Tag Archives: infosec

Why non-profits need to invest in cybersecurity

Posted on by

Cybersecurity is an increasingly important concern for all organizations, including non-profits.

In the digital age, non-profits rely heavily on technology to carry out their mission and serve their constituents, making them vulnerable to cyber attacks.

Here are seven advantages of prioritizing cybersecurity for non-profits:

⚔️ Protecting sensitive information:

Non-profits often have access to sensitive information such as donor and volunteer data, financial records, and personal information.

⚔️ Complying with regulations:

Many non-profits receive funding from government agencies or foundations that have strict requirements for data security.

⚔️ Maintaining donor and volunteer trust:

A data breach or cyber attack can damage a non-profit’s reputation and undermine the trust of donors and volunteers.

⚔️ Protecting against financial losses:

Cyber attacks can result in financial losses for non-profits, including costs associated with recovering from the attack and repairing damage.

⚔️ Enhancing employee productivity:

Cybersecurity measures can help employees work more efficiently by protecting against cyber threats and minimizing downtime due to cyber attacks.

⚔️ Increasing competitiveness:

In today’s digital age, non-profits that demonstrate a commitment to data security may have a competitive advantage over those that do not.

⚔️ Reducing insurance premiums:

Many insurance companies offer discounts to organizations that have implemented robust cyber security measures.

In conclusion, cybersecurity is an essential consideration for non-profits.

By prioritizing it, non-profits can protect sensitive information, preserve financial resources, maintain trust, enhance their reputation, facilitate collaboration, ensure compliance, and support their mission.

It is important for non-profits to assess their cybersecurity needs and implement appropriate measures to safeguard against potential threats.

3 reasons that cybersecurity is in the state it is!

Posted on by

Cybersecurity is at a low level for several reasons.

One reason is that organizations, governments and individuals are not investing enough in cybersecurity measures.

This can include not allocating sufficient budget or resources for cybersecurity training, hiring, and technology.

Another reason is that many organizations and individuals do not have a clear understanding of the cyber threats they face, and as a result, do not prioritize cybersecurity.

Additionally, many companies and individuals are still using outdated software, hardware and systems that are vulnerable to cyber-attacks which could have been prevented if they were updated.

Furthermore, the sophistication and complexity of cyber attacks are increasing at a faster rate than organizations and individuals can keep up with.

All these factors combined have led to the current low level of cybersecurity.

Lowest entry-level ever

Today, the entry-level for cybercrime is at an all-time low.

This is due in part to the increasing availability of easy-to-use tools and resources that allow individuals with little technical expertise to engage in cybercrime.

For example, there are now numerous online forums, tutorials, and hacking tools that can be easily accessed and used by anyone with an internet connection.

Additionally, the rise of the dark web has made it easier for individuals to purchase and use malicious software, such as malware and ransomware, for criminal activities.

Furthermore, the increasing use of automation and AI in cybercrime has made it easier for cybercriminals to launch large-scale attacks and target a wide range of victims.

All these factors have led to the lowering of the entry-level and increase of cybercrime which is a major concern for organizations, governments and individuals.

Education and training from the wrong direction

Education and training that is delivered in a top-down manner, where the information and knowledge is passed down from the top level of an organization to the bottom, can fail for several reasons.

One of the main reasons is that it does not take into account the unique needs and perspectives of the individuals or groups who are being trained.

The information may not be tailored to their specific role or level of understanding, making it difficult for them to apply it effectively in their work.

Additionally, top-down education and training can lead to a lack of engagement and buy-in from the individuals or groups who are receiving the training.

Without their active participation and interest, the training may not be as effective in achieving its goals.

A bottom-up approach, on the other hand, is more inclusive and empowering, and it starts with the needs and perspectives of the individuals or groups who are being trained, ensuring that the training is more relevant and meaningful to them.

Software was written for the first to market, not as a secure platform

Software that is written with the primary goal of being the first to market may not prioritize security.

This means that the software may have vulnerabilities or weaknesses that can be exploited by cybercriminals or hackers.

These security flaws can lead to data breaches, loss of sensitive information, and other types of cyber attacks. Additionally, software that is not designed with security in mind may not comply with industry regulations or standards, which can lead to legal and financial repercussions for the company that developed the software.

To avoid these issues, it is important for companies to balance the need for speed to market with the need for a secure and compliant software platform.

Additional

AI

Artificial intelligence (AI) will have a significant impact on both cybersecurity and cybercrime.

On the cybersecurity side, AI can help organizations and individuals detect and respond to cyber threats in real time, by using advanced machine learning algorithms to analyze large amounts of data, identify patterns, and make predictions about potential attacks.

Additionally, AI-based systems can also be used to automate many security processes, such as patch management and incident response, which can help organizations and individuals become more efficient and effective in defending against cyber attacks.

On the other hand, AI can also be used by cybercriminals to launch more sophisticated and automated attacks, such as spear-phishing, social engineering, and malware campaigns.

AI-based malware can also be designed to evade detection by traditional security systems and can spread quickly across networks.

Additionally, AI can also be used to enable new forms of cybercrime, such as deepfake generation, which can be used to impersonate individuals or organizations in order to steal sensitive information or money.

Therefore, AI can have a significant impact on both cybersecurity and cybercrime and it’s important for organizations and individuals to stay aware and adapt to the new technology.

No one waits for a car accident before investing in insurance why would cyber insurance be any different

Posted on by

The use of technology has become an integral part of our daily lives.

From the way we communicate with others to the way we conduct business, technology has transformed nearly every aspect of modern society.

As a result, the risk of cyber-attacks and data breaches has also increased significantly.

Unlike car accidents, which are typically one-time events, cyber attacks can have long-term consequences.

They can result in the theft of sensitive personal and financial information, damage to a company’s reputation, and even legal action.

The costs associated with these types of attacks can be substantial.

This is where cyber insurance comes in.

We invest in car insurance to protect ourselves in the event of an accident, cyber insurance can provide protection against the financial consequences of a cyber-attack.

It can help cover the costs of recovering from an attack, such as legal fees, data restoration, and public relations efforts.

There are several reasons why people and businesses should consider investing in cyber insurance.

It provides financial protection in the event of a cyber attack.

It’s impossible to completely eliminate the risk of a cyber-attack, but having insurance can help alleviate some of the financial burdens that comes with dealing with the aftermath.

Another reason to consider cyber insurance is the increasing frequency of cyber attacks. It’s not a matter of if a company will be attacked, but when.

There are potential legal consequences to consider.

A company may be held liable for a data breach if it fails to adequately protect customer data.

Cyber insurance can help cover the costs of legal action and settlements, which can be substantial.

Despite the clear benefits of cyber insurance, many people and businesses still don’t invest in it.

This may be due to a lack of awareness about the risks of cyber-attacks and the potential consequences.

Others may believe that their company is too small to be a target or that they have sufficient in-house security measures in place.

It’s important to remember that cyber attacks can happen to anyone, regardless of size or industry.

Small businesses and non-profits are often targeted because they may have fewer resources to devote to cybersecurity.

Cyber insurance can provide an extra layer of protection against the unexpected.

No one waits for a car accident before investing in insurance, it’s important not to wait for a cyber attack before considering cyber insurance.

The risks of a cyber attack are real and the consequences can be severe.

Don’t wait until it’s too late – consider cyber insurance for your business today.

It is the responsibility of the board of directors to carefully consider and manage these risks.

Posted on by

Business risk is an inherent part of any enterprise, and it is the responsibility of the board of directors to carefully consider and manage these risks.

When it comes to cybersecurity, there are several factors that the board of a small, medium or non-profit enterprise should consider in order to determine what is an acceptable business risk.

First and foremost, it is important for the board to understand the potential consequences of a cybersecurity breach.

This includes not only the financial costs of responding to the breach and repairing any damage but also the impact on the company’s reputation and customer trust.

The board should also consider the likelihood of a cybersecurity breach occurs, as well as the potential severity of the consequences.

One way to manage cybersecurity risk is through the implementation of robust security protocols and technologies.

This includes ensuring that all software and systems are regularly updated and patched, using strong passwords and implementing two-factor authentication, and regularly training employees on cybersecurity best practices.

The board should also consider investing in cybersecurity insurance, which can help to mitigate the financial impact of a breach.

Another aspect of managing cybersecurity risk is having a robust incident response plan in place.

This should outline the steps to be taken in the event of a breach, including how to communicate with employees, customers, and the media, as well as how to restore systems and recover from the incident.

It is important for the board to consider the potential for external threats, such as cybercriminals.

This includes considering the use of security tools such as firewalls and intrusion detection systems, as well as implementing processes for monitoring and detecting potential threats.

In addition to these technical measures, the board should consider the role of company culture in managing cybersecurity risk.

This includes promoting a culture of cybersecurity awareness and education among employees, as well as setting expectations for responsible behavior online.

Ultimately, the acceptable level of business risk when it comes to cybersecurity will depend on the specific circumstances and needs of the enterprise.

The board should carefully consider the potential consequences of a breach, the likelihood of such an incident occurring, and the measures in place to mitigate and manage these risks.

By taking a proactive approach to cybersecurity, the board can help to protect the company’s assets and reputation, and ensure the long-term success of the enterprise.

Where to start your Business Security / Cybersecurity Journey

Posted on by

Start

Time

3-hour program

What is done

Audit on assets and risk management.

What you get

  • Report on where your organisation is in relation to business security
  • Roadmap to implement basic changes to your business organisation
  • A number of process, procedure and policy templates
  • A number of Plans templates

Tools we use

  • Care-app diagnostic tool
  • Questionnaire similar to basic SWOT
  • Proprietary diagnostic tools
  • Open-source intelligence gathering tools

What do you need to do

  • Implement changes
  • Discuss with management
  • Implement proactive responses to cybersecurity

 

Threshold

Time

8-hour program

What is done

 

What you get

  • Implementation of Internet policy
  • Implementation of online security awareness program
  • In depth Risk analysis
  • In depth Risk mitigation process
  • Full blown digital SWOT

Tools we use

 

What do you need to do

 

 

Baseline

What is done

 

What you get

 

What do you need to do

 

 

Beyond

What is done

 

What you get

 

What do you need to do

 

 

The stupidity of certification

Posted on by

The stupidity of certification

We are obsessed with certification and qualification in the business world.

In the late 90s, Microsoft certification was the number one qualification in the IT space.

The MCSE (Microsoft Certified System Engineer) was the top one that I held from 1998 - 2006

This high-end cert had a few problems.

A person who had been working with Microsoft software in a business environment often failed the exam because of the difference between the reality of the business world and Microsoft’s rosy glass interpretation of what business had to do to make it run.

Anyone could pass the exam if they studied enough or had access to the answers being sold on the internet.

They did not have to have practical knowledge of NT4 (what a beast) to get a job as a network engineer.

That problem is still around.

Technically wise, cybersecurity certs have a similar problem.

You would think the difference between a certified security engineer and cybercriminals would be close.

They are not.

A certified security engineer lives in a world of frameworks, asset management, risk management, alerts, reports and responses.

The cybercriminal does not even need to be a cybercriminal, all they need is a driving focus to get into a system.

To think outside the box.

To find a vulnerability that no one else has found, work out how to exploit it, complete a proof of concept document and release it to the world with the words “look what I did”, that is all that they need.

Not a certification in place.

Not a qualification in sight!

Just a drive and focus on doing something on the digital world that will get them to notice, the kudos for doing it and the learning that comes with it.

I would bet my uncertified unpapered team against your certs anytime.

I wonder who would win.

Cyberattack – Why are we so vulnerable

Posted on by

By the end of 2022, it is predicted that not for profits, associations, charities and SMEs will face more than 50,000 cyberattacks per day.

99% of those attacks are automatic, random generated attacks that can be counteracted by available basic systems (AV, Firewalls, SPAM filters, SPAM blockers).

These automatic random attacks are created by in-training cybercriminals and cyber activists (script kiddies).

Although the numbers are astounding they also indicate that we need to be vigilant at all times.

Because we still need to address that 1%.

That approximate 500 attacks are targeted at YOU and your organisation.

That is focused on gaining access to your stuff, stealing your money or encrypting your data.

How do we stop that?

We do not and can not stop it by believing “it will never happen to me”, “we are not a target” “we have nothing worth stealing”

We stop it by being proactive.

We stop it by taking security seriously.

We stop it with increased awareness!

We stop it with capability.

Doing nothing is not an option.

If you are frozen like a kangaroo in the headlights of a fast-moving truck then you need a push

A push in the right direction.

A direction that delivers better business security.

Like any complex and dangerous journey, we start with a single step.

That first simple step is to have a conversation with someone like me.

Cyberattacks

Ransomware – why is it such an issue?

Posted on by

In 2020 we saw a 100% increase in ransomware attacks.

In 2021 we saw a 100% increase in ransomware attacks.

Ransomware attacks are literally doubling each year.

This year can we expect any differently?

With those sorts of statistics, we should be afraid, very afraid.

But we are not.

You would think that we would be concerned.

But we are not!

In fact, in most cases, we make it overly easy for a cybercriminal to steal our stuff.

We need to look at this another way as the bad guys have changed – again.

On the internet, there is now “Ransomware as a service”.

As a criminal, If you have a little bit of money you can get a system that creates and delivers malware to anyone on the internet.

With the success of ransomware, they are guaranteed to make money.

We have to do more.

More than what we are doing because it is not good enough

We still use bad passwords.

Have you done a password review?

We have complete backups.

Have we ever tested them?

We have patched systems and operating systems.

Are there any systems that have not been patched?

How do you avoid a ransomware attack?