Cybersecurity Roundup: MSP Attacks, NCSAM, Exabeam, Comcast Business
… organizations of all sizes and is a critical component of improving the organization’s cybersecurity.
“In particular, employees should be trained on email security training prior to having access to company email,” he said. “Over 90% of cyber incidents begin with an email, so the earlier the email security training, the better. Organizations should also better understand their cybersecurity insurance policy (if they have one), and what is/is not covered in case of an incident or breach. Policies vary, so it’s important to know what the organization’s coverage is. We are also still seeing some of the basics not being implemented–such as strong passphrases, MFA and limited privilege, to name a few of the most important ones.”
Cybersecurity providers are always going to face new challenges because the threat actors are working studiously to improve their craft, Coleman said. Therefore, cyber threats are going to “continue to evolve and get better as technology and our knowledge of it evolves — which forces cybersecurity providers to stay current,” he said.
“Furthermore, new technologies are released into the marketplace and deployed across business networks every day,” he said. “Many of these technologies have software vulnerabilities because they are rushed to the market, have little or no security features built into them, and are often not purchased with security in mind — therefore, posing quite a few risks to the organization and creating new challenges for cybersecurity providers. Lastly, MSPs, in particular, are facing an onslought of attacks from threat actors, so (they) must take steps to secure their own organization, while also securing their customers. Criminals know what access to systems and data MSPs have, and are using these supply chain attacks to gain access to many networks from one privileged entry point. ”
The goal of NCSAM is to help businesses and consumers understand the importance of protecting their data and knowing how to protect it, Coleman said.
“We also want people to understand that cybersecurity is a shared responsibility, because what we do online can affect others,” he said. “This year we are also really focusing on behavioral change. More people understand the importance of cybersecurity, but now we need them to do something about it.”
Data shows that small businesses are often victims of cyberattacks as they tend to lack the resources needed to completely protect themselves from threats. In 2018, Ponemon Institute conducted a study showing 72% of small businesses reported malware slipping past their intrusion detection systems.
Ed Marsh, exporting advisor for American Express, provides the following tips for businesses to keep in mind to protect themselves:
- Don’t carry information you don’t need – consider using a travel phone and laptop with the bare minimum
- Always use a VPN for internet access
- Don’t connect automatically to public Wi-Fi
- Disable your Bluetooth
- Enable functionality to disable devices remotely or with multiple failed login attempts
- Change passwords frequently
- Recognize there are different standards for content (e.g. prurient, religious and or political) and ensure you don’t have documents, movies, music, etc.
Exabeam Enhances SMP
Exabeam, the security information and event management (SIEM) provider, Tuesday unveiled enhancements to its Security Management Platform (SMP), including integrated Mitre Attack framework labels and customized incidents to speed investigations, as well as …