Quick Intelligence Blog

Whether you run a small business or a large business, you know that a ransomware attack can be devastating. Did you know that these 3 common misconceptions could give you a false sense of cyber security? Listed below are 3 of these misconceptions and what you can do to address them, and in turn, be more cyber secure.

The National Institute of Standards and Technology (NIST) was “founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories.” In 2013, then-president Obama tasked NIST to create a set of common-sense protection actions that SMBs could take to better protect themselves from Internet-based exposures.

You may have heard about password managers as a way to build and store strong passwords. They are easy to use, as you only need to remember one password to access the database of all your passwords. These days, with multiple accounts used for email, social media, online shopping, and banking, you want to keep all your passwords safe and secure.

A recent study by the Ponemon Institute and DTEX Systems suggests that when it comes to detecting insider threats, 53% of the businesses they surveyed are unable to prevent insider attacks. Considering that the Verizon 2021 Data Breach Investigations Report suggests that 22% of all cyber attacks are caused by insiders, this is concerning.

When it comes to passwords, you know that it needs to be difficult to guess, but simple enough to remember without writing it down. And of course, you should never reuse the same password.

Multifactor authentication uses a combination of two or more methods to authenticate who you are. These methods include something you know, something you have and something you are. To break it down further, the something you know could be a password or security questions, the something you have could be a token or code sent via SMS, and the something you are usually involves biometrics (fingerprint or facial recognition).

You’ve seen some of the headlines regarding big cyber security breaches. Colonial Pipeline paid a huge ransom to get their data back and get the gas flowing again. JBS Meat also suffered an attack that shut down production for days.

The General Data Protection Regulation, or GDPR, is a law created by the European Union to protect its citizens’ privacy and information. It includes the concept of the “right to be forgotten”, meaning if an EU citizen doesn’t want you to have their information, they have the right to request that it be deleted entirely and expect proof when completed. If you do business in the EU or have EU citizens as customers, GDPR applies to you, take it seriously as significant fines for non-compliance can apply! Fines can be as high as 20,000,000 EUR, or up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.

One of the biggest stories of 2021 has been the big increase in ransomware attacks. While not a new phenomenon, it seems that attacks are happening more frequently, with Barracuda researchers on reporting that they’ve identified and analyzed 121 ransomware incidents so far in 2021, a 64 percent increase in attacks. The ransom demands also keep getting bigger, with Palo Alto Networks’ Unit 42 reporting an 82% increase in the amount of the average ransom.

The California Consumer Privacy Act (CCPA) is a state statute designed to protect the personal information of California residents. Like the EU’s General Data Protection Regulation (GDPR), It gives residents the right to know about information being collected about them and why it’s being collected, the right to request information be deleted (with some exceptions), the right to opt-out of having their information sold, and the right to non-discrimination for exercising these rights. Only California residents have rights under the CCPA.