Entries by Robert Siciliano

Feds Move Toward Mandatory Cybersecurity

Mandatory cybersecurity is coming, according to details published by Slate of the Biden Administration’s National Cybersecurity Strategy now circulating in Washington. The document, which is expected to be approved in the coming weeks, details significant, meaningful changes in the way the United States approaches cybersecurity that every business owner needs to understand. Mandatory Cybersecurity Is Coming to…

Let’s Be Honest About SMB Cybersecurity Risks

There is a disconnect between the reality of small- and mid-sized business (SMB) cybersecurity risks, the way SMBs think about them and the services that cyber security companies offer. This disconnect is most obvious for law firms and real estate agencies that may have office WiFi, or even a cloud-based server, but that lack central…

Municipal IT Director Put on Leave Following Breach

Hackers Had Access for Months Before Launching Ransomware Attack In another sign that accountability is rising in cyber security, the IT director of the Suffolk County Clerk’s Office in New York has been put on paid administrative leave. An investigation following a September ransomware attack found that hackers had been exploring and exploiting Suffolk County’s systems since…

Three Federal Agencies Warn of Business Email Compromise (BEC) Scams

Business Email Compromise (BEC) scams netted $2.4 billion in losses during 2021, with 19,954 complaints reported to the United States government. A joint advisory from the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI) and the U.S. Department of Agriculture (USDA) urges businesses in the agricultural and food…

Phishing Is the Tool, Ransomware Is the Payload: IBM 2022 Threat Intelligence Index

Phishing remains the top tool for criminals targeting businesses, while ransomware has become the most popular form of cyberattack, according to the IBM Security X-Force Threat Intelligence Index 2022. The report, which catalogs attacks recorded between January and December 2021, ahead of a rise in cyber attacks related to the war in Ukraine, offers some sobering…