Blog

Earlier this year, the National Institute of Standards and Technology (NIST) released Version 2.0 of its benchmark Cybersecurity Framework (CSF). NIST 2.0 provides critical updates to the guidepost document, addressing cyber threats that have emerged since its original publication in 2014.  Notable changes include:  As the first update since 2014, [...]

Modern higher education institutions need modern cybersecurity solutions. Colleges and universities are prime targets for credential misuse, phishing attacks, and ransomware, and the risk of a cyber attack is getting worse, not better.  According to Malwarebytes Labs, ransomware attacks at higher education institutions rose by 70% in 2023. That’s due [...]

Phishing. Stolen credentials. Malicious scripts. Brute force attacks. These were among the most prevalent cybersecurity threats for 2023, and they all have something in common: they all target access to your network through passwords or valid accounts.  Cybersecurity is definitely not something you want to take a chance on or [...]

Maintaining effective cybersecurity measures is an ongoing endeavor for every organization. The best cybersecurity programs use a variety of tools and methods to keep bad actors out while supporting the efficiency and productivity of legitimate users. Allowlisting and blocklisting are both key tools that can be used to determine which [...]

Passwords are the keys to our virtual kingdoms, and threat actors have become increasingly more adept at stealing, guessing, and hacking them. Unfortunately, many users still don’t follow standard safety practices – even those who should know better. A recent survey of IT decision makers found that more than half [...]

Imagine building a beautiful new home with all the latest security measures to detect intruders – and then hanging your keys on a hook outside the door. That’s exactly what happens when you maintain accounts with standing privileges. A study from the Identity Defined Security Alliance found that 84% of [...]

Living-off-the-land attacks (LOTL) are among the most dangerous cybersecurity threats facing your business. They are widespread, difficult to detect, and can wreak havoc in your system by leveraging legitimate tools and applications.  According to Crowdstrike’s 2023 Global Threat Report, 71% of all threat detections involved malware-free LOTL activity, including widespread [...]

Identity and access management (IAM) tools have come a long way over the past decade. Unfortunately, as security capabilities and functionalities have evolved, so have the strategies hackers use to break through them. Data breaches are on the rise, and the average global cost of a breach in 2023 is [...]

As cyber threats become more complex, the cost of preventing them is simultaneously rising, but the good news is that improving your security stack doesn’t have to exhaust your IT budget. Even the most secure systems are not 100% immune from attacks, and when those attacks result in a successful [...]

The deadline for complying with the updated FTC Safeguards Rule was June 9, 2023. Are you in compliance? The Safeguards Rule requires any business entity that is categorized as a financial institution to comply with security principles designed to protect non-public personal information. Some companies that were not considered financial [...]