Skip to main content
Free Security Cyber illustration and picture
Cybersecurity

How to Use Threat Modeling to Reduce Your Cybersecurity Risk

As cyber threats continue to increase, businesses must take proactive steps. They need to protect their sensitive data and assets from cybercriminals. Threats to data security are persistent and they come from many different places.Today’s offices are digitally sophisticated. Just about every activity relies on some type of technology and data sharing. Hackers can breach these systems from several entry points. This includes computers, smartphones, cloud applications, and network infrastructure.It’s estimated that cybercriminals can penetrate 93% of company networks.One approach that can help organizations fight these intrusions is threat modeling. Threat modeling is a process used in cybersecurity. It involves identifying potential threats and vulnerabilities to an organization's assets and systems.Threat modeling helps businesses prioritize their risk management and mitigation strategies. The goal is to mitigate the risk of falling victim to a costly cyber incident.Here are the steps businesses can follow to conduct a threat model.Identify Assets That Need ProtectionThe first step is to identify assets that are most critical to the business. This…
Nicholas Salem
July 20, 2023
Free Mail Phishing vector and picture
Cybersecurity

Business Email Compromise Jumped 81% Last Year! Learn How to Fight It

In recent years, electronic mail (email for short) has become an essential part of our daily lives. Many people use it for various purposes, including business transactions. With the increasing dependence on digital technology, cybercrime has grown. A significant cyber threat facing businesses today is Business Email Compromise (BEC).Why is it important to pay particular attention to BEC attacks? Because they’ve been on the rise. BEC attacks jumped 81% in 2022, and as many as 98% of employees fail to report the threat.What is Business Email Compromise (BEC)?Business Email Compromise (BEC) is a type of scam in which criminals use email fraud to target victims. These victims include both businesses and individuals. They especially target those who perform wire transfer payments.The scammer pretends to be a high-level executive or business partner. Scammers send emails to employees, customers, or vendors. These emails request them to make payments or transfer funds in some form.According to the FBI, BEC scams cost businesses around $1.8 billion in 2020. That…
Nicholas Salem
July 15, 2023
Free Sign Security vector and picture
Cybersecurity

9 NSA Best Practices for Securing Your Home Network

In today's world, technology is ubiquitous, and connectivity is a must. Securing your home network has become more critical than ever. A secure home network is essential for protecting your personal data from hackers.From phishing to smishing (SMS phishing), it’s getting harder to avoid a breach. Individuals often have fewer safeguards in place at home than at work. Yet many are working from home, which puts both personal and company data at risk.About 46% of businesses saw at least one cybersecurity incident within two months of moving to remote work.The good news is that there’s no lack of materials on home network security. Many of the steps are straightforward and can help you avoid a data breach at home.The National Security Agency (NSA) has provided some best practices. These are for securing your home network. We’ll highlight some of the most helpful tips below.1. Change Default Passwords and UsernamesThe first step to secure your home network is to change the default login. This means changing…
Nicholas Salem
July 5, 2023
Free Attack Unsecured vector and picture
Cybersecurity

What Is Push-Bombing & How Can You Prevent It?

Cloud account takeover has become a major problem for organizations. Think about how much work your company does that requires a username and password. Employees end up having to log into many different systems or cloud apps.Hackers use various methods to get those login credentials. The goal is to gain access to business data as a user. As well as launch sophisticated attacks, and send insider phishing emails.How bad has the problem of account breaches become? Between 2019 and 2021, account takeover (ATO) rose by 307%.Doesn’t Multi-Factor Authentication Stop Credential Breaches?Many organizations and individuals use multi-factor authentication (MFA). It's a way to stop attackers that have gained access to their usernames and passwords. MFA is very effective at protecting cloud accounts and has been for many years.But it’s that effectiveness that has spurred workarounds by hackers. One of these nefarious ways to get around MFA is push-bombing.How Does Push-Bombing Work?When a user enables MFA on an account, they typically receive a code or authorization prompt…
Nicholas Salem
June 30, 2023
Free Office Computer illustration and picture
Cybersecurity

Is It Time to Ditch the Passwords for More Secure Passkeys?

Passwords are the most used method of authentication, but they are also one of the weakest. Passwords are often easy to guess or steal. Also, many people use the same password across several accounts. This makes them vulnerable to cyber-attacks.The sheer volume of passwords that people need to remember is large. This leads to habits that make it easier for criminals to breach passwords. Such as creating weak passwords and storing passwords in a non-secure way.61% of all data breaches involve stolen or hacked login credentials.In recent years a better solution has emerged - passkeys. Passkeys are more secure than passwords. They also provide a more convenient way of logging into your accounts.What is Passkey Authentication?Passkeys work by generating a unique code for each login attempt. This code is then validated by the server. This code is created using a combination of information about the user and the device they are using to log in.You can think of passkeys as a digital credential. A passkey…
Nicholas Salem
June 25, 2023