Pride goeth before the IT security fall

Posted by Mike Vizard on May 23, 2017 11:47:23 AM

Most organizations are in a state of denial when it comes to IT security. In fact, most of them think they’re doing a good job on IT security even after they’ve been a breached. A new survey of 400 IT leaders in the U.S. and United Kingdom conducted by Sapio Research on behalf of SolarWinds MSP finds that 87 percent of respondents are still confident in the IT security technologies and processes they’ve implemented — even though 71 percent admit they’ve experienced a breach in the past 12 months.

Read More

Topics: Cyber Security

Navigating conversations with customers about WannaCry ransomware

Posted by Lauren Beliveau on May 18, 2017 9:35:00 AM

By now, you’ve probably heard all the buzz around the most recent ransomware attack called WannaCry. So far, a reported 150 countries have been affected, and according to BBC news, the fast-spreading ransomware is finally starting to slow down. While no one is certain how long this attack will last, the importance of having conversations about cyber security with your customers is at an all-time high.

Register for the webinar

Read More

Topics: Cyber Security

Email, the primary vector for cyber attacks

Posted by Lauren Beliveau on May 17, 2017 10:05:00 AM

In in the wake of last week’s attacks, new facts are still surfacing about WannaCry ransomware. The ransomware leverages a known vulnerability called EternalBlue that is widespread in older Windows operating systems and was patched in a security update Microsoft released in early March. This vulnerability allows the malware to travel from system to system, which makes systems that were left unpatched easy to attack with just one malicious email.

Read More

Topics: Cyber Security

Number of customers ready for IT security services is increasing

Posted by Mike Vizard on May 9, 2017 12:13:27 PM

The trouble with providing managed IT security services of any kind is that most organizations don’t do all that much to limit their risks. Historically, it's only been a matter of time before there’s an incident, and regardless of the level of service being paid for, the managed service provider gets stuck cleaning up the mess. Before too long, there are so many messes that the MSP winds up losing money because the cost of support exceeds the revenue being generated. Because of that issue, most MSPs are circumspect about the types of customers they are willing to support.

The good news is that a new survey of 350 companies in the U.S. published by CompTIA suggests that the number of organizations with a mature enough appreciation for IT security is increasing. That means, in theory, the number of customers that it’s economically viable to provide managed security services to is increasing.

Read More

Topics: Cyber Security

UK study shines spotlight on scope of IT security challenge

Posted by Mike Vizard on Apr 20, 2017 11:36:38 AM

Despite the increased awareness concerning IT security threats, a new survey from the United Kingdom suggests far too many organizations still don’t have anything approaching a formal IT security strategy.

Three-fifths (57 percent) of the respondents to a survey conducted by the University of Portsmouth have attempted to identify cybersecurity risks to their organization using, for example, health checks and risk assessments. But, the survey also highlights that a sizable number of those businesses still do not have basic IT security protections place.

Read More

Topics: Cyber Security

What is a phlashing attack?

Posted by Michelle Burke on Apr 11, 2017 3:06:48 PM

Throughout the past year, our inboxes and RSS feeds have been flooded with news about malware and ransomware. But what about phlashing attacks?

Phlashing attacks have been designed by hackers with one sole purpose: to infect and permanently damage — or “brick” — a device. More specifically, phlashing attacks are targeting Internet of Things (IoT) connected devices to exploit known vulnerabilities in IoT device security and software.

Read More

Topics: Cyber Security

Vulnerabilities beyond phishing: Why SMBs need to be cautious

Posted by Lauren Beliveau on Apr 5, 2017 11:35:49 AM

Did you know that the average worker gets 121 emails a day? With so many emails pouring into inboxes, it’s no wonder that phishing attacks are successful. Not only are workers tirelessly keeping up with answering their emails, but the attacks themselves are becoming more sophisticated—and they prey on tired employees who, without thinking, click on the malicious link or attachment.

Read More

Topics: Cyber Security

The MSP’s Bookshelf: The Art of Intrusion

Posted by Lauren Beliveau on Mar 29, 2017 12:33:00 PM

Security can be a challenge. One unprotected port, one unchanged default password, or even one improperly configured item can leave businesses open to vulnerabilities and breaches. With so much to safeguard, it can be easy to miss the one small thing that could leave a crack in the wall. But hackers are persistent, and they’ll keep trying until they finally find the vulnerability you overlooked. “The adage is true that the security systems have to win every time, the attacker has to win once” says Dustin Dykes; a security consultant interviewed in the book by Kevin Mitnick.  

To keep systems protected and business-critical data safe, MSPs and their SMB customers need to truly understand how hackers and social engineers think. To get inside the head of these cyber criminals, I recently read “The Art of Intrusion” by Kevin Mitnick. When he was hacker nicknamed Condor back in the ’90s, Kevin hacked numerous organizations like IBM, Motorola, and even the Pentagon. After getting caught and serving jail time, he turned over a new leaf and now acts as a trusted cybersecurity consultant. In his book, Kevin dives into stories of hackers who have spilled their secrets, and he shares his advice on what businesses can do to mitigate cybersecurity risks.

Read More

Topics: Cyber Security

The spear phishing attack that caused the Yahoo data breach: What MSPs can learn

Posted by Michelle Burke on Mar 21, 2017 10:56:44 AM

As more information unfolds about the Yahoo data breach, it all comes down to a single fact: the entire breach was enabled by just one click on a spear phishing link.

Read More

Topics: Cyber Security

The woes of password management

Posted by Brent Fairbanks on Mar 20, 2017 12:00:00 PM

If you’re like anybody who uses computers today, you’re dealing with passwords. I alone have more than 58 just for the websites I use on a regular basis. That doesn’t include any hardware passwords,  Wi-Fi passwords, computer logins, or clients’ passwords. We all have too many to remember, and nobody is exactly sure who is responsible for something we all love to hate.

Passwords enable us to restrict access to only those who are permitted. Restriction of access is nothing new. It has been used for thousands of years, such as sentries in Roman times requiring someone to have special knowledge to pass. One thing we do know is that the minute we attempt to restrict access it invites abuse by both those with access and those without.

Read More

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment