Financial Institutions Waging War on Ransomware

/in , /by

The content of this blog post is based on our recent webinar that you can watch here

Cybercriminals follow where the money is. With all the money involved in financial institutions, it is no surprise they are one of the most threatened organizations. 

It is vitally important to make sure your financial institution remains secure and compliant against cyber threats and has a security response plan in place in case you do suffer an attack.

Don’t Play the Blame Game

There is no room for passing blame when getting to the bottom of a security issue or vulnerability. Blaming discourages people from coming forward and getting all the information IT security professionals need to solve the problem. The person who is attacked is the victim, and the victim should never be blamed.

The Journey: Constant Patching and Configuration

Constantly patching and configuring vulnerabilities in your network is one way to keep your institution safe from attacks. New threats come along constantly, but so do new patches and protection procedures. Staying on top of it could be what saves your institution from an attack. 

It is a constant journey—there is no destination. Simple policies can go a long way for security preparation. Security awareness training for employees on a regular basis, phishing tests, audit firewalls, vulnerability tests, and risk assessments are all simple low-costing steps to take to better prepare, educate, and protect your institution. 

What you Should Look for in a Cyber Security Partner

Whether it is data, physical assets, or personal information—it is important to define what you are trying to secure when looking for a cybersecurity partner and where that information is. It is also helpful to contact their past or current clients and see what their experience was like. 

Cloud Data, Responsibility, and Cyber Insurance 

Cloud services are incredibly helpful for business. However, moving data to the cloud is moving your data to another data center—this does not mean you are no longer responsible for it. The same compliance and checks are expected. You are still liable for the security of your data.

When it comes to the cloud, it is important to know exactly what your cloud provider’s patch strategy is and know if there have been background checks on their employees. Your cyber insurance should not be your cyber response policy. 

It is also very important to name someone in your institution responsible for security. It has to be made a key responsibility and an organizational value and have someone be in charge of it. You could hire security staff, train everyone and make everyone responsible, or get managed security services

Common Threats to the Financial Industry 

There are many cybersecurity threats to financial institutions. SQL injection, credential phishing, credit card manipulation or theft, and remote employees’ login information are some of the most prevalent threats facing the financial industry. 

Credibility and Insurance when Breached 

Having IT security, executives, and public relations professionals involved in the conversation is vitally important when it comes to a response to a crisis. Having an outline and knowledge about what should be said to the customers and consumers to keep credibility after a disaster should be part of an insurance policy. 

It is important to publicly respond correctly when something happens. Cyber insurance has to be looked at from an executive and PR perspective as well as a technical one.  

The financial industry is a massive target for cybercriminals. ISG Technology has the proper security controls and preparation for cybersecurity attacks that are essential for your institution’s protection and can be your guard against cyber criminals. Contact us today for a consultation with our experts and see how we can help keep your institution safe. 

Educators Waging War on Ransomware

/in , /by

The content in this blog is based on a recent webinar hosted by ISG Technology that you can watch here.

With the development and innovation of technology that we see in our world today, there are dangerous innovations being developed as well—cyber attacks. As technology becomes more and more prominent, so do cybercriminals. 

No matter what industry you are in, every business needs to be prepared and have the right cybersecurity protocols and protections in place. Even those working in education. 

Though educators do not seem like targets to cyber criminals—no industry is safe from cyber-attacks unless the right measures are put in place. Everyone is a target. 

The Explosion of Online Education Resources

If you consider the spectrum of education from kindergarten to higher education, there is an incredible amount of educational resources out there. Though students have started to return to schools after the pandemic, the expansion of online resources has not stopped. 

Ransomware has also become very prevalent in the education space. There is a lot of sensitive information involved with education. In K-12 education, one in every three devices contains some kind of sensitive data. 

How Hackers Can Get in Through and Securing IoT

Ransomware attacks are happening everywhere and from every point. There are countless points of entry to your network. 

The network that the devices in your school are connected to, or the Internet of Things (IoT), is very important to consider. It could be a point of entry for ransomware attacks that is not secure. It can feel overwhelming, but there has to be a plan put in place and effective implementation to make sure your network is secure. 

Double Extortion

If you fall victim to ransomware, hackers lock up your data and force you to pay for the encryption. What’s happening now is hackers are copying our data—and once you pay for the encryption—they threaten to expose your sensitive data unless you pay more. This is called Double Extortion.

There are a lot of malware encounters in the education space as well. 5.5 million encounters were reported just from May to June this year.  

K-12 Cyber Security Act

The CISA (Cybersecurity and Infrastructure Security Agency) is coming out with guidelines and toolkits to address and prepare for cybersecurity issues schools are facing. However, the problem is so great that schools need to go deeper. 

Higher Education Institutions Have Unique Data

In higher education, there is a lot of data and research involved – sensitive information about students and teachers. A lot of this data can be very useful for cybercriminals.

Policy and Procedure and The Consequences of not Protecting Infrastructure

When it comes to vulnerability, it is important to find a security provider that exposes you to the holes in your system. With so many threats, the policy and its process is the key. Phishing simulation software can also be very helpful to stay on guard against attacks. 

Failing to protect your infrastructure is going to bring consequences. Whether that be at the cost of time, money, or reputation. It puts your people at risk. 

Fundamentals, Visibility, and Tracking – The Keys to Success

Setting up fundamental security measures can make a huge difference in protecting your network. Measures such as an active directory, MFA, and a password protection policy. Getting these elements down will allow you to focus on the larger issues facing your organization. 

Making your IT infrastructure 100% visible to those in charge of security operations and having the ability to track and gather the metrics can dramatically change your protection and security. The two most important metrics in security operations are the time it takes to detect an issue and the time it takes to remediate (response time). 

ISG Technology has the tools and expertise to work with your organization to make sure the proper controls are in place to protect and prepare your infrastructure against cyber attacks. 

To find out more about how to protect and prepare your organization and its students against cyber threats and ransomware, contact us today.

Power of Humans

/in , /by

In a recent webinar, we discussed why humans are so important to the IT world. And why it’s not just a tool discussion, but a human one.

Faulty Integrations

In the cybersecurity space, expertise is slim. Because of this, people try to integrate with systems, trying to find expertise through technology.

Unfortunately, it takes one faulty piece to bring the whole chain down. This is why humans are so important to technology: without them, the technology would falter and not be able to solve why for itself. That’s where we come in by implementing procedures on how to not only prevent but prepare.

Employee Training

Employees are often the weak link to a business when it comes to cybersecurity. While experts can spot faults, non-experts can create them.

According to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element. This includes incidents in which employees expose information directly (for example, by misconfiguring databases) or by making a mistake that enables cyber criminals to access the organization’s systems.

Your team isn’t trained in cybersecurity which puts your organization at great risk. A plan needs to be in place because preparing for when and not if a threat is going to occur puts you in a better place to mitigate any damage. Once you have your cybersecurity plan in place it’s vital that this is communicated to your entire team. 

Preparing for Disaster

Being in the cloud isn’t enough anymore, knowing how and where you’re backing up your data is important. Veeam took up a 3-2-1 principle for your data that is gaining traction. Because there is no one solution to data protection, taking this approach ensures you’re covering your bases.

This principle allows a foundation of rules that can be flexible for your specific needs:

  • Production copy
  • Local copy
  • Off-site copy

For extra security, an additional copy can be used: an immutable copy of that data. This ensures that if any component fails, you have that data copied in multiple places to be able to recover it.

On top of that, testing that backup is vital to ensure it’s doing it’s job. It could be corrupt so regularly testing it to make sure it’s not a waste of time and your backup isn’t faulty could save you an incredible amount of data.

IT Burnout

Companies often think one person can be their cybersecurity team and often, that person has other tasks outside of monitoring data. This is a common mistake companies make: putting that security on one person instead of assembling a team.

Often, when humans look at something for too long, they start to experience burnout. In this case, the employee handling the data and staring at it day in and day out can cause slip-ups. They will start letting things through because their guard isn’t up like it was at the beginning. This is why it’s important to have fresh eyes on the data and rotate employees through different tasks, as well as taking breaks.

60% of employees in data security jobs leave their position yearly for a new one due to this burnout. It is extremely hard to replace people in these kinds of positions and the rate will have to go up when experiencing that turnover.

We Need Humans

Humans are necessary to technology because they bring expertise, problem-solving skills, and a fresh perspective. Without them, technology would falter and fail. When it comes to cybersecurity in today’s threat landscape, humans need to be a top priority and treated as such with training, fresh perspectives, and teamwork. It’s not just about the technology, but the people behind it that make it run smoothly.

ISG Technology can work with your company to ensure you have the proper technology in place to proactively protect your organization.   Give our team a call today or visit our contact us page to schedule a consultation with one of our cybersecurity experts. 

Code Grey: The Evolving Threat Landscape of Healthcare IT

/in , /by

In our recent webinar, we discussed the evolving threat landscape of healthcare IT. Healthcare might be one of the most confidential industries in the world, which makes it one of the most targeted by cybercriminals.

From ransomware attacks to phishing emails and insider threats, healthcare organizations must be prepared for a multitude of potential security threats.

You can view the webinar in its entirety here. 

Evolution of IT in Healthcare

Prior to the last 3 years, the transition in healthcare technology has been somewhat gradual. The covid-19 pandemic not only amplified the gaps in current patient care but also sped up innovation to find more efficient and better solutions to deliver quality care.  The need for secure healthcare technology solutions has nearly affected every aspect of patient care. 

Healthcare organizations started seeing the value in online platforms and doctors started to become more available via phone which ultimately got more patients access. However, this opened the doors for new threats: cyber attacks. This shift required them to adapt to these new security challenges.

Healthcare providers are focused on patients whereas IT is focused on the cybersecurity of protected health information(PHI) stored. This new wave of technological importance meant there was a lot more training to be done in healthcare, the kind of training that IT support was responsible for.

Understandably so, the healthcare industry is fearful of ransomware. This is because they carry a high risk of experiencing it due to a recent survey where it was reported by HIPPA Journal that 66% of surveyed healthcare organizations said they had experienced a ransomware attack in 2021, up from 34% in 2020 and the volume of attacks increased by 69%, which was the highest of all industry sectors. Healthcare had the second-highest increase (59%) in the impact of ransomware attacks.

Additionally, they carry highly sensitive information including

  • Personal Health Information(PHI)
  • Financial data
  • Intellectual property

The healthcare sector is at such a high risk for cyber threats that now in order to get more advanced protective cybersecurity, prices have skyrocketed creating new challenges for smaller healthcare providers. 

Cybersecurity Threats and Ransomware Prevention

The ever-increasing cybersecurity threats are more prevalent than ever and the importance of knowing how to prevent them is insurmountable. 

According to HIPPA Journal, In 2018, healthcare data breaches of 500 or more records were being reported at a rate of around 1 per day. Fast forward 4 years and the rate has doubled. In 2021, an average of 1.95 healthcare data breaches of 500 or more records were reported each day. Healthcare organizations are targeted due to their high propensity of paying the ransom, the value of patient records, and the inadequate security measures they often have in place.

It is essential for healthcare organizations to have multiple security measures implemented. The following is a list of steps you can take to protect your data.

Multi-Factor Authentication

MFA solutions provide an additional layer of security and are a user-friendly and cost-effective solution for boosting your healthcare organization’s cyber hygiene.  MFA adds a second layer of security through the use of biometric technology, such as facial or voice recognition, or via an authorization code being sent to a user’s device.  As the threat landscape continues to grow, most cyber insurance policies will not cover your organization unless you have MFA enabled on all applications. 

Patch and Vulnerability Management

In the healthcare industry, this added layer of protection tends to take a back burner. The act of patch and vulnerability management is the process in which you apply security patches to systems and software. Your resources don’t always cover everything, this is one of those things that can cover the leaks your resources may miss.

Formulate an Incident Response Plan

A plan beyond calling your cyber insurance company must be implemented, in order to prevent these attacks before they happen. In fact, Comparitech reported that the average ransomware victim loses around 35 percent of their data.

Waiting until a breach occurs without a plan in place puts yourself in a position where you not only have to rely on an unlikely payout but may never fully recover your data.

Train Your Employees with Security Awareness Training 

Employees are your first line of defense against cyber threats.  Ensuring that your team is well-trained on the importance of proper cyber hygiene and is following security measures in place will help boost your cyber posture.  Training 

them repeatedly on password hygiene, phishing emails, and suspicious links is vital in preventing a breach.

Review Your RPD Policies

Your RPD (raw programming data) policies should be reviewed often to make sure they comply with HIPAA and HITECH regulations. This is a necessary step in preventing a breach as well as having proper documentation in the case of one.

Data Backup and Recovery

One of the most important steps in preventing a breach is having a solid backup and disaster recovery plan. This ensures that if something were to happen, you have a way to recover your data and continue operations smoothly.

Preparing for the Future of Healthcare

Because of the new technology debt in healthcare, it’s important to stay ahead of the game. This means keeping up with technology, staying educated on new threats, and constantly reviewing and updating your security measures.

When preparing for the future of healthcare, it’s important to take a look around and delegate expertise appropriately. CEOs don’t need to be IT experts – they just need to find IT support that is not only affordable but provides all of the benefits so your time is spent well in other places. With the right provider, there should be no worry that your IT is not in the right hands.

As healthcare IT continues to evolve, we must adapt and protect ourselves against these evolving threats in order to continue providing top-notch care for our patients. Partner with ISG Tech for our healthcare IT services.

Webinar: Cyber Insurance. And The War On Ransomware.

/in , , , , /by

Cyber insurance is a must-have weapon for all organizations trying to mitigate modern security threats. But the exponential increase in ransomware has created an industry chain reaction – Insurance providers are leaving the market, premiums are on the rise, more security controls are being required, and organizations are left scrambling.

Prepare For The War On Ransomware

In this executive panel discussion, you’ll get actionable advice directly from an industry-leading cyber insurance provider as well as the technology/solution providers actively fighting the war on ransomware. View the full webinar here

What You’ll Learn:

  • The rise of ransomware and industry chain reaction
  • The role of cyber insurance in incident response plans
  • Evaluating your current policy (Good? Bad? Or Ugly?)
  • The increasing controls insurance providers are requiring
  • How business and IT leaders must partner together

The First 48: A Security Incident Response Panel Discussion

/in /by

The Critical Steps to Take After a Cyber Breach

It happened. You’ve been hit with ransomware. Systems are locked down. Data is encrypted. And your employees are wondering what’s happening. What do you do?

Unfortunately, far too many businesses in today’s world are unprepared for this situation. And according to Cybersecurity Ventures, it’s happening every 14 seconds.

In The First 48: A Security Incident Response Panel Discussion, recently featured at Fortinet’s SMB Security Summit, ISG Technology General Manager, Walter Hirsekorn, is joined by a panel of security experts to discuss the critical steps you should take the moment you realized you’ve been hit.

It could be the difference between unrepairable damage to your business and a minor setback that you can fully recover from.

Webinar: Strengthen Security Ops & Tackle Threats

/in , , , , /by

By now you know that Covid-19 has expanded the attack surface, making businesses across the globe more vulnerable to attacks via remote workforces and security policies built on the fly. You also know that a layered security approach is the solution. 

But what does a complete security strategy entail? How do you know what layers to add? And how do you get there?

In this webinar, Lane Roush, Vice President of Pre-Sales Systems Engineering for Arctic Wolf, utilizes his 20+ years of experience in IT infrastructure, storage, compute, networking and security to layout a more cost effective way of layering your security strategy.

What You’ll Learn:

  • How to strengthen your security operations
  • What the NIST Cybersecurity framework is and how to complete it
  • Tackling a hybrid-remote workforce during COVID-19
  • How ISG + Arctic Wolf can help

Who Should Watch?

Business and IT leaders who are responsible for business continuity, disaster recovery and data protection.

Webinar: Maintaining Security, Adapting To Change

/in , , , , /by

The world has changed. The volume and velocity of digital data is growing exponentially. And maintaining control in a world where every device is storing and computing data makes it more difficult. 

So, how do you deal with the rapid pace of change? How do you maintain security?

In this webinar, James Morrison, former FBI Computer Scientist focused on Cybersecurity and current HPE Distinguished Technologist, utilizes his 20+ years of experience with the FBI to help business and IT leaders grapple with the rapid pace of change they are experiencing. Here’s what you’ll learn:

What You’ll Learn:

  • The reality of the threats you face in a COVID-19 world
  • What a holistic approach to cyber security looks like
  • How to properly invest in your security operation
  • The 7 habits of highly effective security organizations
  • How ISG + HPE can help

Who Should Watch?

Business and IT leaders who are responsible for business continuity, disaster recovery and data protection.

Webinar: Beating Burnout & Boosting Business Continuity

/in , , , , , /by

It’s an unfortunate truth that many IT departments have recently faced cuts. Yet the expectations of keeping systems running and overall business continuity intact have not. In fact, it’s even more important today than ever before.

How do you balance this tug-of-war for time and resources, while spread so thin?

In this webinar, Rick Vanover, Senior Director of Product Strategy from Veeam Software, will leverage his 20+ years in data protection and business continuity to help you navigate this challenge.

What You’ll Learn:

  • The latest business continuity challenges you should be prepared for
  • How to do more with what you already have
  • How to provide extra levels of data protection and disaster recovery with ease
  • 6 best-in-class data protection practices
  • How ISG + Veeam help

Who Should Watch?

Business and IT leaders who are responsible for business continuity, disaster recovery and data protection.

Webinar: 5 Critical Steps to Strengthen Your Cybersecurity Posture

/in , , , /by

Turning Disruption Into Opportunity

With the impacts of 2020 weighing heavy on many businesses, the ability to adapt and reset becomes paramount for both long-term success and survival. Whether you’re a single-location operation or a business executive at a large corporation who just wants to mitigate risks in the COVID-19 world we’re living in, you’ll glean something from this insightful security webinar, and presented it at the August 2020 Kcoe Pro Virtual Summit.

What You’ll Learn:

  • The evolving threat landscape, and the emerging security threats that exist
  • The challenges that results from those threats
  • Five critical steps to strengthen your security posture
  • How ISG can help