Security

Rob Kim Secure Everything

08 Dec: 3 Essential Capabilities to Secure Everything

Innovation and top-line growth are consistently two of the top three key priorities for business executives. Security is always sandwiched right in between these goals, as the threat landscape and perimeter constantly evolves – and never for the better. The digital paradox holds that the same technologies that allow us to innovate and grow give sophisticated intruders the same tools to innovate their method of attack. Just like a chain is only as good as its weakest link, the same goes for our approach to security. It doesn’t matter where in your IT environment a breach occurs; in the end, everything gets affected.

Cyber Month Recap Blog Tile

29 Nov: Recap: Cybersecurity Awareness Month 2021

Presidio celebrates Cybersecurity Awareness 24x7x365, but we especially love Cybersecurity in October. Cybersecurity & Infrastructure Security Agency (CISA) just closed out its 18th year deeming October as the month to bring awareness to the importance of cybersecurity. 18 years ago, the internet was in its infancy. Now, it is a part of everyday life.

Security Gartner Blog FI

03 Nov: Pivoting Cybersecurity: Going on the Offensive

It has been about 5 years since WannaCry and NotPetya hit companies worldwide in full force, launching a new era of cybercrime. Now, there’s a new report of a ransomware attack weekly. Although this may seem scary, we know more now than we ever have. With each attack, we can see and ultimately learn from which vulnerabilities were exploited. We cannot prevent the inevitable, but we can prepare and minimize the effects. There is a famous quote by author Zig Zigler “Success occurs when opportunity meets preparation.” While a ransomware attack is not an opportunity to look forward to, it is important to be prepared. 

Meraki MT-MV FI

26 Oct: It’s Time to Reevaluate Your Siloed Security Strategy

By converging physical and cyber security, organizations gain deeper business insights and better protection against sophisticated threats. The practice of segmenting security teams into distinct physical security and cybersecurity groups has been the norm since the early days of IT. Within the last decade, however, the Fourth Industrial Revolution, advances in cloud technologies and the digital transformation trend have led to a greater awareness between the cyber world and real world.

Cybersecurity Month CIS Blog FI

22 Oct: Unpacking the CIS 20 (Now the 18)

CIS Controls v8 is here, and there are some significant changes organizations should pay attention to. We spend a lot of time in our blogs talking about—and recommending—cybersecurity frameworks. The reason for this is pretty straightforward: there are a lot of decisions that go into cybersecurity planning, and failing to use a framework makes the process exponentially more complicated.

Cybersecurity Month Zero Trust Blog FI

21 Oct: 5 Mistakes Companies Make in their Zero-Trust Journey

Zero-trust is the logical successor to the legacy perimeter security model, but there are many common pitfalls to consider. Whether companies know it or not, we’re all on a journey toward zero-trust security. This concept, which can be summarized as “never trust; always verify,” has been around for over a decade as a security focus on least privilege. However, the pandemic brought it to the forefront, as corporate offices emptied and millions of workers started working from home. So, in a relatively short period, tens of thousands of companies inadvertently accelerated their zero-trust journey, often without a well-thought-out plan.

Pay Now or Pay Later FI

15 Oct: Cybersecurity Dilemma: Pay Now or Pay Later

The truth is that you’re going to pay for cybersecurity one way or another. So, it’s better to invest now while the cost is much lower and more predictable. As a business owner, you have lots of projects vying for your time and money, and let’s face it, anything that’s not a revenue driver is easy to push to the bottom of the list. Unfortunately, cybersecurity too often falls into this category. Companies may tell themselves, “We already have security in place. We have a firewall; we have antivirus software; our critical applications are password-protected.” The reality is that you’re probably well aware that cyberattacks have exploded in the past 18 months, both in terms of frequency and seriousness. This year, for example, the damage costs from cybercrime are expected to reach $6 trillion, up from $3 trillion in 2015. To put this number in perspective, if it were measured as a country, cybercrime would be the world’s third-largest economy after the U.S. and China. In the past, data breaches were about data loss and the potential harm to the victim’s reputation. Today, however, we see attacks that result in significant operational delays and setbacks.

Cybersecurity Month Endpoint Blog FI

13 Oct: Endpoint Security’s Evolution is a Big Deal. Here’s Why.

If the term endpoint security still evokes images of signature-based antivirus software, it’s time for a refresher on how critical this technology is to your organization. Time seemed to speed up over the past 18 months, with so many changes taking place in such a short period. For example, within the business world, digital transformation initiatives accelerated by seven years, according to a survey from McKinsey & Company. Besides the massive shift to remote work and new collaboration technologies, many companies had to update their security strategies.

Cisco Ransomware TALOS Blog

08 Oct: Ransomware Prevention: Best Practices to Follow and Pitfalls to Avoid

While there’s no silver bullet to preventing a ransomware incident, following security experts’ recommendations will greatly reduce your vulnerability. Thousands of Americans experienced the trickle-down effect of a ransomware breach in early May following the Colonial Pipeline attack, which shut down the oil supplier’s operations and left many scrambling to find gas and waiting in huge lines when they did. The attack originated from DarkSide, a Russian-linked criminal group, who threatened to leak the utility provider’s sensitive data unless the company paid a $4.4 million ransom.

Cybersecurity Month Blog 2

07 Oct: The Often-Overlooked Foundational Steps in Cybersecurity Planning

How you respond to a security incident can determine whether the problem gets fanned into flame or extinguished. When companies plan their cybersecurity strategies, there’s often a lot of time spent talking about and testing various security solutions, backup and disaster recovery tools and security awareness training options. All these actions are vital components to building a strong security posture, but they’re not the first thing companies should be thinking about. One of the most important foundational activities organizations tend to put off until it’s too late (i.e., post-incident) is creating a plan that details how your company would handle a security incident. While it might sound a bit defeatist to create a plan that assumes the security tools and services you’re about to invest in to prevent a security incident are going to fail, it’s not the case. First, not every security incident is a worst-case scenario like the Colonial Pipeline attack that resulted in a $5 million ransom payment. Often, an incident is something much smaller, such as a failed attempt to breach your defenses. The second point is that a small security incident can become a serious threat if the incident response isn’t handled properly. More on this point below.