Blog

The business profiles and mitigation priorities of service companies today are incredibly diverse. Furthermore, with breaches occurring left and right customers are increasingly expecting proof that their data is being properly secured. One way companies can meet this expectation is by attaining Service Organizational Control (SOC) 2 compliance. SOC 2 compliance was designed to validate that service providers are handling customer data in a confidential manner and with the utmost care. Ultimately, this provides organizations that seek to become SOC 2 compliant with a competitive advantage against industry competitors.

I’ve been watching the news, as we all have been with the pandemic impacting our daily lives.  We continually see tearful appreciation and tributes to doctor’s, Nurses, healthcare workers, first responders, military, teachers, which are all truly deserved. We see their challenges and heroic actions during this challenging time.  What I haven't seen is any acknowledgement of the behind the scenes workers that allow these professionals to function in their roles.  IT professionals work in a field where generally the only time they are acknowledged is when something goes wrong.  Yet due to our Nation's dependence on IT to perform many of these functions, the IT teams that are keeping things up and rolling deserve a THANK YOU as well!  After all, IT workers are designated essential by DHS. 

With everyone willing to abandon Zoom for several pretty serious security mistakes, it seems the future of our digital world will hopefully now better see the benefits of stringent security requirements for technology we are both using and building for others to use. 

Remote work is becoming a new experience for many due to the current events that can be difficult for employers and employees to grasp. As more companies roll out mandatory remote work from home (WFH) in response to COVID-19, organizations need to consider what the new home office procedures are and the communication plan for remote personnel.

The rise in employees forced to work from home (WFH) due to the COVID-19 outbreak has led to a major spike in companies realizing they are not prepared for the new onslaught of remote workers. There is no telling how long this period could last, and subsequently, businesses are starting to evaluate how they will securely facilitate long term access for their remote workers.

Vulnerability scanning and patching is a cornerstone of cybersecurity. Deploying relevant patches is a critical step in basic security measures to minimize any organization's endpoint vulnerabilities. In response to COVID-19, many companies are now required to have employees work from home (WFH). This sudden transition to a remote workforce has resulted in essential security practices and assessments like patching, to become either delayed, neglected or forgotten. As such, we can expect attackers to take advantage of this and use vulnerable devices to infiltrate an organization. 

Uncover the opportunities presented by COVID-19

It is easy to feel overwhelmed and helpless when disruptive events such as COVID-19 erupt out of nowhere. While there is no denying that this pandemic is incredibly horrific, it does not mean organizations should bask in the fear and take a break from normal operations. Instead, this period of uncertainty should be viewed as an opportunity for organizations to re-calibrate and highlight their mission-critical initiatives.

How long has it been since you have revisited or reviewed your company disaster recovery document? Have you conducted any table-top exercises this year or have any lined up on the company schedule of events? Odds are, depending on when you are reading this article, you may be in a real scenario, not an exercise, as part of the COVID-19 pandemic. You may even be asking, “what is a disaster recovery document?” Considering the impact of COVID-19, there is probably no better time create or review those incident, continuity, disaster and recovery documents for your cybersecurity library. You will want to make sure they include all your business needs to be successful when the worst of times are upon you, including a pandemic.

In a previous article, we highlighted the tactics scam artists are exploiting from COVID-19. Unfortunately, technologically savvy criminals are also exploiting the virus by taking advantage of the rapid Work from Home (WFH) adoption. Most organizations were not prepared for this overnight adoption and consequently cut corners during the implementation. We have compiled a list of key elements every organization employing WFH should consider.

Threat actors commonly leverage catastrophic events to launch attacks. As such, it comes as no surprise that COVID-19 is being used to forward cybercrime. What’s more, is that COVID-19 being a global phenomenon has provided a vehicle for scammers to shine. As a result, this prompted the United States Secret Service to release a statement warning individuals against the scams (see below for official PDF link).

To help protect you, we have collected a list of top scams to watch out for: