Quick Intelligence Blog

Privacy and security go hand in hand. Cyber security focuses on protecting the information from unauthorized access, while privacy focuses more on protecting the contents of the information and ensuring it isn’t accessed or shared inappropriately. Both businesses and individuals have an expectation of privacy when they trust another business with their data.

A new survey by the Canadian Internet Registration Authority (CIRA) says that nearly 70 per cent of Canadian organizations facing a ransomware attack last year paid the demands to avoid downtime, reputational damage and other costs. The interesting thing is that when they asked cyber security professionals if they supported legislation to make ransomware payments illegal, 64% said yes.

So, you are a small business owner, and are about to land your first big client. Everything is going well, but before they sign the contract, they hand you a cyber security questionnaire. Now the panic sets in. Does this sound familiar?

PCI compliance, or Payment Card Industry compliance, is a set of standards created to ensure that when business take credit card payments online, they do it in a secure manner, minimizing the risk of credit card theft. The PCI Council creates the rules (there are ~150 of them) which dictate everything from firewall configuration to security protection on devices used to store, process, or transmit credit card data.

Whether you run a small business or a large business, you know that a ransomware attack can be devastating. Did you know that these 3 common misconceptions could give you a false sense of cyber security? Listed below are 3 of these misconceptions and what you can do to address them, and in turn, be more cyber secure.

The National Institute of Standards and Technology (NIST) was “founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories.” In 2013, then-president Obama tasked NIST to create a set of common-sense protection actions that SMBs could take to better protect themselves from Internet-based exposures.

Canada’s data privacy law, the Personal Information Protection and Electronic Documents Act, or PIPEDA, governs how private Canadian companies are responsible for the collection, use and disclosure of personally identifiable information (PII) during the course of their regular business activities. PIPEDA fist came into law in 2000 and must be reviewed by parliament every 5 years. The last update to PIPEDA came into law on November 1, 2018, and for the first time, it included regulations for disclosing a cyber security breach.

You may have heard about password managers as a way to build and store strong passwords. They are easy to use, as you only need to remember one password to access the database of all your passwords. These days, with multiple accounts used for email, social media, online shopping, and banking, you want to keep all your passwords safe and secure.

A recent study by the Ponemon Institute and DTEX Systems suggests that when it comes to detecting insider threats, 53% of the businesses they surveyed are unable to prevent insider attacks. Considering that the Verizon 2021 Data Breach Investigations Report suggests that 22% of all cyber attacks are caused by insiders, this is concerning.

When it comes to passwords, you know that it needs to be difficult to guess, but simple enough to remember without writing it down. And of course, you should never reuse the same password.