Sage Advice - Cybersecurity Blog

Local governments and school districts are falling victim to ransomware attacks with alarming frequency and devastating consequences. At any organization, having tools in place to improve cyber resilience is a necessity, especially as hackers get more sophisticated every day.

The epic Target breach raised our awareness that third-party service providers are a significant cybersecurity risk. It showed us how an employee at an HVAC vendor could click a phishing link and result in 40 million credit / debit card numbers and 70 million customer and employee records being compromised.

Like everything in technology today, the activities of cybercriminals are constantly evolving. Your organization must keep pace to protect your data and your reputation. The place most clients are with this query is, “What are our peers doing?”

Cloud computing has gained popularity over the past few years, and organizations large and small are utilizing a variety of cloud services to support their business needs.

The popular tax preparation software TurboTax recently announced that an unauthorized party had accessed an undisclosed number of its clients’ accounts. But it wasn’t because they had suffered a data breach. Instead they were victims of a credential stuffing attack – a cyberattack that continues to gain popularity. 

With cyber-attacks increasing, the likelihood that many organizations are experiencing the same attack is also increasing.  When such an incident occurs, the intelligence gathered – including what happened, how it was dealt with, and lessons that were learned – can teach your organization what to do in the same situation.  In today’s dynamic threat environment, it’s impossible to single-handedly keep on top of everything.  Implementing a threat intelligence program can help you better protect your organization.

Looking back at recent data breaches, it’s interesting to note that the largest breaches didn’t involve stolen credit card or social security numbers. Instead a myriad of personal information is being stolen in massive quantities. Why this shift? It’s just more valuable!

Cybercriminals are driven by opportunity and go where the money is. As soon as the good guys figure out how to stop them, they’ve already figured out their next move. So, it’s no wonder that the cyber threat environment is constantly changing, and exploits continue to evolve and shift.

Data classification is as fundamental a part of securing your organization's information as knowing what data you have and who can access it. It's the process of identifying and assigning pre-determined levels of sensitivity to different types of information. If your organization doesn’t properly classify your data, then you cannot properly protect your data.

Email completely changed the way we communicate and the way we do business. While it makes us more efficient, it comes with a cost. And that is the risk of a data breach. There are a myriad of studies that reach the same conclusion year after year. The majority of cyberattacks begin when someone clicks on a link in a phishing email.