. For instances of bring your own device (BYOD), we recommend sharing a similar policy. 

• Implement multi-factor authentication for corporate applications and devices. 

• Automate the application and hardware device update process to reduce the potential for hackers to take advantage of security holes and bugs. 

We’ll Help You Defeat The Mobile Malware Threat With The Best Security Solutions! 

Do you require assistance in determining the best course of action for your cybersecurity requirements? We can help. If you currently have an IT team, or are starting from scratch, we can give you insight into our industry knowledge so you can create future-proof cybersecurity solutions. 

Did you know that, by 2025, the analyst house Gartner predicts that 99% of cloud security failures will be the customer’s fault? 

Why? 

Cloud misconfigurations. 

It’s a common misconception among businesses that the cloud has inherent security flaws. This isn’t the case at all. In fact, the cloud is often a lot more secure than on-premises servers and infrastructures. 

This is because cloud services providers (CSPs) like Amazon, Microsoft and Google spend billions of dollars each year ensuring their underlying infrastructure is safe and secure. As a result, cloud services are almost impenetrable to hackers. 

The problem isn’t the cloud itself. It’s how organizations use it.  Read on to find out why.

The Cloud and The Shared Responsibility Model 

To understand cloud misconfigurations, we first need to understand the nature of cloud services. You see, the cloud works on a shared responsibility model. In this paradigm, the CSP is responsible for securing the infrastructure of the cloud service, while the client - that’s you - is responsible for securely configuring the service itself.

Trouble arises when cloud customers either incorrectly configure these services or forget to configure them at all. This issue is, unfortunately, very common. In fact, in 2018 and 2019, cloud misconfiguration breaches cost companies almost US$5 trillion.

What Are Cloud Misconfigurations? 

A cloud misconfiguration occurs when an organizations fails to properly configure the settings, policies or identities associated with a cloud service. This can leave the data and applications they use either exposed to the public internet. It can also result in data leakage, data theft or inappropriate use of sensitive data. 

While, on first look, you might think it’s easy to avoid misconfigurations in the cloud, this isn’t the case. They pose a huge risk to cloud environments, and are the biggest security challenge organizations must overcome in the coming years.

One of the reasons cloud misconfigurations are so common is the fact that each cloud service comes with its own unique settings and policies. While an organization might be able to correctly configure one service or application, that doesn’t mean they’ll find it easy to do the same for other services they use.

On top of this, we must remember that cloud service providers frequently update their offerings with new tools, solutions and features. Every time this happens - and it happens often - organizations will need to reevaluate their settings to ensure everything is still as it should be. Otherwise, they may be at risk of a beach without even knowing it.

Lastly, we must remember that most organizations have started embracing the cloud rather quickly and somewhat haphazardly. Without a security strategy in place, forgotten cloud instances and applications may secretly be leaking out data, while organizations are none the wiser. 

The Risks Of A Cloud Misconfiguration 

While misconfigurations are accidental, that doesn’t mean that compliance organizations, customers or partners will look on these breaches lightly. At the end of the day, any instance where data security is undermined could be looked upon as a violation of data privacy laws under regulations like HIPAA, GDPR and CCPA.

So, if you suffer a misconfiguration, you could end up with a hefty compliance fine, damaged customer trust and lost revenue. Small businesses, in particular, may struggle to recover from the fallout of a cloud misconfiguration. With compliance fines often ranging up to 4% of annual turnover, organizations may find it difficult to stay afloat.

Moreover, while some SMBs think that they can suffer data breaches without anybody knowing, this is now far from the case. Hackers are often on the lookout for cloud instances that have accidentally been left public. Even if you manage to avoid the initial fallout of a cloud misconfiguration, hackers may steal the data you’ve left public, resulting in a larger-scale breach that hits the headlines. 

How To Prevent Cloud Misconfigurations

It’s in your company’s best interest to get a handle on cloud misconfigurations and securely use the cloud - not only to improve cybersecurity but to boost efficiency too.

Incorrectly using the cloud can dampen employee productivity, hamper innovation and drive up costs. By correctly managing the cloud and configuring it strategically, your business will benefit in numerous ways over the long term. 

However, navigating the cloud requires expertise and specialist cybersecurity skills. Configuring and managing multiple cloud environments is not easy. That’s why many SMBs look to us to help with cloud configuration reviews and cloud security management.

Secure Your Cloud Workloads Today! 

Do you require assistance in determining the best course of action for your cloud requirements? We can help. If you currently have an IT team, or are starting from scratch, we can help you with our cloud security solutions to discover and remediate cloud misconfigurations, and improve cloud efficiency.  Contact us today to find out more. 

Sometimes all it takes is one click: One of your staff members receives a spam email, opens a misleading link, and almost immediately malware starts to spread through your system. Even in the best of circumstances, a keylogger, Trojan, or ransomware application can do irreparable harm to your company. However, if you adhere to the concept of least privilege, that could assist you in limiting the spread. This might take several weeks or months to fully restore your workplace network.

Unfortunately, situations like these are becoming more frequent. A growing number of businesses depend on cyber insurance to shield themselves against the financial losses brought on by digital risks like cybercrime, malware, and ransomware.

The cyber insurance business has grown more competitive as a result of the exponential development of unfavorable security occurrences over the previous years. Therefore, organizations have been changing requirements for cybersecurity insurance.

The Requirements for Cybersecurity Insurance Organizations Make

Below are the changing requirements business owners make due to the worldwide surge in cyberattacks:

Increase in premiums

An increase in ransomware assaults is a crucial factor in the current changes regarding cyber insurance premiums. The prevalence of ransomware has increased significantly in the last few years, leading to several increased assaults against public institutions, public infrastructure, and corporate entities. According to research, ransomware has successfully affected 71 percent of businesses worldwide. 

This indicates that ransomware attacks on individuals, companies, and government agencies are becoming more frequent and more severe. A good example is the most prominent and famous case of the Colonial Pipeline malware assault, which happened as a result of leadership continuously failing to resolve discovered security gaps or to put in place a program that promotes standard cyber hygiene practices. 

Colonial Pipeline decided to go against the advice of the law administration and security professionals and paid a hefty ransom.

Increased ransomware assaults will inevitably lead to more cyber insurance needs, and that raises the risk for carriers and raises written premiums.

Reduction in coverage

Certain insurers are outright rejecting coverage as a result of the pressure. Some firms are being flatly refused after completing a policy request or a yearly renewal survey, which was once a fairly simple process to perform. Those who are accepted encounter substantially stricter pre-audit standards that require a higher security strategy in respect of both policies and incident management procedures.

These firms face the possibility of losing their current coverage entirely unless they take immediate action to tighten their security measures, which is frequently within 60 days. Many organizations are looking into SaaS-delivered privacy solutions that offer quick time-to-value due to the pressing requirement to implement controls and establish risk reduction.

Stronger standards and exclusions

The chance to offer the necessary cyber insurance is not being seized with enthusiasm by insurance companies. In particular, reinsurers and insurers are pausing to reassess their risk tolerance. Additionally, these providers have started to demand additional documentation to assess their clients’ internet programs.

To better understand the inherent danger that a company is exposed to, insurers collaborate closely with security experts. In the end, companies that don't produce enough documentation or don't have the necessary processes might not be covered. Alternatively, the company may be compelled to pay increased premiums or face losing the account's insurance limits.

The strengthening of applicant cybersecurity standards is one method insurers are addressing. Along with other controls like the availability of an endpoint identification and management solution, encrypted and secured backups, privileged accessibility, contingency planning, incident management planning, data security awareness training, etc., MFA (multi-factor authentication) is increasingly becoming a crucial requirement of many insurance providers.

Increased cyber insurance demands

If the year 2021 is any indication, no company is immune to a cyberattack. More businesses are becoming aware of how exposed they might be to cyberattacks as the volume and expense of cyberattacks rise. Dealing with cyber-attacks does not only entail direct expenditures but also indirect expenses like business operations interruptions and social damage. As a result, there are now more requests for insurance coverage.

Increasing rates of self-insured retention

Through the introduction of retention clauses, companies anticipate that their customers will assume greater risk even as coverage levels are reduced and prices rise. A retention term, like a threshold, establishes the percentage of damages that insurers will be accountable for till the insurance plan takes effect. While retention policies are frequently required by the providers, some insurance applicants voluntarily accept higher retention levels to limit premium hikes.

Improve your Cybersecurity System with BrainStomp, Inc.

Do you require assistance in determining the best course of action for your IT requirements? We can help. If you currently have an IT team, we can supplement it by giving you insight into our industry knowledge so you can create future-proof IT solutions. 

Contact us today to learn more.

In this present time, a company refusing to take cybersecurity seriously will be seen as irresponsible and taking a huge risk. 

Now that clicking a link, opening a file, or deleting confidential info improperly can result in millions of dollars in damages, significant reputational harm, and harsh regulatory fines, companies need to sit up when it comes to cybersecurity. 

Laws regulating cybersecurity practices make it obvious that enterprises must do more to protect data and ensure security protections are in place. 

Trends To Watch Out For in 2023

While no one can predict how it will evolve in the future, certain clear trends are appearing in the short term. Below is a deeper look at some new trends that will most likely become more prevalent in 2023:

1. Increase in Mobile Device Targeting

Approximately two-thirds of the world's population now own and consistently use a smartphone, and many firms have responded by creating and modifying their websites or applications to ensure compatibility with these devices. However, cyberattackers and fraudsters have also followed suit, and as a result, mobile devices are quickly becoming the preferred conduit to channel their efforts for operations.

Because of quick and continuous advancements and strides made in technology, no one knows the next thing cybercrime and security might be. Nevertheless, security specialists are striving to predict cyber attackers' potential moves and develop less vulnerable systems, processes, and technologies. Increased security awareness training for staff to defend themselves may be the key to enhanced cybersecurity.

2. User Awareness 

In a recent survey, it was discovered that 97% of individuals that regularly access the internet cannot differentiate between normal and phishing email. This must be a factor that contributes to the rise of successful email phishing attacks, and, generally, hack attacks.

This demonstrates the critical importance of awareness and education in detecting and preventing identity theft and network intrusions. However, many firms now go beyond building robust firewalls and complex IT procedures to enhance the capabilities of their IT workers through further training. This will help them get better at combating cyber-attacks.

Some organizations encourage and develop cybersecurity awareness even during work hours. Some are also paying closer attention to how employees communicate and manage sensitive information. For example, many businesses are now putting in significant efforts to educate their staff on how to guard against identity theft.

3. Increase in IoT Exploitation

The rise of the Internet of Things (IoT) expands economic prospects and enhances the quality of life, but it also opens the door to cybercrime. Devices such as fitness watches, voice-controlled refrigerators, and voice assistants like Google Home which are also generally referred to as "smart" products are examples of IoT devices. According to predictions, within the next seven years, there will be over 25 billion IoT devices connected to the internet. 

The problem is that having more gadgets linked to the internet increases the cyber-attack surface. In other words, the number of possible entry points for hackers to breach your digital infrastructure grows. When compared to PCs or phones, most IoT devices have considerably less security protection. As a result, one of the most crucial aspects of cybersecurity trends to look for in 2023 is IoT and increased digitalization.

4. OTP Bypass

In 2022, threat actors doled out some illegal services with considerable success. One such service was OTP bypass, where users could, with certain apps, bypass MFA as a security service. All users had to do was purchase the required apps, log in, and get a different number, then use it for the 2FA or MFA process. While this has an advantage; it prevents users from submitting personal details online; it will not take much time before hackers begin to take advantage of this. 

This service will most certainly expand as demand for these services grows in the future.

5. Improved Cloud Security

Remote working has increased in the previous two years. It is therefore no surprise that cloud solutions have experienced significant growth, with many businesses attempting to secure their spaces in the cloud and leverage its numerous benefits. 

The many benefits of cloud solutions for businesses include operational and economic efficiency and enhanced scalability. However, because these benefits-cum-services do not provide audit recording or secure authentication, they are a potential target for fraudsters.

To discourage hackers, businesses should take note of and deliberate on employing inventive and analytical cloud protection solutions. Analytical security can help in identifying threats that circumvent other endpoint security processes and systems.

6. Remote Working Might Be More Harm Than Good

People are one of, if not the weakest links, in a company's security system. Human error frequently has the most severe consequences for businesses. This is why targeted ransomware, social engineering, and phishing assaults are such important components of every hacker's cache. 

Specific security staff is responsible for performing social engineering simulations to guarantee that staff don’t become victims of cyber assaults. However, there has been a surge in very sophisticated phishing assaults all across the world, and this is largely, but not completely, due to remote work. After all, remote work makes employees less security-conscious. 

More recently, businesses are pushing out policies like dedicated work laptops and strict password sharing. Those can only take us so far. 

Let BrainStomp Help You with Your Cybersecurity Setup

For businesses, cybersecurity is gradually becoming a key aspect to watch out for, and your business should not be left out. Ensuring your business’ online security is as solid as ever is key to business growth and progress. 

BrainStomp can help you with that progress; after all, business cybersecurity is our forte. Contact us today to get started.

When it comes to Bring Your Own Device (BYOD) programs in the workplace, security is always the top concern. 

After all, with employees using their own devices to access company data, there’s a greater risk of that data being compromised. 

According to a Zippia Research Summary for 2022, 75% of employees use their personal cell phones for work.

Fortunately, there are a few things you can do to secure your BYOD program and keep your data safe. 

1. Require Strong Passwords 

The first step to securing your BYOD program is to require strong passwords from employees. 

This will help to prevent hackers from gaining access to devices and company data. 

To make sure passwords are strong, you can require employees to use a certain number of characters, use a mix of letters and numbers, and use special characters.

You can also require employees to change their passwords on a regular basis. 

2. Use a Mobile Device Management Solution 

Another way to secure your BYOD program is to use a mobile device management (MDM) solution. 

This type of software allows you to manage and monitor mobile devices that are connected to your network.

With an MDM solution, you can remotely lock or wipe devices if they are lost or stolen. 

You can also push updates and security patches to devices, as well as enforce policies such as password strength and screen lock timeout. 

3. Limit Access to Sensitive Data 

Another security measure you can take is to limit access to sensitive data. 

This can be done by using data loss prevention (DLP) software. 

DLP software can help you to control how data is shared, preventing it from being emailed, printed, or copied to unauthorized locations. 

4. Encrypt Data 

Another way to protect data is to encrypt it. 

This means that data is converted into a code that can only be decrypted by authorized individuals. 

When data is encrypted, even if it falls into the wrong hands, it will be much more difficult for unauthorized individuals to access it. 

Some encryption methods include:

• Using software to encrypt a hard drive

• Using email encryption on sensitive messages

5. Educate Employees 

It’s important to educate employees about BYOD security. 

This includes teaching them about strong passwords, how to spot phishing attempts, and what to do if their device is lost or stolen. 

By educating employees, you can help to make sure they are taking the necessary steps to keep their devices and company data safe. 

6. Use Two-Factor Authentication 

Another way to secure your BYOD program is to use two-factor authentication (2FA). 

With 2FA, employees are required to enter not only a password, but also a code that is sent to their mobile device. 

This makes it much more difficult for hackers to gain access to devices and company data. 

7. Enable Remote Wipe 

If an employee’s device is lost or stolen, you can remotely wipe it to prevent unauthorized access to company data. 

This will delete all data from the device, including any apps or files that are stored on it. 

8. Use a VPN 

A virtual private network (VPN) can also help to secure your BYOD program. 

A VPN creates a secure, encrypted connection between an employee’s device and your network. 

This helps to prevent data from being intercepted or accessed by unauthorized individuals. 

9. Keep Devices Updated 

It’s also important to keep devices updated. This includes installing security patches and updating applications. 

By keeping devices updated, you can help to prevent vulnerabilities that could be exploited by hackers. 

10. Use a Trusted Source for Apps 

Finally, make sure employees only download apps from trusted sources. 

This includes official app stores such as the App Store or Google Play. There are also enterprise app stores that offer vetted, business-ready apps. 

By using a trusted source for apps, you can help to prevent employees from downloading malicious apps that could compromise company data. 

Is your BYOD program secure? 

BYOD programs can be a great way to improve productivity and allow employees to work from anywhere. 

By taking these security measures, you can help to keep your company’s data safe.

Need help securing your own BYOD Program?

Schedule a free consultation today! Call 260-918-3548 or reach out online.

The cloud has become an integral part of business for many organizations. It provides organizations with the ability to be more agile and scale quickly. However, the cloud also introduces new security risks. One of the biggest security risks is the possibility of data breaches.

4% of users will click on anything and 28 percent of attacks involved an insider.

Organizations need to be proactive in protecting their data in the cloud. Luckily, one relatively straight-forward way to do this is by using conditional access for cloud accounts. 

What is conditional access? 

Conditional access is a security feature that allows organizations to set conditions that must be met before a user can access data. If all of the these conditions are met, the user is allowed to access the data. If any of the conditions are not met, the user is not allowed to access the data. 

For example, an organization might require that a user be authenticated with two-factor authentication before they can access data. 

Conditional access can be a powerful tool for protecting data in the cloud. 

What conditions can be configured?

Conditional access is typically configured by an administrator. The administrator will define the conditions that must be met and assign users to the conditional access policy. 

While there are many different conditions that can be configured, some common conditions include:

• Authentication method: The authentication method that must be used. For example, two-factor authentication. 

• Location: The user must be accessing the data from a specific location. 

• Device: The user must be using a specific type of device.

• Time of day: The user must be accessing the data during a specific time of day. 

These are just a few of the many conditions that can be configured. It is important to note that a user can be a member of multiple conditional access policies. This flexibility allows administrators to fine-tune their security settings to best meet their needs.

What are the benefits of using conditional access? 

There are many benefits of using conditional access. 

Some of the most common benefits include:

• Improved security: By requiring that certain conditions be met before a user can access data, you can help to ensure that only authorized users have access to the data. This can be particularly important for sensitive data. 

• Greater control: Conditional access allows organizations to have greater control over who has access to data. Ensuring that users only have access to the data they need to do their jobs, and nothing more. This can help to reduce the risk of data breaches and other security incidents. 

• Increased flexibility: Conditional access provides organizations with the ability to be more flexible in how they protect data. Flexibility brings the ability to rapidly respond to changing conditions, which is crucial in protecting against sophisticated attacks.

Benefits far outweigh any cost or time investment to initially set it up. Even if an organization falls victim to a data breach, having conditional access in place can help to minimize the damage.

Should you use conditional access in the cloud? 

The answer to this question depends on the specific needs of your organization. However, if you are looking for a way to improve the security of your data in the cloud, then you should consider using conditional access. 

When in doubt, it's always best to err on the side of caution and protect your valuable assets. After all, it takes just a few moments of due diligence to prevent what could be a very costly mishap to your business, in both time and money.

Relying on a single security measure is never recommended. Conditional access is quickly becoming the new standard for cloud security because it offers a more comprehensive approach than previous methods. 

How can organizations get started with conditional access? 

There are a few things that organizations need to do to get started with conditional access. 

First, they need to identify which data needs to be protected. This data should be classified according to its sensitivity. Once the data has been classified, the organization can then create a conditional access policy. 

The policy should be created with the help of a security expert. Once the policy has been created, it needs to be assigned to the appropriate users. 

Finally, the organization should monitor the policy to ensure that it is working as intended. 

Have you implemented conditional access in the cloud? 

Conditional access is a powerful tool for protecting data in the cloud. When used correctly, it can help to prevent data breaches. 

If you are interested in using conditional access in your cloud account, BrainStomp can help your business with the smart security solutions it needs!

Schedule a free consultation today! Call 260-918-3548 or reach out online.

In 2019, 68% of organizations reported being victims of endpoint attacks. These are attacks that aren’t targeting the heart of your network and data, but rather the devices with access to them.

An endpoint is a collective term that describes the various devices that can connect to your technology systems. This includes wireless or wired networks, business cloud accounts, servers, and other systems that house software and data. 

The endpoints of your network include:

• Computers

• Mobile devices

• Printers

• IoT (internet-connected devices, like IP security cameras)

If it can connect to your network and systems, then you can classify the device as an endpoint.

Why are endpoints targeted?

There are two key reasons that endpoints make particularly attractive targets for cybercriminals:

1. They have access to a lot of information. This includes business cloud service accounts, data stored on hard drives and in the cloud, and business email accounts.

2. They are typically easier to breach than a network or cloud service. Endpoints (like an employee’s smartphone) can get left out of network security monitoring, and IoT devices often have notoriously weak firmware security.

One thing that makes securing endpoints challenging is the number of them in a company. As more of the business workload is handled by mobile devices, the more endpoints can multiply. This is especially true if a company uses a BYOD (bring your own device) approach to mobile use.

The average endpoints per company size are:

• Less than 50 employees: 22 endpoints

• 50-100 employees: 114 endpoints

• 101-500 employees: 489 endpoints

• 1,000-3,000 employees: 1,920 endpoints

While looking at the sheer number of endpoints can seem overwhelming, by automating the process and following best practices, you can significantly improve your device security.

Here is a guide of tactics to help you do that.

Address Access to Company Systems 

When a hacker either breaches a device or gets their hands on a lost or stolen device, they can often easily access business apps on that laptop, PC, or smartphone.  You can hamper that process by using an access management system for your devices.

For example, if you safelist approved devices that are allowed to access your network, as soon as a device goes missing or is infected with malware, you can remove that device from the safelist. This will block access to your data immediately.

Update All Mobile Operating Systems

Do you know whether all mobile devices with access to your business systems are running the most updated version? Users that don’t update, end up putting company networks at risk because their device doesn’t have the latest patches for found system vulnerabilities.

A shocking 99.2% of US government Android users were found to be running outdated operating systems. Businesses face a similar problem with ensuring employees keep smartphones and tablets updated properly.

Automating device updates through a managed IT services support plan is one of the easiest ways to keep all endpoints updated and protected from hacks.

Automate Device Lifecycle Stages

A device lifecycle starts at the point the device is connected to your network and issued to a user (if it is company owned). It ends when the device is disconnected from your network and systems, either due to it being decommissioned or the employee that owns the device leaving.

There are several security concerns during a device's lifecycle. These include:

• Setting up passcodes and apps

• Adding the device to a safelist or mobile device manager

• Keeping company data on the device backed up

• Granting access levels to various business software

• Ensuring the device is secured and updated

• Revoking privileges for a device and removing company data

If all these processes are done manually, there is much room for error. Human error is one of the main causes of data breaches of business networks. Automate as many of these lifecycle processes as possible to reduce risk.

Use an Endpoint Device Manager

While a small business might not think they need a mobile device manager, it can be a real security benefit. Trying to handle things like data backups, antivirus, and updates for all employee devices used for work can be time-consuming. 

A mobile device manager can more than pay for itself by handling all these processes easily and simplifying the process of digital offboarding when an employee leaves.

These applications also provide important monitoring and reporting to help identify any anomalous data access behavior. They can also revoke access to non-approved devices by default.

Train Employees on Device Security (passcodes, malicious apps, etc.)

Employees need to understand how to keep their devices secure, the dangers of downloading any “cool” app they see online, and the need for things like device passcodes.

People often don’t understand the safeguards that need to happen to keep company data secure when it comes to their personal devices used for business. For example, they might think it’s no big deal if they allow a friend or family member to use their tablet, unaware that because of the data that tablet has access to, they may have just caused a compliance breach.

Training on device security improves cyber habits for most team members and strengthens your endpoint security.

Need Help With Endpoint Protection?

Don’t leave your endpoints unprotected! BrainStomp can assist you with effective and affordable options to reduce the risk of a device breach.
Schedule a free consultation today! Call 260-918-3548 or reach out online.

One of the most difficult types of attacks to ward off are those perpetrated by insiders. “Insiders” are considered anyone that has a legitimate credential to access a technology system. This would include your employees and any vendors that need access to your network. It can also include those that have stolen the credentials of an authorized user.

Why are insider threats so hard to detect and stop? Because when someone is logged in to a website, software, or network with a legitimate user credential, they bypass certain security safeguards. For example, a firewall set to look for unauthorized access, would not have protections triggered for legitimate users.

According to a 2022 report by Ponemon, the frequency of insider attacks rose by 44% over the last two years, showing an alarming upward trend. Additionally, the cost of remediating these attacks also increased, by 34%.

Organizations that haven’t put cybersecurity solutions in place specifically to address insider threats, run a high risk of suffering a data breach or malware infection.

Let’s discuss the various types of insider threats because identifying them is the first step toward defending against them.

Types of Insider Threats

Contrary to popular beliefs, most insider threats aren’t malicious at all. A majority are not the result of disgruntled or opportunistic employees stealing data or planting a virus. Fifty-six percent of insider attacks are the result of careless employees. 

Here are the four main categories of insider threats.

Careless Employees

Unless staff is trained regularly in cybersecurity awareness and data handling practices, they can easily make mistakes that put a company at risk. From falling for phishing scams to storing passwords in a non-secure way, there are plenty of ways that poor cyber hygiene can cause your company grief.

Malicious Employees

Another category of insider threat is the employee that purposely steals sensitive data or introduces malware into company systems. This category accounts for a little more than 1 in 4 insider attack incidents.

Vendors/Contractors

Another area of concern is insider threats that come from those you need to provide access to your company data and systems. This may be a marketing company you hired or a temporary contractor that needs to log into one of your technology systems.

If these vendors have lax security or are fishing for sensitive data, it could mean a breach.

Hackers with Stolen Credentials

The fourth category of insider threat is the hacker with stolen login credentials. Password theft has skyrocketed with the increased use of cloud computing systems. Company data is now easier to access than ever before because it’s cloud-based and can be gotten at from anywhere in the world if you have the right login.

According to the latest IBM Cost of a Data Breach report, credential theft is now the #1 driver of data breaches globally.

Indicators Your Company is at Risk for Insider Attacks & What to Do About It

Is your company at unnecessary risk of an insider attack right now? Here are some of the red flags that indicate you are.

Employees Don’t Receive Security Awareness Training Regularly

Training employees on how to detect phishing once per year is not enough to mitigate the risk of a mistake causing a breach. If you don’t have regular discussions on security and employees only get trained once per year or less, then you’re at a high risk of a careless insider causing an incident.

Employees retain information better if it’s presented at least every 4-5 months. That means training approximately once per quarter. Training can be done by video, through in-person training with an IT pro, phishing simulations, and other ways.

Your Company Doesn’t Manage Devices Well

Are you keeping track of device access to your network? Do you know all the PCs and mobile devices employees use to connect to your business apps and data? If not, then an insider breach could easily happen. This can be through a non-secured device, a device that is infected with malware, or by a hacker because the system doesn’t have a way to recognize unauthorized devices.

Using an endpoint device management application (such as Microsoft’s Intune) can significantly improve your security for all those endpoints and reduce breach risk.

Security Policies Aren’t Enforced

Do managers and staff take shortcuts that bypass security policies? For example, you may have a policy that users being assigned as administrators in your cloud accounts need to be approved by a supervisor first. However, to quickly get something done when someone is out sick, this rule is broken, and someone is given admin credentials without approval.

That’s just one example of how security policies that seem inconvenient can be neglected if they are not enforced. It’s important to let staff know that these policies might seem to be "in the way” at times, but they’re there to protect everyone from a much larger issue, a data breach of your systems.

Get Help Improving Your Defenses for Insider Attacks

BrainStomp can help you put layered security in place that addresses all types of insider threats, from those that are due to carelessness to the malicious types.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

There has never been a more serious time to protect your information than now, with security breaches, cybercrime, and internet fraud on the rise. In recent years, the majority of recent breaches have involved password hacks.

Many big companies and celebrities have been victims of password hacks leading to data breaches. If this can happen to them, what is the guarantee that it won't happen to you?

There are so many ways a hacker could access your account. As a result, some measures can help prevent this tragedy from happening. One such measure is two-factor authentication.

But how does this help, and what is the importance of 2FA? 

Ways Hackers Can Get Your Password

According to a study, 90% of passwords can be cracked in a few hours.

Even if you have a secure password, there are ways for hackers to access your accounts without even knowing it. These include keylogger installation on your computer and phishing scams.

Here are ways hackers can get your password

Brute Force Attacks to Break Weak Passwords

Hackers can brute force your password if it is just a word followed by some numbers, especially if it is not very long. They execute a script that tries each and every possible pairing of characters and numbers until they succeed.

Dictionary Attacks

Most users, two out of three, use the same password. Every time you read advice on how to make a strong password, it always mentions staying away from dictionary words. This is because hackers can run scripts that attempt various word combinations and enter every word in the dictionary. In light of this, if your password is "thegreatchinawall," it might be broken in a matter of minutes.

Keyloggers

You can contract this terrible virus by browsing the internet. Upon startup, it starts running in the background, logs each keypress you do, and sends that information to the attacker. Your entire private discussion, as well as your passwords, are in jeopardy.

Password reset

Almost all known password reset links are provided via email. Thus, if a hacker has access to the email in its entirety, they can use it to reset passwords. You will therefore lose access to your email and all of your accounts.

Phishing Website Scams

These assaults differ somewhat from the others. They don't launch malicious programs or install malware. These are websites that are virtually exact replicas of popular, legitimate websites like Facebook and Twitter. As soon as you attempt to log in, they do nothing but submit your login details to the attackers' database.

Why You Need to Use Two-factor Authentication

Even with two-factor authentication enabled, there are still more ways to protect your online accounts. However, 2FA is still one of the best forms of cybersecurity.

Due to the ease with which fraudsters can change passwords on other accounts using email, the National Cyber Security Centre (NCSC) advises implementing two-factor authentication for "high value" and email accounts. It would be best if you used strong passwords and a distinct password for each of your accounts in addition to two-factor authentication. Instead of writing down or saving your passwords online, you can manage them all with a password manager.

Microsoft found that 99.9% of cyberattacks can be stopped and avoided by simply employing two-factor authentication. Here are five important benefits of incorporating two-factor authentication into your security strategy.

1. Improved security

By requesting a second form of identity from the user, such as SMS, email, biometrics, or another type of two-factor authentication, the possibility of an attacker impersonating the user and accessing sensitive resources is decreased. Even if a hacker succeeds in gaining access to the password, they will be unable to access any accounts without the specific code provided by the authenticator.

2. Fraud reduction and establishing safe online connections

The cases of identity theft are on the rise, and this directly impacts revenue. In the worst cases, it might lead to trust, brand equity, and credibility loss. According to research, even if a retailer did not commit the fraud, customers who have been the victim often steer clear of them. Two-factor authentication adds extra security to online connections and helps keep the site secure.

3. Your information will be safer.

Customer passwords and user IDs are well known for being weak and simple targets for hackers, particularly when customers select obvious passwords like "112233" and "password." Writing down passwords in physical or online files where thieves and cybercriminals might find them creates an additional vulnerability. 

With physical characteristics and one-time passwords (OTPs), which are more challenging or impossible to guess, two-factor authentication (2FA) increases data security.

4. Increase productivity

Making your data more secure will enable you to let your staff work remotely without worrying about a data breach, which will increase productivity.

5. Lower help desk and security management costs

Help desks are loaded with time-consuming password resets, which two-factor authentication helps to reduce. Users can safely reset their own passwords with the help of two-factor authentication. Employee productivity has grown as a result, which benefits firms.

Protect Yourself 

Make it harder for thieves and email phishers to get to you. Ensure those criminals need more information than your username and password to commit fraud against you. 

Your password should be at least twelve(12) characters long and contain both uppercase and lowercase letters, digits, and special characters; it should not contain any dictionary words or sensitive information like your date of birth or name.

If you are worried about your identity, you should practice using two-factor authentication since it prevents you from being hacked or having your information stolen.

For more information on why you need to use two-factor authentication and how to set it up, we at BrainStomp are here to help. Send us a message or call 260-918-3548.