During the fourth episode of our webinar series, The Lunchbox Leaders, we heard from Ben Verschaeren of Melbourne, Australia, a Global Solutions Engineer with Sophos— an international cybersecurity company based in the United Kingdom.
Ben shared that there’s been a rapid shift in technology over the last 5 years with an explosion in data science and artificial intelligence (AI). Sophos in particular has utilized AI to shift away from reacting to threats and instead makes security predictions with incredibly high accuracy. Ben also shared how AI can assist across all layers of defenses by providing both accurate predictions and detections of malicious behavior.
“Our Sophos lab alone sees about half a million unique malware files every day,” Ben shared. “Using things like AI, we’re enhancing our labs. One of the ways we’re able to enhance detection capabilities is by applying algorithms that will tell us what looks different. What’s something that’s probably malicious, but looks different? And maybe that’s where an analyst should set focus to. We’re not actually using AI just to deter malicious or benign determination, but rather to funnel the right information to people so maybe we can find that next group out there that’s been hiding in the shadows and not been detected yet. There are so many different applications for it. I would never look at AI as competing with a human. I would look at AI as complementing or enhancing human capabilities.”
The efficiency that AI is bringing to all different industries is really the value-driver. It’s changing the way we do things. “Data is what drives AI/neural networks now,” Ben stated. With such huge volumes of data, AI is a game-changer in terms of handling the information available to us and identifying patterns that allow us to predict and prevent cybersecurity threats.
However, Ben cautioned that organizations searching for an AI cybersecurity solution should certainly question and query the AI-provider to determine exactly what capabilities their AI product has, rather than just purchasing the product based solely on the “AI” buzzword. Be cautious and ask specific questions to understand how the tool is protecting your organization.
We were so glad to host Ben in our fourth installment of the Lunchbox Leaders series. Our vision has been to help educate our community on how organizations and individuals can protect themselves in today’s cybersecurity threat landscape. We hope you found this episode, and our series of webinars, insightful!
Remember the team at PGH Networks can help you develop a strategic and layered approach to your network’s security and protect you from cyber-attacks. Want to learn more: contact us today.
In case you missed our fourth and final episode (or would like to rewatch it), you can find the full recording online.
Managed service providers (MSP) are vitally important for small businesses that lack an in-house team, so choosing the right MSP can be a make or break decision. Whether you need an entire managed team or a co-managed option to provide additional personnel, use these recommendations to make a sound decision.
Common MSP Mistakes
You’ve been working with your MSP for a while now, but are they bringing you the best value? That all depends on a careful assessment of your business needs and the capabilities of your current provider. You likely hired your current MSP at a point where your business looked very different from the present reality and they may no longer efficiently meet your needs.
A mistake that is often made during the hiring process is to choose based on price. Sometimes the cheapest option is okay to pick, such as with food or physical goods. For an integral service like the management of your IT needs though, quality and reliability only increase with the cost. It may be time to consider upgrading your package or looking for a new company if the hiring of your current MSP was a matter of the lowest cost to get what you needed. If you have been having more IT problems since hiring your MSP, this is a good reason to make a change and invest in a better company.
Another mistake businesses often make when choosing their MSP is the buffet selection of services that can leave major gaps in coverage. A good provider should offer consultation of what IT services your business needs to run at full capacity, and provide appropriate solutions. If the company you are working with only provides network and hardware support, but no business continuity services, you run the risk of finding yourself hiring another company just to get you back up and running after a disaster.
Choosing an MSP
So what should you look for when choosing an MSP? Consider these tips to choose the right provider for your business.
They Focus On Custom Solutions
Every business is different, even within the same industry and a great managed service provider understands this. After careful examination of your business and its needs, a full-bodied plan should be presented. A red flag is the recommendation of a package based on your company size instead of a suggestion made based on careful analysis. The provider should be able to handle technology, account management, and disaster planning to ensure that contracting out for your IT services doesn’t mean more work for you.
They Are Experts In Their Tech
In a world of ever-changing technology, being at the forefront of changes can be tempting, but incorporating technology you aren’t familiar with can slow you down. Look for an MSP that focuses on providing expertise in a few high-value technologies instead of a jack-of-all-trades company that seeks to use the latest trends and do everything themselves. A good MSP has a network of partners who specialize in other competencies they can rely upon so you still receive outstanding service. A diversion of efforts and unfamiliarity with tech won’t bring as much value as working with a company that can reliably deliver and leverage partnerships. Ask about the years of experience in the core service areas and their business connections to ensure you’ll have reliable service when you need it.
They Help You Plan For The Future
This is an often overlooked aspect of choosing a provider because the search often focuses on present needs, but the future is a very important consideration. As your business expands, technological solutions need to expand along with it. An agility and business process assessment is a chance for the company to help anticipate your future growth and plan for it. Additionally, a business continuity plan is essential to help you quickly recover in the event of a disaster. Search for an MSP that provides these services, providing additional peace of mind that even in the worst-case scenario they have your back.
Keeping these tips in mind can help you make the right choice as you choose a managed service provider. Explore how a company like PGH Networks can help your business succeed by covering your IT needs.
During the third episode of our new webinar series, The Lunchbox Leaders, we listened as the CEO of Blackpoint Cyber, Jon Murchison, explained how cyber hackers operate and shared valuable tips and strategies on how you can protect yourself and your organization against cyber threats.
Jon shared that work-from-home hasn’t necessarily increased the number of cyber-attacks – only the amount of targeted attacks. While the digital migration to work-from-home makes it more difficult for hackers since employees aren’t all in one location within a network, it’s opened up new attack vectors, such as increased targeting of PPN concentrators – which allow hackers to get in with creds ahead of time.
“Size totally does not matter in this case,” Jon stated. “Many times, hackers select targets of opportunity. The good news is: whether your organization is large or small, applying the same lessons learned can reduce your risk of a network breach.”
To prevent a breach, it is valuable to know how hackers operate. A hacker’s primary goal is to steal privileged credentials, which will enable them to hide from traditional detection tools like malware and firewalls.
Jon identified 5 major steps in the lifecycle of a hack:
- Spear phish/Insider threat – The hacker gains initial access to a network.
- Network Discovery and Access – The hacker attempts to determine where he is within the network’s environment.
- Domain Discovery – The hacker attempts to identify more privileged credentials to stay within the network.
- Hunt Domain Admin – The hacker data mines for information about specific network admins.
- Laterally Spread – The hacker attempts to gain control of the network.
Jon recommended these defense tactics to help organizations reduce their attack surface:
Conduct a social audit. Make sure your organization and employees aren’t releasing sensitive information that might be of benefit to criminals, such as what firmware or malware systems you’re utilizing.
Leverage existing infrastructure to detect discovery tactics. Ensure that multi-factor identification is enabled for any cloud or Internet-based system (such as Office 365).
“The vast majority of successful corporate breaches we see actually come from remote desktop protocol being open to the Internet. An external vulnerability scan can ensure that the ‘front door’ to your network is locked.”
Utilize live-auditing of privileged account use and orchestrate regular privileged insider activity reporting. Any time someone connects to a key firewall, log the activity to help identify unauthorized logins.
Use the latest generation of AV/Malware detection tools. Advanced malware products can act as an early warning system for cyber attacks.
We enjoyed hosting Jon as he shared his insights about the methods hackers utilize to break into a network and how organizations can protect themselves from these various, targeted threats. Don’t forget to register for the final episode in our series which will air Thursday, September 17th at noon. During the finale, Ben Verschaeren from Sophos, an international security company, will be discussing how AI can enhance your organization’s cybersecurity.
Did you find this episode insightful? Our team at PGH Networks can help you develop a strategic and layered approach to your network’s security and protect you from cyber-attacks. Want to learn more: contact us today.
In case you missed episode three (or would like to rewatch it), you can find the full recording online.
During the second installment of our new webinar series, The Lunchbox Leaders, we listened as Matt Solomon, the VP of Business Development & IT Complete at ID Agent, discussed digital risk and how to protect your assets from threats like phishing, ransomware, and hacking.
“Phishing is the easiest way hackers are able to get compromised credentials,” Matt stated. “There are quite a lot of threats out there, including ransomware and brute-force attacks, but the majority of these breaches—about 44%—begin with a phishing scam.”
Matt recommended 7 steps to avoid falling victim to a phishing scam:
- Watch for overly generic content and greetings. Cyber criminals will send a large batch of emails. Look for examples like “Dear valued customer.”
- Examine the entire “From” email address. The first part of the email address may be legitimate, but the last part might be off by a letter or may include a number in the usual domain.
- Look for urgency or demanding actions. “You’ve won! Click here to redeem your prize,” or “We have your browser history. Pay now or we’re telling your boss.”
- Carefully check all links. Mouse over the link and see if the destination matches where the email implies where you will be taken.
- Notice misspellings, incorrect grammar, and odd phrasing. This might be a deliberate attempt to try and bypass spam filters.
- Check for secure websites. Any webpage where you enter personal information should have a url with https://. The “s” stands for secure.
- Don’t click on attachments right away. Attachments containing viruses might have an intriguing message encouraging you to open them such as “Here is the schedule I promised.”
Phishing threats have grown in popularity with the onset of remote work due to COVID-19. In fact, according to the FBI, after a week of minimal activity, 80% of hacking-related activities changed over to COVID-related attacks.
As the remote workforce presents more of an opportunity for hackers to attack, small business owners should be more vigilant than ever to protect their organizations.
“Remote work puts your organization so much more at risk because you’ve got employees logging in on personal computers with different internet providers — you might not believe that a hacker can jump from a WIFI refrigerator, but they can.”
To protect your organization, Matt recommends adopting a zero trust policy, which operates on the premise of assuming that each of your employees has been compromised on some level. By putting the policies and security access management systems in place and monitoring compromises on the backend, you can ensure that your employees’ credentials and your organization are protected from digital risk.
We enjoyed hosting Matt as he shared his insights about digital risk and discussed how organizations can utilize zero trust methods to protect their networks from breaches. To recap, remember these notes: A layered security approach stands strong, assume that everything has been breached and anyone could have done it, monitor everything on your network (don’t take any chances), and use two-factor authentication on just about everything you can. Don’t forget to attend the next episode in our series, where the CEO of Blackpoint, Jon Murchison, will present “Social Engineering: How a Hacker Breaks Down a Target” – airing on Thursday, August 20th at noon.
As we delve deeper into the area of hacking and the dark web, remember that we perform Dark Web scans and offer Security Awareness Training at PGH Networks. If you are interested in setting this up for your company, please contact us today.
In case you missed episode two (or would like to rewatch it), you can find the full recording online.
Last Thursday, we aired the first episode of our new webinar series, The Lunchbox Leaders: Cybersecurity Unfiltered. During the webinar, Sean Sweeney, the Senior Director & Chief Security Advisor in Microsoft’s Cybersecurity Solutions Group, led us through best practices for enabling secure remote work.
Sean’s role at Microsoft is enabling end-to-end security and compliance for external customers by ensuring secure digital transfers, but he also advises the market and consumers about Microsoft’s security compliance vision. With the rise of COVID-19, the IT sector has faced many challenges, including logistic scalability constraints and, most obviously, how to adapt to the sudden spike in demand for remote network access.
Sean highlighted three key focus areas for ensuring effective remote cybersecurity:
- Empowering remote workers to access the apps they need without compromising security
- Enabling bring your own device(s) BYODs and unifying management across devices and apps
- Leveraging built-in security to protect data while keeping users productive
When it comes to empowering a remote workforce to access the apps they need without compromising network security, Sean indicated the importance of single sign-on (SSO) and multi-factor identification (MFA), both of which provide greater security in terms of where employees put their credentials and a higher level of scrutiny to screen who has access to certain information.
“Identity is the key perimeter to your network,” Sean said. “Approach network security with a zero trust lens.”
Similarly, when it comes to managing devices (especially BYO devices) and unifying management across devices, Sean emphasized the importance of proactively managing updates, patching, and policy. “Employees often follow the path of least resistance to get the job done,” Sean said. “It is important to provide a simple way for employees to access secure data or they will find another path to get their job done.”
Finally, Sean highlighted the importance of leveraging built-in seamless security features to protect your network. While you can use many different third-party systems, the safest and most effective way to protect against phishing and malware attacks is to utilize the intelligent data classification and dynamic protection actions available through your operating system.
We were glad to be able to have Sean share his insights about enabling secure remote workspaces and learn more about the products Microsoft offers to empower secure network access. Don’t miss the next episode of our series, “Digital Risk: Protecting Your Most Important Asset”, with Matt Solomon of ID Agent – airing on Thursday, July 23rd at noon.
In case you missed episode one (or would like to rewatch), find the full recording online.
The protection of data by corporate entities has become an issue of increasing focus for both consumers and corporations around the globe over the past 15 years. Online user activity and behavior has evolved with technological advancements and capabilities. Public interest in how user data is collected and shared has grown more prevalent, casting a light on common corporate practice and helping to spur the creation and passage of data privacy legislation worldwide.
General Data Privacy Regulation (GDPR)
In order to understand how data privacy regulations will affect the U.S, we must first look at the European Union’s policy. On May 25, 2018, the European Union implemented the General Data Privacy Regulation (GDPR). The GDPR lays out seven principles of data protection that must be implemented for organizations that deal with the personal data of those within the member states of the EU. Each of the seven principles of data protection focuses around three key facets of data control and usage:
- Transparency in all administrative and or corporate interactions with data
- Minimization of data’s usage and dissemination
- Strength and continuity of security at all points in the data procurement and use process.
Underpinning each of these facets is the seventh principle of data protection – accountability. The GDPR requires that entities which collect and use user data must be held accountable for their collection and use practices, and must also hold themselves accountable as parties who engage in data collection to uphold all seven principles as part of their business functions. To comply with the GDPR, any entity that wishes to collect and use data must conduct a GDPR assessment to what personal user data is being controlled, where it is located throughout each step of every interaction that occurs between user and the entity’s product, and how that data is secured.
The GDPR also lays out eight privacy rights that must be facilitated by any entity that interacts with or uses consumer data. Each of the eight privacy rights are protected by the seven principles of data protection, and all are again supported by the overarching principle of accountability on the part of entities which interact with user data in any capacity. With the passage of this fundamental legislation, the European Union established for themselves how data privacy and protection would be not only guarded, but also facilitated. Overall, greater clarity has been brought to the concept of data privacy and the importance of this in the mind of the average user.
Data Privacy in the United States
The prevalent and ever-expanding user demand for transparency from entities interacting with data has since come to pass in the United States in the form of the landmark California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020. The CCPA is founded upon and grounded in the core principles of the GDPR, with some notable US provisions, including an incorporation for medical data already covered under the protection of Health Portability and Accountability Act (1996), and financial data covered by the Gramm-Leach-Bliley Act (1999). It is important to recognize that the scope of the California statute’s impact extends far beyond state borders, as the law likely serves as a harbinger of future challenges nationwide with several other states considering similar privacy measures. At the federal level, data privacy is an often discussed and debated issue, though we are likely years away from legislation being passed.
Data Privacy in Pennsylvania
The recent passage of the CCPA has prompted the drafting of similar legislation in Pennsylvania that would give consumers greater control over the collection and sale of personal data. Currently in Pennsylvania, user privacy interests are protected under the Breach of Personal Information Notification Act passed in 2005. This law covers any unauthorized data breach of an entity with a base of over 1,000 users who are residents of the Commonwealth of Pennsylvania, specifically and “materially compromises” security or confidentiality, but does not include the breach of encrypted data.
The proposed legislation, House Bill 1049, is still pending before the Committee on Consumer Affairs but would place restrictions on the sale of consumer data without consent and enable consumers to opt out of data collection entirely in some instances for 12 months. Notable features of the proposed legislation include the right to request deletion of data for all purchasing companies, as well as the right to sue companies that have had a non-encrypted or non-redacted data breach for damages of up to $750 per individual. The implications of the pending bill for Pennsylvania businesses are to take greater measures to protect data and have greater transparency regarding what data is collected, where it is stored, and who has access to it.
Data Privacy Laws and Compliance
Fiscal penalties loom large for entities that do not provide sufficient protections of user data and privacy. While certain pieces of legislation like the CCPA extend beyond data breaches to also cover how data is used, current data breach laws cover only unauthorized access and acquisition of user data.
For any entity with employees working in the EU, or any interactions with or storage of user data taking place in the EU, those entities can expect to be under the jurisdiction of the GDPR and any privacy laws in the states wherein they conduct business in any form. With overlaps in coverage undoubtedly occurring, the need for top-flight security and privacy protection of data is paramount.
Data Privacy Protection
In order to comply with current and assuredly forthcoming regulations around user data protection and privacy, the first step that any business should take is to formulate an executable and sustainable strategy for evaluating data breach risk and ensuring legal interactions with user data in-house and externally.
This process begins by appointing a dedicated company officer who will manage security and compliance for all interactions with user data, company-wide. Note that this position differs from that of a compliance officer in its scope, for it pertains exclusively to data, while a compliance officer oversees much broader sets of laws and guidelines, including those that are inter-company.
While this is a solid measure, it is not the comprehensive solution that businesses need. In order to fully ensure your business stays healthy, protected and compliant there is no better option than contracting a third-party auditor or a managed service provider like PGH Networks. These service providers can help catch any lapses in compliance or possible issues that could lead to a costly data breach, alongside myriad other invaluable cybersecurity services. There is no substitute for the peace of mind that trusted professionals in this arena can offer business owners so they can rest assured knowing they are not assuming unnecessary risks and focus on what makes their organizations successful.