WHAT IS SHADOW IT? You probably haven’t heard the term “Shadow IT” before, but it’s something all organizations need to be concerned about. Shadow IT refers to unauthorized applications employees are using and downloading to help with work-related activities that involve company data. Such applications are often easy for anyone to purchase or enrol themselves into. These applications might even integrate with your organization’s critical applications and/or store company data such as...
Remote and hybrid work models, which require a large portion of business to be conducted outside the internal corporate network and in the cloud, have opened the floodgates to ransomware attacks. Phishing attacks and ransomware-infected webpages targeting remote and hybrid workers are rampant. During the first half of 2021, the number of ransomware attacks doubled year-over-year, with an attempt on a U.S. business every 11 seconds, according to the Cybersecurity and Infrastructure Security...
Cyber security can be complex and with an evolving threat landscape it can be difficult to work out how to reduce the risk of a cyber-attack. Basic cyber hygiene is critical if you want to prevent threat actors breaching your organization’s network. Here are seven cyber hygiene best practices you must make sure your organization is carrying out in order to ensure the safe handling of your critical data and network security. Passwords and MFA Ensure employees are up to date on how to a stro...
The pandemic tested the business resilience of every organization. Small and medium sized enterprises (SMEs) had to maximize their digital footprint to keep operational, service their customers and survive. Just as companies are starting to return to some semblance of new normal, another threat is on the horizon. The pandemic has fuelled an increase in cybercrime that shows no signs of abating. Small and medium sized enterprises caught in the cross hairs The speed with which companie...
Third-party cyber attacks within the digital supply chain remain a top access route for cybercriminals to gain entry into a company or their data. We’ve seen this occur time and time again; take the recent example of the Red Cross data breach. Over 500 thousand people connected to the International Committee of the Red Cross had their sensitive data compromised. The threat actor was able to gain access to the data by targeting an external third-party in Switzerland that stored the ICRC dat...
Imagine that you are prospecting a new IT vendor and you are using a security ratings service to vet their overall cyber risk posture. The resulting “B” rating is considered “Good” in the space, so you move ahead with the relationship and begin sharing data with this company. Two weeks later, you discover that this vendor has suffered a ransomware attack and your sensitive data is compromised. What happened? How was this missed? This scenario is all too familiar. Vendor risk assessmen...