10 Truisms of Cyber Security- Part I
Before we go straight into the truisms, know that cyber-readiness is not a role for any one person on your team, every member of the team has a role to play in it. Now let’s get your small business cyber ready. 1. Preparation Is The Key To Success Start with taking time out with your team for internal assessment. For a checklist, you can refer to CISA (Cybersecurity and Infrastructure Security Agency)…
A ‘Compliance First’ Mindset Limits Liabilities for SMBs
By adopting a Compliance First strategy, when choosing solutions and vendors, you will identify those that do not comply with your requirements, eliminate them from your selection process, and then select from the rest. It also means evaluating your current solutions and vendors and replacing those that cannot support your compliance requirements. In simple terms, compliance is anything someone else makes you do. This means laws, regulations, contracts, and even the terms…
Achieving CMMC: The Interim DFARS Rule and What It Means for You
The Cybersecurity Maturity Model Certification (CMMC) was formally made part of the Defense Federal Acquisition Regulation Supplement (DFARS) in January 2020. The decision sent over 300,000 members of the defense industrial base (DIB), mostly small and midsize businesses (SMBs), into a state of frenzy. Most found themselves drowning in all the unnecessary noise surrounding CMMC and its larger implications on existing and future government contracts. The chaos increased when the Interim DFARS…
Getting Ready for New CMMC Requirements Now
Right off the bat, we’re here to tell you that anyone promising you a sure-shot solution to all your CMMC woes is trying to pull a fast one on you. The Cybersecurity Maturity Model Certification (CMMC) is a comprehensive move by the U.S. Department of Defense (DoD) that involves a lot of moving parts that have not been finalized yet. In fact, with the planned rollout of the new CMMC requirements scheduled…
Making Security Awareness Second Nature
Your business’ security program must start with your employees and strong security policies rather than entirely depending on your IT team or the latest security solutions. You can significantly reduce the likelihood of a data breach by combining a well-drafted cybersecurity policy with comprehensive security awareness training. It is your responsibility to implement security training for all your employees so that your organization can withstand cyberattacks and carry out business as usual.…
Your Biggest Cybersecurity Risk: Your Employees
Cybercriminals work round the clock to detect and exploit vulnerabilities in your business’ network for nefarious gains. The only way to counter these hackers is by deploying a robust cybersecurity posture that’s built using comprehensive security solutions. However, while you’re caught up doing this, there is a possibility you may overlook mitigating the weakest link in your fight against cybercriminals — your employees. With remote work gaining traction and decentralized workspaces becoming…
What is the Cybersecurity Maturity Model Certification (CMMC)?
Author TruMethods Standards Manager, Brian Dappolone If you have not heard of the Cybersecurity Maturity Model Certification (CMMC) yet, it is not the end of the world. The latest certification requirements were finalized by the Department of Defense (DoD) on January 31st and at the moment they are in the process of approving auditors for the new certification. What does this mean for you as an MSP? Not a whole not unless you…
Recommended Best Practices for a Secure Supply Chain
Your business’ cybersecurity posture must prioritize detection, evaluation and mitigation of risks posed by your supply chain. It is vital that your security is upgraded on a regular basis to better prepare for any worst-case scenarios. Having said that, it should come as no surprise that a vulnerable third party that your organization deals with can weaken your supply chain as well. Although controlling a third party’s cybersecurity can be challenging, it…
Defense Strategies to Combat Insider Threats
Insider threats are among the most dangerous cyberthreats out there. Yet, organizations of all sizes seem to be either reluctant or negligent when it comes to fighting them. Over 50 percent of organizations don’t have an Insider Risk Response Plan and 40 percent don’t assess how effectively their technologies mitigate insider threats.1 Even though 59 percent of IT security leaders expect insider risks to increase in the next two years, very little…
Over the last few years, we have seen several tech companies, such as Buffer, Todoist and Help Scout, to name a few, switch to a fully remote or partial work setup. Most of these companies spent months preparing for the switch by training their employees, setting up remote work policies and ensuring the necessary infrastructure was in place to deal with cybersecurity threats. However, many companies were forced to make the switch…
Have You Seen These Parental Control Options?
Are your kids safe online? The Internet is a DANGEROUS place – so if you have children or teens, you’ve probably thought about their safety online more than once. Not taking action can lead to all kinds of TROUBLE down the road, so here’s what to do… Recently, Wired published a how-to article on parental controls for the big three…Google, Apple, and Microsoft. Chances are you and your family use at least…
Cyber Security Resolutions for SMBs
Small and mid-sized businesses still struggle to implement network security solutions. SMBs continue to identify budget constraints as the main barrier when it comes to IT security. This limitation in resources highlights another glaring statistic; 52% SMBs surveyed did not have a dedicated IT security professional on staff or distribute this responsibility across other roles. Distributing network security functionality across several roles can seem like an effective way to manage the time…
The Road to Hell is Paved with Bad Passwords
What’s the worst that could happen? The day started like any other, nothing out of the ordinary. Peacefully about to chomp down on lunch. An imposing man in an expensive looking suit was sent to summon me. Usually this happens if there’s been an accident or death in the family. With the first bite of food still in my mouth, I fumbled when asking, “Was there an accident?” His response, “I wasn’t…