Sage Advice - Cybersecurity Blog

In today's threat environment, we can count on the fact that there will be more spectacular breaches to come. The bad guys will always get in. It's time to acknowledge that reality and take action.

In our experience, many organizations who are just getting started on their path to cyber resiliency have a few misconceptions when it comes to cybersecurity. These myths must be busted in order for organizations to defend themselves against the risks they face. Here are four of the most common myths that must be cleared up.

• Tyler Detect deployed to detect network threats 24/7
• Malicious behavior found and corrected immediately following deployment
• Visibility into all network activity is increasing awareness and driving risk mitigation solutions

Tyler Detect has an immediate impact on Lowndes County’s cybersecurity program.

Advanced cyber threat detection cannot happen by algorithm alone. Cybercriminals can evade traditional defenses compromising an infrastructure within minutes or hours. Study after study shows it can take organizations weeks, even months or years, to uncover an intruder.

Privacy is difficult to define, much less protect. In the business realm, data privacy is still regularly confused with data security and the titles of those charged with safeguarding it for customers vary widely. Meanwhile, many organizations continue to collect as much personal data as they can, just because they can.

In the rush to the cloud, infosec professionals struggle to translate their existing security capabilities, controls, and processes to the new environment.  One of the last processes they adapt? Incident response, said Dave Shackleford, as he kicked-off his 2019 CyberCrime Symposium presentation. A primary reason, he said, is they can’t get the same real-time visibility into events that they could in their traditional environments.

Some five years back, Don Anderson, CIO at the Federal Reserve Bank of Boston, sat down for the first time with the organization’s chief risk officer. As the IT head of one of the Fed’s 12 regional banks, he was there to provide input on risk, as part of an initiative to create an enterprise risk management framework.

For the first time in its 10-year history, the CyberCrime Symposium featured breakout sessions, a nod to past-audience requests for content tailored to different functional roles. The sessions, offered on both days of the event, comprised two separate tracks — one technical, the other on risk and compliance.

At his 2019 CyberCrime Symposium presentation, Jim Reavis saluted the audience for participating in the annual event, noting the high ratio of return attendees.

For its 10th anniversary, the CyberCrime Symposium took to the cloud, where security still concerns, confuses and confounds info-sec pros. For this year’s event, sponsored by AWS, Tyler Cybersecurity put together a stellar lineup of speakers, who took the stage to discuss the high stakes of cybersecurity in a world taken with the cloud.    

Ransomware attacks can have devastating consequences for organizations. Downtime is often more detrimental than ransom costs. Recovery is expensive, and there is a significant cost in system disruption, emergency response, and reputation damage.

Ransomware continues to be a significant threat to organizations of all sizes. Victims of an attack are denied access to their data. Many times, files are encrypted, and a ransom is demanded to restore access. If hit, the best-case scenario is that you have clean backups to restore your systems and can avoid paying the ransom.  However, downtime is often more detrimental than ransom costs. Recovery is expensive, and there is a significant cost in system downtime, emergency response, and reputation damage.