Blog

The threat posed by overconfidence

–Jeetu Patel, Cisco

Economist Daniel Kahneman’s life’s work (he died last month at 90) was to point out how irrationally we behave, including telling the Guardian that if he had a magic wand, he’d most like to correct our overconfidence.

The Titanic’s sinking may have been due to overconfidence. Investors’ ideas on moves they should make in the stock market wind up costing them 4%. And now we have the Cisco 2024 Cybersecurity Readiness Index Report. This is a double-blind survey of over 8,000 business and cybersecurity leaders. The findings show the greatest cybersecurity weakness is a disconnect between overconfidence that their business will be able to avoid a disrupting attack and their analyzed readiness for avoiding disruption. To be exact: 73% of business leaders anticipate an attack in the next two years, but a surprising 3% were shown to be prepared for such an attack … [6 min. read]

Don’t Get Lost In The Vulnerabilities

The lockdowns found me in my garden more. One of the things I learned those couple years was that I started out intently focused on the annoyance of weeds – pulling them, pouring boiling water on them when they popped up in the cracks of my driveway, generally trying to kill them. But at some point my focus shifted and I began to see the whole yard – I especially noticed where different plants thrived or failed to. I moved things around. Happy, healthy plants – including working on achieving thicker ground covers (like that sedum pictured) – look beautiful while making the conditions less hospitable to weeds.

Vulnerabilities, which includes unpatched software and misconfigured systems, can be thought of like weeds … [6 min. read]

There is no doubt that over time, people are going to rely less and less on passwords

–Bill Gates, 2004

A 2023 study found that 64% of people surveyed are not confident they are managing their passwords well. Most discouraging in the new survey was the report that of those born after 1990 only 20% use unique and strong passwords. These stats bring also a feeling of futility: ‘so many data exposures – what does it matter?’ ‘there is no privacy anymore – whatever.’

I don’t share the opinion that we should throw in the towel, though who can’t sympathize with the sentiment? But Bryley sees time and again that, in fact, compromised passwords matter to an organization’s security. As an example of the severity of the problem, Google Cloud reported in October that 54% of breaches “are resulting from common and well-known threat actor attack techniques, such as obtaining and using stolen credentials …” [4 min. read]

Here are some notable events and stories from 2023:

A Guiding Principle

Bryley is a client of Bryley, President Garin Livingstone said in a 2023 interview. We have people at Bryley that need technical help. We also need to make sure that our computer systems are being maintained and updated. Among the benefits of adhering to this model?

• Updates and patching are as minimally disruptive as we can get them.
• New technologies are fully vetted before the tech is deployed

This principle of being one’s own client has been a standard that Bryley has observed over the course of its thirty-six years … [6 min. read]

In the past year-and-a-half Microsoft has made Windows 11 more stable and usable. And most critically, Windows 10 support – that is, providing security patches – is ending. So this means in October 2025, it will become unsafe to use devices running Windows 10.

Now is the ideal time to create a plan for migration, including performing an audit of devices: some will be able to be upgraded and some will need to be sunsetted. Also Windows 11’s compatibility with legacy software and hardware must also be assessed and addressed … [4 min. read]

When it comes to managing IT services, choosing the right provider can make or break a company’s success. With so many options available, it can be overwhelming to decide which provider is the best fit for your business. However, taking the time to identify your company’s IT needs and carefully evaluating potential service providers can ensure a successful partnership.

Identifying Your IT Needs is the first step in choosing the right IT services provider. It’s important to assess your current IT infrastructure and identify areas that need improvement or support. This includes evaluating hardware, software, security, and support needs. Once you have a clear understanding of your needs, you can begin researching potential service providers that offer the services and support that align with your business goals.

Bryley Systems is pleased to announce the promotion of Patrick Walsh from IT Field Technician to Senior IT Field Technician. In his new role, Patrick will be responsible for leading a team of techs in support of its clients’ IT environments.

Patrick has a history of success at Bryley: supporting clients – early in his time at Bryley he migrated many client devices to M365, solving tech problems and winning plaudits from those he’s worked with. During his time at Bryley he’s embraced the field tech role, showing not only technical expertise, but also peer-recognized troubleshooting skills with a determination to see that people are properly helped … [3 min. read]

United We Stand

Organizations look to IT professionals for tools and services to protect them from cyberthreats. But IT can only get them so far. Two-thirds of the way, in fact, according to the CIA (Confidentiality, Integrity, Availability) Triad. The National Institute of Standards and Technology calls the CIA Triad “the fundamental guiding principle of cybersecurity.”

End-User Responsibility

According to Gartner 69% of end-users violated their organizations’ cybersecurity practices the past year. So how do we counter this trend? Eric Sokolowski president of Bryley education partner Knowledgewave advocates a “drip-drip” method of Security Awareness Training … [4 min. read]