now browsing by tag


Four #cybersecurity #tips for #travelers

Do you sacrifice convenience for security when you’re traveling on vacation or on business? A University of Phoenix survey says very few people take precautions to safeguard their data while traveling.

“You need to practice the same cybersecurity precautions that you take at home or at work when you are on business trips or vacations,” says Dennis Bonilla, executive dean at the College of Information Systems and Technology School of Business, University of Phoenix. “That’s when you are less secure because you are accessing networks that are not as protected and have a lot of public access. That’s where the hackers are lurking to figure out how to get your information.”

Bonilla shares four ways to protect yourself when traveling on business or vacation:

Avoid public Wi-Fi

Using public Wi-Fi at the airport or local coffee shop is certainly convenient. However, Bonilla says many of those networks aren’t encrypted. That means the data you are transmitting can be easily accessed. Hackers now have sophisticated tools that can intercept the data you are transmitting. Not only can they log keystrokes; they can also download your data onto their own device.

Don’t access Bluetooth

Do you enjoy listening to music on your Bluetooth device? Bonilla says the same way you access Bluetooth to get music from your device to your headphones, hackers can use the same technology to steal data from you. In late 2017, security company Armis published details of a new Bluetooth vulnerability in which hackers can take complete control of targeted devices in only 10 seconds. Bonilla’s advice is to always keep your Bluetooth capability off when traveling.

Stop using your personal device for business purposes

A University of Phoenix survey found a majority of travelers mistakenly believe their devices are just as safe on vacation as at home. Bonilla says you should never let your guard down. Using your personal device for business purposes not only puts your information at risk but also your employer’s. Imagine the amount of information that could get into the wrong hands! There may be financial data, intellectual property or other sensitive information you don’t want the general public to see. He says it’s important to avoid using common passwords for both devices.

Stay away from a hotel’s shared office space

Thinking about stopping by the hotel’s business center to print out your airline boarding pass? Bonilla says those computers are extremely vulnerable to cyber criminals, especially if you use them to check your personal or work emails. He says a lot of hotels don’t have any protection or encryption on their computers, putting your information at risk.

Bonilla says criminals are always a couple of steps ahead of the average person. No longer do hackers need a deep amount of knowledge to carry out their crimes. All they need is a laptop and an internet connection. He says it’s important for the average person to be educated on the ways hackers can target their information.

“Don’t be lazy,” says Bonilla. “Cyber-attacks are at an all-time high. We are more connected than ever. You’ve got to take precautions. Take the simple steps of updating the software on your phone, disabling Bluetooth, GPS, and Wi-Fi – stay off those network spaces. That’s where they are waiting to attack.”


The post Four #cybersecurity #tips for #travelers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Four #Proactive #Tips to Improve #Cybersecurity for Small #Businesses

Source: National Cyber Security News

Although the media headlines often highlight major data breaches of large corporations and government agencies, the majority of businesses being hacked are small businesses. Why is this the case? Most small businesses do not have layers of security in place to protect them so attackers consider them low-hanging fruit. According to Verizon’s 2017 Data Breach Investigations Report, 61 percent of data breaches in 2016 affected small businesses. As many of you are aware, the title industry is in the attackers’ direct line of fire. The good news is that effective IT security is not beyond reach. Here are a few cybersecurity tips that can benefit your business.

Network Security

Implementing a network firewall with intrusion detection and prevention capabilities (IDS/IPS) is crucial. A firewall protects your network from malicious traffic and an IDS/IPS system properly monitored can stop a attackers in their tracks. Unmanaged systems do not provide adequate security.

Attackers are working around the clock and so should your security. Performing regular network vulnerability testing, internally and externally, can identify risks and give you the opportunity to remediate before being hacked. Many of the common vulnerabilities that this process could identify include legacy or otherwise unsupported operating systems, poor patch management and exposed systems.

Read More….


View full post on National Cyber Security Ventures

How to #protect an #organisation: 5 #cyber security #tips

Source: National Cyber Security News

If businesses want to protect themselves from cyber threats, they must stay one step ahead of the ever-evolving and changing world of cybercrime

At the beginning of each new year there is no shortage of information security predictions and warnings. As we move further into 2018, Corey Nachreiner, CTO at WatchGuard Technologies takes stock and identifies five key issues to look out for.

1. IoT botnets will force governments to regulate

In 2016, the Mirai botnet showed the world just how powerful an army of IoT devices can be, launching successful, record-breaking DDoS attacks against popular websites like Twitter, Reddit and Netflix. Attackers continue to target these devices due to their weak or non-existent security, both in development and deployment.

“Attackers have already started improving on the Mirai source code, which will mean larger and stronger botnets in 2018. For example, the Reaper botnet actively exploits common vulnerabilities in IoT devices to gain access to the devices instead of relying on a hard-coded credential list,” said Corey Nachreiner.

“As attacks continue to grow in effectiveness, the damage they cause will grow until the IoT manufacturing industry is incentivised or forced to add stronger security to their products by government regulation to address IoT security.

Read More….


View full post on National Cyber Security Ventures

Top 10 #Tips to #Protect you from #Identity Theft

Source: National Cyber Security News

Identity thieves use your personal information without your knowledge. The thief may use your name to recover debt and even commit crimes. The following tips can help you reduce the risk of becoming a victim.

  1. Protect your social security number from identity theft.

Do not carry your social security card in your wallet. If your health plan (except Medicare) or another card uses your social security number, ask for a different number from the company. For more information, see your Social Security number: Key to controlling identity theft pages.

Prompt to protect your SSN and identifiable information

  • Keep your card and any other files showing your social security number in a safe place; do not always carry your card or other documents to display your number.
  • Be careful to share your number, even if you are required; share your SSN only when absolutely necessary.

Protect your personal financial information at home and on the computer.

  • Check your credit report once a year.
  • Check your Social Security income report annually,
  • Protect your PC by using firewalls, antispam / virus software, updating security patches, and changing the password for your Internet account.

    Read More….


View full post on National Cyber Security Ventures

Cyber Security #Tips for the #Holiday #Season

Source: National Cyber Security – Produced By Gregory Evans

Cyber Security Tips for the Holiday Season

We all know how important it is to use the internet safely, but during the holiday season, it’s even more important to protect your sensitive information from cyber criminals. With a 31% increase in fraud attempts during the holidays, frequent online shoppers and internet users should consider taking a proactive approach to protecting their computers, online files, financial accounts, and identity information.

5 Tips for your Online Security During the Holiday Season

1. Update Your Computer

Although it seems obvious, among daily computer users, nearly 66% of them will delay or forget to install suggested software updates — even when it’s marked “securitycritical”. Setting up automatic updates is the best way to avoid the inconvenient reboot, and ensures your software is bug free and hack resistant.

2. Protect Your Network

The easiest way to protect your internet connection is to use a virtual private network (VPN). VPNs create an encrypted connection protecting your data from other network users or cybercriminals. For tech savvy individuals, you can check out this information on advanced network security.

3. Secure Your Cloud Data

No matter what time of year it is, protecting the information stored within your online cloud is essential. From sensitive client information to personal data, today we use our clouds to store almost everything. However, it’s possible that the transfer of data in and out of the cloud could be vulnerable to attack– especially if you’re using an unprotected network. However, cloud encryption software like ours can give you peace of mind while accessing your online data.

4. Avoid Password Duplication

When creating a new account, or accessing a frequently used one, it’s important to use entirely new and unique passwords to prevent and avoid compromising other accounts using the same password. Incorporating numbers, letters, and special characters into your password makes it much harder to guess or hack. If you use unique passwords for every account, a hacked password cannot be applied to your other accounts. Remembering multiple unique passwords can be tough, so consider installing a secure password manager such as this one from Sticky Password.

5. Defend Your Identity Information

Using all of the above security strategies, a proactive individual is far less likely to be the victim of credit fraud or identity theft. However, detecting compromised information can be difficult, and unless you frequently check your credit report and billing statements for unknown use or surprises, it’s possible to go unnoticed. To prevent this, consider enrolling in an identity theft protection and monitoring service to defend yourself against future cyberattacks and fraud.

Boxcryptor – Security for Your Cloud

Boxcryptor is a software Made in Germany that allows data to be encrypted automatically before it is stored in the cloud. More than 20 of the popular cloud storage services can be used with Boxcryptor. We encrypt your files using state-of-the-art end-to-end encryption technology. Through zero knowledge encryption, no one else (including us as the provider) has access to the encrypted files except the registered user.

Of course, here at Boxcryptor, we are concerned about cybersecurity and data privacy all year round. But the holidays are a great opportunity to once again intensively deal with the settings of your devices, your update behavior, and habits.

The advantage of using Boxcryptor for your cloud security: Once it is set up, the encryption runs in the background. This means, if you take a little time over the holidays to get started with Boxcryptor, you have a good set-up for the protection of your data in the New Year.

The post Cyber Security #Tips for the #Holiday #Season appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity #Tips to Help #Retailers and #Consumers Stay #Secure During the #Holiday Season

Source: National Cyber Security – Produced By Gregory Evans

It’s time to take advantage of all those holiday specials and spend all your hard-earned bitcoin — er, I mean money — buying gifts for friends, family and, of course, yourself. Many retailers, large and small, online and brick-and-mortar, run holiday promotions as early as September. Gone are the days of waiting until Black Friday or Cyber Monday to take advantage of sales and specials.

The bad guys will be shopping, too — just not for the same items you are. Instead, they will be shopping for your wallet.

It’s true that some cyber Grinches ramp up their malicious activities during the holiday season, perhaps in the form of holiday-specific spam, spear phishing or compromised sites. While increased vigilance is encouraged during this time, there are a number of cybersecurity tips and best practices consumers and retailers should follow throughout the year to help mitigate threats. Having the right controls and awareness in place before the holidays can go a long way during the busy shopping season.

For Retailers: Vigilance Encouraged Throughout the Year

Black Friday and Cyber Monday are heavy shopping days and are likely to remain so for the foreseeable future. However, IBM X-Force research conducted over the past few years revealed that there was no significant uptick in network attacks targeting X-Force-monitored retailers during the traditional holiday shopping period in late November. In fact, last year, the volume of attacks for those two days fell below the daily attack average for retailers.

However, now that the shopping extravaganza lasts for two or more months, it’s possible that this four-day window is too short of a time period to identify notable network attack trends.

So far in 2017, network attacks targeting retail networks were highest in Q2, with June being the most-targeted month. Attacks dropped notably beginning in August and have been steadily declining, with the volume of attacks monitored for October below the monthly average for the year.

Time to celebrate? Not necessarily. In 2016, we observed a notable surge in the volume of attacks targeting retailers in mid to late December. Additionally, malware compromises occurring earlier in the year that have gone undetected can wreak havoc once the busy season commences. In December 2016, a security researcher discovered that nearly 7,000 online stores running Magento shopping cart software were infected with data-stealing skimmer malware capable of logging credit cards and passwords and making them available to attackers as image files for exfiltration.

Furthermore, bad actors do not have to steal anything to wreak havoc on the retail industry. A distributed denial-of-service (DDoS) attack is enough to cost the sector millions. In fact, the average cost of DDoS attack for organizations across all industries rose to over $2.5 million in 2016.

Retailers are encouraged to monitor their networks with increased vigilance during this holiday season. Vulnerable point-of-sale (POS) systems, compromised websites, and targeted spam and phishing campaigns can be costly.

To help keep your security posture strong over this holiday shopping season and all year long, review and implement the recommendations outlined in the IBM report, “Security Trends in the Retail Industry.”

For Consumers: What Cybersecurity Tips Are Missing From Your Repertoire?

Many online consumers have improved their security awareness as media coverage and education opportunities have increased. However, below are a few cybersecurity tips that many consumers likely haven’t thought of.

Assess Convenience Versus Risk

Our digital interactions leave data trails. Finding the right balance between personalization and privacy is the consumer’s responsibility, not just the retailer’s. Many sites have the option to save your card data for future use. While this feature offers convenience to the consumer, the stored data can be stolen via SQL injection attacks or other database compromises — after all, there are billions of leaked records due to misconfigured servers. Always look for the green lock icon in the browser address bar to ensure a secure connection to websites.

Be Wary of Unsuspicious Emails

Criminals have gotten really good at devising phishing lures that are extremely difficult to recognize as fraudulent. Receive an attachment from someone that appears to be in your contact list? Call them to confirm. Order something online? Before clicking the “track package” link in the confirmation email, ensure that it is actually an item you purchased from the correct vendor.

Use Passphrases and Multifactor Authentication

Exercise strong password hygiene by choosing to use a long, easy-to-remember passphrase, such as “ipreferpassphrasesoverpasswords,” instead of complex passwords containing a combination of letters, numbers and special characters. Unfortunately, this is not always an option since many websites now require a password that contains this combination. Use different passphrases for each site. If this seems too daunting, use a password manager. Rather than managing dozens of passphrases on your own, you’ll just have to remember the one key to your digital vault.

Always opt for multifactor authentication when available, and figure out which option is the most secure when choosing a real-time short message service (SMS) text message, an email message or an automated phone call.

Get Creative With Security Questions

When setting up new accounts, opt for security and password reset questions that aren’t public to make it harder for fraudsters to get their hands on your information. For example, don’t use your mother’s maiden name, which could be easily found online. Even answers to opinion-based questions, such as favorite movie, food, etc., can be found on social media. For increased security, lie about your answers or use passphrases as the answers.

Skimmers Abound

By now, you have most likely heard of skimmers being placed on the card readers at gas stations and bank ATMs. A skimmer is a hidden device placed inside the mouth of a payment card reader that is designed to copy your card data for criminals to user later. But what about in-store POS systems? Be on the lookout for suspicious-looking card swiping terminals that could be skimmers, or cash register attendants who seem to swipe your card on two different readers. Maintain this vigilance not only during the holiday season, but all the time, especially if you travel to other countries.

Know Your Card Security Features

Banks and credit card companies have implemented some great security features, such as being able to set limits on the number of times the card can be used within an hour or on the amount that can be spent on one purchase. However, if you’re unaware of these limits for your personal accounts or your phone number is not up to date in your bank profile, you may end up with a declined card.

Cover Your Card

Is the person in line behind you taking a selfie, or is he or she taking a picture of your card as you make a purchase? By obtaining the credit card number, name, expiration date and the card security code or card verification value on the back, an attacker may be able to use the information to make online purchases.

Keep Your Guard Up Year-Round

The holiday season is a great time to take stock of the past year while relaxing and spending time with loved ones, but it’s no time to let your guard down, especially given the increasing sophistication of cybercriminal tactics targeting holiday shoppers and sellers alike. We encourage retailers and consumers to follow best practices not only this holiday season, but also all year long to help mitigate attacks and compromise.

The post Cybersecurity #Tips to Help #Retailers and #Consumers Stay #Secure During the #Holiday Season appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

14 #Cybersecurity Tips All #Business Leaders Should Know

Source: National Cyber Security – Produced By Gregory Evans

14 #Cybersecurity Tips All #Business Leaders Should Know

As a business owner, cybersecurity can be a daunting topic: It’s complex, threatening, and you might not even know where to start. But considering hacks will cost companies as much as trillions of dollars annually within the next five years, cybersecurity is a measure all businesses — both big and small — must take.

To help break down different pieces of the puzzle, we’ve compiled tips and takeaways from 14 cybersecurity experts from Forbes Technology Council.

1. Cyber criminals feed off human error

“With the proper behavioral changes, organizations can greatly minimize their chances of suffering a devastating blow. It all starts with developing a culture of cybersecurity. But what does that look like?,” writes Reg Harnish, CEO, GreyCastle Security.

“A consistent buy-in among employees starts with driving home the fact that everyone has a role to play in protecting the company’s assets, and no role is more important than any other,” writes Harnish. “Additionally, employees are more likely to stay committed to the task if the security concepts can be easily implemented into their daily routines, much like brushing their teeth.”

Read more in What It Means To Have A Culture Of Cybersecurity

2. But you might want to hire a hacker …

Research forecasts the cost of cybercrime to hit $6 trillion per year by 2021. Whether you own a company or not, everyone is at risk of having their data stolen, as cybercrime is the fastest-growing crime in the U.S.. Knowing how to best position yourself before an attack happens is essential.

“More and more businesses and government agencies are engaging with independent security researchers to help them find vulnerabilities in their systems that they otherwise wouldn’t,” writes Alex Bekker, VP of engineering at HackerOne, “Most cyberattacks are executed via security holes unknown to the target organization, so having well-intentioned hackers find vulnerabilities in our computer systems is the closest we can get to real-world conditions.”

3. Most companies know about cyber threats, but aren’t doing much about it

“The hackers have done an excellent job of bringing the cybersecurity industry to the forefront, but how can we translate that into successfully helping corporations, governments and individuals defend themselves? The answer is rather simple: education,” writes Nick Espinosa, Chief Security Fanatic of Security Fanatics.

“Consider two major points in this vein: First, a recent study of global governments shows that while they’re aware of cyberthreats to their infrastructure, roughly 50% of said governments do not have a formal cyberdefense strategy or plan,” writes Espinosa. “Second, we have plenty of corporations and governments with vast amounts of intellectual property who continue to be behind in cyberdefense, using outdated strategies instead of the latest and greatest defense hardware, software and methodology. The ‘if it ain’t broke, don’t fix it’ mentality is alive and well, sadly.”

4. Beware of another threat: biased security providers

As cybersecurity becomes non-optional, third-party vendors seem to be popping up out of the woodwork. They make big promises, but not all of them can deliver.

“Setting advanced testing standards would be an important step in codifying what is promised and delivered by various products,” writes Jamie Butler, CTO of Endgame, “Unfortunately, much of the available third-party testing organizations receive compensation for testing, which makes the results inherently biased. Instead, non-pay-to-play organizations like MITRE and the Cyber Independent Testing Lab need to become the norm.”

5. It’s not enough to plan against an attack, IT departments must plan for one as well

“No matter the extent and level of investment an organization puts into cyberthreat prevention, leadership must recognize a hard reality: It only takes one wrong click to invite an intrusion . Thus, a restorative approach (i.e., a well-equipped disaster recovery plan) is needed to ensure ongoing business in the event of a ransomware attack,” writes Jeffrey Ton, EVP of product and service development at Bluelock.

“It’s crucial for companies to ensure their restorative capabilities are just as strong, if not stronger, than their preventative measures in place. In every breach scenario, quick responsiveness avoids extensive data loss and reputational fallout,” writes Ton. “Achieving the creative and analytical tension for this type of resilience is just another reason for IT departments to shift their traditional approach.”

The post 14 #Cybersecurity Tips All #Business Leaders Should Know appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Users aren’t the weakest link in cybersecurity: 3 tips for IT leaders

Source: National Cyber Security – Produced By Gregory Evans

It’s practically a given in the information security world: Users are the weakest link. No matter the security measures an organization deploys, they can all be undone by employees who, knowingly or not, violate IT policies at their desks or while working from home or on mobile devices. But one…

The post Users aren’t the weakest link in cybersecurity: 3 tips for IT leaders appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

15 Tips to Staying Secure While Staying Connected

Source: National Cyber Security – Produced By Gregory Evans

National Cybersecurity Security Awareness Month brings to light what you already know – cruising the internet can be harmful if you don’t follow best security practices. The good news is you don’t need to be a cybersecurity pro to employ smart online safety habits that can go a long way…

The post 15 Tips to Staying Secure While Staying Connected appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity Tips for Small and Medium-sized Businesses

Source: National Cyber Security – Produced By Gregory Evans

When it comes to ransomware, big businesses get all the attention in the press, which might lead one to think that this kind of cyberattack only targets companies with a big name. But this is far from the truth. On a global level, 43% of attacks are aimed at small…

The post Cybersecurity Tips for Small and Medium-sized Businesses appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures