Skip to main content
Free Shinjuku Ward Building photo and picture
Cybersecurity

Is That Really a Text from Your CEO… or Is It a Scam?

Imagine you’re going about your day when suddenly you receive a text from the CEO. The head of the company is asking for your help. They’re out doing customer visits and someone else dropped the ball in providing gift cards. The CEO needs you to buy six $200 gift cards and text the information right away.The message sender promises to reimburse you before the end of the day. Oh, and by the way, you won’t be able to reach them by phone for the next two hours because they’ll be in meetings. One last thing, this is a high priority. They need those gift cards urgently.Would this kind of request make you pause and wonder? Or would you quickly pull out your credit card to do as the message asked?A surprising number of employees fall for this gift card scam. There are also many variations. Such as your boss being stuck without gas or some other dire situation that only you can help with.This scam…
Nicholas Salem
March 31, 2023
Free Lock Padlock illustration and picture
Cybersecurity

6 Ways to Prevent Misconfiguration (the Main Cause of Cloud Breaches)

Misconfiguration of cloud solutions is often overlooked when companies plan cybersecurity strategies. Cloud apps are typically quick and easy to sign up for. The user often assumes that they don't need to worry about security because it's handled.This is an incorrect assumption because cloud security is a shared model. The provider of the solution handles securing the backend infrastructure. But the user is responsible for configuring security settings in their account properly.The problem with misconfiguration is huge. It’s the number one cause of cloud data breaches. It’s also an unforced error. Misconfiguration means that a company has made a mistake. It hasn't adequately secured its cloud application.Perhaps they gave too many employees administrative privileges. Or, they may have neglected to turn on a security function. One that prevented the downloading of cloud files by an unauthorized user.Misconfiguration covers a wide range of negligent behavior. It all has to do with cloud security settings and practices. A finding in The State of Cloud Security 2021 report…
Nicholas Salem
March 25, 2023
Cyber Security

Written Information Security Program (WISP) – What is it? Do I need it?

Massachusetts data security regulations went into effect in 2010 requiring every company that owns or licenses “personal information” about Massachusetts residents to develop, implement, and maintain a Written Information Security Program known as a WISP. Your WISP must contain certain minimum administrative, technical, and physical safeguards to protect “personal information”. Despite this requirement, many companies, particularly those not physically located in Massachusetts, have not done so. Historically, the absence of a WISP is something that went unnoticed, but that may no longer be the case due to a recent change in the Massachusetts breach notification law. Massachusetts has amended its data breach notification law to require organizations that experience a data security incident to notify the Massachusetts Attorney General and the Massachusetts Director of Consumer Affairs & Business Regulation whether the organization implemented a WISP. This new reporting requirement highlights both the legal and practical need to implement a WISP. What changed? Jason Wong @jasonhk1920 Effective as of April 11, 2019, organizations that experience a…
Nicholas Salem
March 20, 2023
Free Online Banking Banking Operations illustration and picture
Cybersecurity

Smart Tips to Stop Money From Being Stolen Through Online Banking

There are a lot of things that have changed since the invention of the internet. One of these is how we bank and access our accounts. You used to have to go into a local bank branch to make deposits and withdrawals. Now, you can take a picture of a check and deposit it from your phone.Approximately 73% of people around the world use some form of online banking at least once a month. People have never had such convenient account access. But that convenience can come at a cost.In 2021, account takeover fraud increased by 90%. New account fraud jumped a whopping 109%. As the ease of online banking has increased, so has banking-related cybercrime.If someone breaches your Facebook account, it can be a real pain. But, if a hacker breaches your bank account, it can be devastating. It can mean significant losses. Losses that you may not be able to recoup from your financial institution.In this article, we’ll take a look at the…
Nicholas Salem
March 15, 2023
Free Crop man paying with American dollars Stock Photo
Cybersecurity

4 Proven Ways to Mitigate the Costs of a Data Breach

No business wants to suffer a data breach. But unfortunately, in today’s environment, it’s difficult to completely avoid them. Approximately 83% of organizations have experienced more than one data breach. (IBM Security 2022 Cost of a Data Breach Report)These breaches hurt businesses in many ways. First, there is the immediate cost of remediating the breach. Then, there are the lost productivity costs. You can add lost business on top of that, and lost customer trust. A business could also have extensive legal costs associated with a breach.According to IBM Security’s report, the cost of a data breach climbed again in 2022. The global cost of one breach is now $4.35 million, up 2.6% from last year. If your business is in the U.S., the cost rises to $9.44 million. In Canada, the average data breach costs companies $5.64 million.Costs for smaller companies tend to be a little lower. But breaches are often more devastating to SMBs. They don’t have the same resources that larger companies…
Nicholas Salem
March 5, 2023
Free illustrations of Metaverse
BusinessNew Technology

How Is the Metaverse Going to Change Business?

The new buzzword around town is “metaverse.” But what does that actually mean for businesses? Is it just something that social media companies need to be concerned about?According to people like Apple’s CEO Tim Cook, the metaverse is coming. He stated that “Life without AR will soon be unthinkable.” Whether that’s a short-term or long-off prediction, companies need to be ready.First comes the understanding of what the metaverse is. Metaverse is a general term – hence why it’s not capitalized like a proper name. The metaverse refers to a collective upgrade of the internet to a 3D virtual environment. This would be a world interconnected between various sites. These sites would reflect the immersive games that you see today.Did Facebook/Meta invent the metaverse? No.The idea of connected 3D immersive worlds has been around for decades. Several online gaming companies have staked a territory in the metaverse. But their applications are less interconnected.What's one of the best representations of the early metaverse? It’s a short-lived software…
Nicholas Salem
February 25, 2023
Cybersecurity

Have You Had Data Exposed in One of These Recent Data Breaches

There’s a reason that browsers like Edge have added breached password notifications. Data breaches are an unfortunate part of life. And can have costly consequences for individuals. Hackers can steal identities and compromise bank accounts, just to name a couple.Cybercriminals breach about 4,800 websites every month with form jacking code. It has become all too common to hear of a large hotel chain or social media company exposing customer data.Hackers can breach your personal information and passwords without you knowing it. And the time from breach to notification of the breach can be lengthy. One example is the data breach of CafePress. This is a popular online retailer that prints personalized items.CafePress suffered a data breach in February 2019. That breach exposed millions of names and addresses, security questions, and more. Hackers also breached social security numbers that weren’t encrypted.As mentioned, the breach happened in February. But many consumers weren’t notified until late summer. The FTC recently took action against the company. This was due…
Nicholas Salem
February 20, 2023