13 05, 2019

Communicating after a Cyber Attack

2021-02-19T16:55:22+00:00May 13th, 2019|Tags: , , , , |

Organizations of all sizes are at risk for cyber attacks that can cripple operations and cause lasting damage. Businesses must have a plan in place for communicating with customers in the event of an attack so as to minimize losses. We are happy to share some information from our partners at Pronto Recovery about planning your communication and response after a cyber attack. The costs of a cyber crime The price tag of a security breach is staggering, with an average cost of $1.2 million. Cyber crime will cost the world in excess of $6 trillion annually by 2021 and financial costs are not the only consequences. Ransomware attacks are the #1 cyber threat to businesses and are growing at a yearly rate of 350%. These often start with a simple phishing email and can lead to the complete shutdown of business operations. One-third of companies surveyed claimed their company lost intellectual property due to a cyber-attack and 36% of them believe the attack reduced their competitive advantage. In today’s globalized business environment, organizations of all sizes face the prospect of falling victim to a cyber-attack or IT outage that could cause serious damage to its infrastructure and ability to operate. Despite the improvement of cybersecurity techniques, criminals continue to develop sophisticated ways to disrupt systems and steal data. The need to prepare for cyber-attacks is more important than ever. According to Cisco’s 2017 Annual Cybersecurity Report more than one third of the organizations that experienced a cyber breach in 2016 reported a loss of customers, business opportunities and [...]

25 01, 2019

Strengthening Your Cybersecurity Plan

2019-08-29T21:27:20+00:00January 25th, 2019|Tags: , , , |

Is your business safe from cybersecurity threats? Do you have a plan to proactively improve and protect against new types of attacks? We want to help you improve your cybersecurity plan. By implementing even one or two of the suggestions below, you’ll be taking a step toward reducing the likelihood of data loss, downtime, reputation damage, and lost revenue. Laying the groundwork Before writing any cybersecurity plan, it’s important to have a risk assessment under your belt. Risk assessments highlight exactly where and how your workforce, technology, and physical environment are exposed and therefore where you need to allocate your risk-reducing budget dollars. An upfront risk assessment is also THE key input into your cybersecurity plan. After all, the whole point of a cybersecurity plan is to reduce the vulnerabilities uncovered by a risk assessment. Chances are you probably already have a cybersecurity plan for your organization. It may be a plan that was written to meet regulatory requirements. Alternatively, it may have been written because you value the continuous operation of your organization and want to protect the private data it stores and processes. Whatever your goals, it is important to make sure your cybersecurity plan includes several key points. Your cybersecurity plan should state: The organization’s general attitude toward risk – averse, neutral, or accepting The importance of cybersecurity from leadership to individual contributors Commitment to adhere to any applicable regulations such as HIPAA, PCI, 23 NYCRR 500, etc. Specific incident response procedures outlining what each internal and external stakeholder will do [...]

10 01, 2019

Cybersecurity Trends – BEC Phishing

2019-05-16T17:55:45+00:00January 10th, 2019|Tags: , , , , , |

Ransomware may be the number one cyber threat but there is another, newer cyber attack that is not being talked about enough. This threat can result in the loss of millions of dollars for companies who are affected by it and lead to the complete shutdown of their email systems – Business Email Compromise. We are happy to share some information from our partners at Pronto Recovery about BEC attacks and how you can protect your business. Business Email Compromise or BEC is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity to defraud the company or its employees, customers or partners of money. Unlike the typical phishing attacks that target everyone, BEC specifically targets high level business executives such as the CFO or corporate attorney to initiate a wire transfer. BEC scams have three main versions: The Bogus Invoice Scheme: this scheme involves a business that has an established relationship with a supplier. The attacker then requests a wire transfer for invoice payment to an fraudulent account via spoofed email, telephone, or fax. CEO Fraud: in this scheme, the attacker pretends to be a high-level executive or attorney who requests a wire transfer to be initiated with instructions to urgently send funds to their bank. Account Compromise: in this version, an employee’s email account is hacked and then used to make requests for invoice payments. And though not as common as the typical phishing email, an FBI announcement in 2017 confirmed that between October [...]

7 09, 2018

Facebook Building $1B Data Center

2019-07-05T17:19:27+00:00September 7th, 2018|Tags: , , , , |

On September 5 Facebook’s VP of Engineering Jay Parikh announced plans to build a new $1 billion data center in Singapore. This will be the first data center engineered by the company in Asia and will run on 100% of renewable energy. The planned 1.8 million square foot facility will employ evaporative cooling technology to minimize water and power consumption while maintaining the required temperatures without supplemental cooling, reducing water usage by 20%. Singapore’s location and more relaxed stance on the storage and transfer of data than surrounding countries has led many tech companies to build there including Google, who has 2 centers there already and is planning a third. Singapore currently has over 80 active data centers and the Singapore government is encouraging growth in the market. The data center is expected to begin operations in 2022, although the construction will continue past that date. ImagIT Solutions is a network engineering company that provides comprehensive IT services for channel partners, managed service providers and enterprise businesses with multiple locations. ImagIT was founded with the goal of providing comprehensive, IT services for multi-site organizations. Built on providing exceptional customer service with the most trusted technicians in the field, we continue to grow with our clients and expand internationally. Our team of 400 expert engineers and full PMO are ready to take on any type of networking engagement!  Whether its proactive support, an emergency call, long-term projects or ongoing break-fix services, ImagIT will deliver a solution that is customized to best fit your organization. [...]

26 04, 2018

Does Your Company’s Security Policy Address These Seven Points?

2021-02-19T17:00:27+00:00April 26th, 2018|Tags: , , , |

Data breaches and ransomware attacks have become more prevalent than ever, with almost 7 billion records breached in the past two years. Many cybersecurity issues still involve basic, fundamental security missteps, which directly or indirectly lead to these incidents. These attacks can be reduced by establishing clear security guidelines and providing training for your employees. Implementing these key components in your security and disaster recovery plans will help your organization’s network combat attacks. Here are some points to address as part of your company security policy: Emphasize the Importance of Security It’s important to instill that security is everyone's responsibility. Employees should be told why cybersecurity is important and the potential risks should be explained in detail. If data is lost or stolen it most likely will negatively affect the individuals involved, as well as severely jeopardize the company. If the company systems are infected with malware, this could hamper the efficiency of the organization. Ask employees to take an active role in security by reporting suspicious activity to their IT administrator. If employees become aware of an error, even after it has happened, reporting it to IT means something can still be done to minimize the damage. Cybersecurity is a matter that concerns everyone in the organization, and each employee needs to take an active role in contributing to the company’s security. Secure Computers and Devices When employees leave their desks, they should lock their screens or log out to prevent any unauthorized access. Laptops and cellphones should also be physically locked when not [...]