Why You Need a Software Restriction Policy (Right Now)
Windows Group Policy tends to get overlooked by most Administrators. Typically, you visit this policy when you first set up a domain—which for many companies is well beyond the first day you start using Windows. By the time you get around to re-visiting Windows Group Policy, most of the applications, ... Read More
CCPA: No Extensions, No Excuses
California’s Consumer Privacy Act (CCPA) came into effect on the first of January 2020, and while we haven’t seen any CCPA penalties handed out yet, I’m betting one is coming any day now. Given provocative comments from California’s Attorney General, companies recognize they must get compliant in a hurry. Those ... Read More
The Perfect Phishing Email
Thinking like the bad guys is part of being in cybersecurity. Our ability to anticipate the moves of our opponents is essential, just like in a chess game - except with real business consequences. Drawing on my prediction of worse spam to come in 2020, I had been thinking about ... Read More
2020 Cybersecurity Predictions
Foresight is a powerful human capability – and one that is integral in the field of cybersecurity. Today I revisit the predictions I made a year ago about what we could expect to see in this industry in terms of breaches, malware, regulations, and technological developments. I examine whether these ... Read More
Why Your AV Won’t Stop Ryuk Ransomware
I have been blogging about ransomware for a long time now, given its devastating impact upon small to mid-sized enterprises. However, there have been some indicators lately that people are finally being forced to pay attention to. For instance, the FBI issued a warning regarding ransomware last month (and again ... Read More
Cybersecurity KPIs for the SMB
When I talk about security for the SMB, the go-to barrier is insufficient resources to invest in security. While I’m not denying that limited resources for a smaller organization can constrain your options when it comes to building your own security solution, having KPIs to measure the risk you are ... Read More
Why Are We Seeing More Ransomware?
With the increasing prevalence of ransomware attacks, I needed to address why it was happening. In this five-minute video, I cover the factors that have changed both the nature of the market for ransomware, and the perpetrators behind ransomware attacks. These factors have resulted in more people and businesses falling ... Read More
What is the Impact of Zombieload?
By now you have likely heard about Zombieload, the latest in a series of vulnerabilities impacting the Intel Core and Xeon processors that power your endpoints. Of course, it’s not the vulnerability itself (appearing in proc’s made after 2011) that impacts your computing power – it’s the ‘fix’ that Intel ... Read More
Do SMBs Need a CISO?
As part of our “C-Suite Accountability” theme, we explore why holding senior executives accountable is a necessary motivator in the prioritization, development, and adoption of cybersecurity initiatives across the small to medium-sized organization. In this post, our own Virtual CISO discusses the role in SMBs in an effort to remove ... Read More
Worst (and Best) Cybersecurity Questions Ever
As part of our “C-Suite Accountability” theme, we explore why holding senior executives accountable is a necessary motivator in the prioritization, development, and adoption of cybersecurity initiatives across the small to medium-sized organization. In this post, our CTO Adam Mansour provides the best and worst questions to help leadership understand ... Read More
