Entries by Garin Livingstone

Why an Inspection?

Technology assessments are a smart place to start to make sure your organization’s infrastructure continues to run smoothly.

And just like there are emissions and mechanical inspections for your car, different kinds of assessments reveal different types of gaps … [4 min. read]

Email Compromise Is Insidious and Costly

1 Request, 2 Follow-up, 3 Urgent, 4 Important

These are the top Email Subject lines in Business Email Compromise attacks, the costliest cyberattacks. There were 19,369 reported incidents at a loss of $1.8 billion in 2020, the most recent published data from the FBI.

A typical Business Email Compromise attack is the result of a credential breach. With stolen email credentials a crook poses as an established vendor, and uses this trusted position to ply company data or funds from you or a colleague. … [4 min. read]

Hacked for the Holidays (ain’t no ho ho ho)

In an ongoing effort to elude this year’s frustrating shipping delays, more consumers are turning to the web for what they may see as easy answers to the holiday hassle. Vasu Jakkal VP Microsoft Security said that with “headlines about supply chain issues, worker shortages and costs rising … it’s no surprise that … at least sixty-three percent of holiday shopping will be done online.”

If Not Now, When?

“Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library ‘is one of the most serious I’ve seen in my entire career, if not the most serious.’

“‘We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,’ she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device.

“Hundreds of millions of devices are likely to be affected, said Jay Gazlay of CISA’s vulnerability management office in the [same] call” –as reported by Tim Starks, cyberscoop.com, Dec. 13, 2021

Because of how widespread this vulnerability is, affecting everyone from Microsoft to Apple to Amazon to Google (in fact it affects millions of pieces of software, it is time to make sure your business is as protected as possible. You may not hear bullets, but that doesn’t mean we not are in a war … [5 min. read]

Thunder and Botheration!

“If there’s 2FA, enable it,” said Bryley’s Garin Livingstone when asked for his baseline recommendation for everybody for computer security.

2FA or MFA (two- or multi-factor authentication) is adding a second (or more) proof of your identity before being granted access to a machine or software.

2FA may also rank among the biggest pains in the neck … [4 min. read]

Tempted by Windows 11?

Like it did six years ago for Windows 10, Microsoft is wooing end-users via ads for a free Windows 11 upgrade. Who doesn’t want to take the latest tech out for a spin? And for free?!

But as far as business continuity is concerned (business continuity is the planning and process by which organizations maintain operation, not severely disrupted by a disaster or other unwanted incident) maybe this bargain is not yet a good deal … [5 min. read]

Assessing Risk Helps Ensure Business Continuity

No construction company would undertake a building without first evaluating and then understanding how it will handle the project’s risks. But that is how a lot of Information Technology is executed. Does that make sense? Think for a moment how much of your employees’ livelihoods and the services and products your organization provides depend on networked computing. Isn’t that how you store and access your intellectual property, client information and business processes?

And do you keep building higher, putting more strain on the network? For instance does an Internet-of-Things machine need to be granted access to your network? Or does someone’s personal device need to log-into your system? … [5 min. read]