Directive Blogs

When I was a kid, there was a Tex Avery cartoon where Droopy Dog was chasing down a crook who escaped from jail. There was a particular scene where the crook (I think it was a wolf in a black-and-white striped jumpsuit) takes a bus, a plane, a ship, and a taxi to a secluded cabin, and then closes a series of increasingly complex doors with a large number of locks, in order to hide away from the pursuing cartoon basset hound. 

Of course, when he turns around, exhausted by all the effort he puts in, he realizes that Droopy is standing right behind him, and greets him with a monotone “hello.”

I haven’t seen this cartoon since I was 7 years old, but I almost always think about it when I am using multi-factor authentication. 

We discuss phishing often on this blog, and one method that often flies under the radar is smishing, or phishing that is conducted through SMS messages. Although email phishing is perhaps the most common method of conducting these scams, you should also be prepared to take on smishing, as it comes with its own share of unique challenges and dangers.

Scams are everywhere in our highly digitized world, which makes it especially important that everyone is prepared to deal with them—both personally and professionally. The publication Consumer Reports’ cover feature for its August 2023 edition is dedicated to exactly this goal: helping its readers avoid the various scams and threats out there. Let’s look at some of the advice shared in the article, and compare it to the best practices we recommend.

In 2004, a service called VirusTotal was launched and swiftly became a popular antivirus and malware scanner to help detect threats in various files and URLs. It became popular enough that it was officially acquired by Google in 2012 and ultimately assimilated into Chronicle, a cloud-based security operations suite for enterprise businesses. Despite this impressive pedigree, however, we find ourselves able to look to VirusTotal as a sobering reminder of how fickle cybersecurity can be, with the service being the source of some limited data exposure.

Amazon Prime subscribers recently received an email from the online marketplace, warning them of the prevalence of scams that took advantage of their offerings and brand recognition. Let’s go through the advice that this email shared, and compare it to the best practices we recommend for avoiding scams.

When it comes to valuable data, hackers will go out of their way to try and steal it, placing businesses in dangerous situations. In particular, healthcare data is attractive to hackers, and considering how lucrative the prospect of healthcare data is, companies need to take extra precautions to protect it. But what is it about healthcare data that makes it so attractive, anyway? Let’s dig into the consequences of potential attacks on healthcare data.

Nowadays, you can’t afford not to have some portion of your business’ budget set aside for cybersecurity. The question is, how much do you need, and what should you be spending it on first? Let’s take a few moments to dig a little deeper into this question and examine a few cybersecurity protections you should establish as your business’ baseline defenses.

The threats for businesses to get hacked or deal with data breaches of some type are more pressing now than at any other time in the digital age. It’s as if there are thousands of cat burglars on the prowl looking for a way into your business. If one of them is successful, it can bring some severe consequences for your business including financial loss, reputational damage, and even legal issues. In this week’s blog we will go through some of the actions you need to take in the case of a network breach. 

We talk a lot about phishing. What it is, what it does, and perhaps most critically, what it looks like. However, have you ever expected a phishing email to look like… nothing? As in, a completely blank message?

If you answered, “no,” that’s exactly what today’s cybercriminals are counting on.

Ransomware is one of the more dangerous threats out there for businesses of all industries and sizes. To help emphasize just how dangerous it is, however, you have to look past the initial threat of having to pay a ransom and look at the other risks associated with it. We’re here to try to get the point across that ransomware is something your business should absolutely be taking seriously.

Ransomware is such a common occurrence these days that it has entered the public discourse, but we also want to note that it’s such an important topic to discuss with your team that you can never talk about it enough. We want to address some of the most common questions we get asked about ransomware and what can be done about it.

The IoT—the Internet of Things—is a fascinating technology, as it exemplifies just how much can be accomplished when Internet connectivity is used to augment the capabilities of otherwise “dumb” devices. Unfortunately, as fascinating as it is, the IoT is also infamous for its security issues…a reputation that attackers have been perpetuating as these devices grow more common.

Of all the cybersecurity threats out there for your business to contend with, there are going to be a few of them that are just more likely to impact you than others. That’s just a statistical reality. Fortunately, these threats can be addressed, so let’s discuss how you can do so.

The Health Insurance Portability and Accountability Act is a regulation passed by the US congress in 1996 to help streamline the healthcare system while maintaining individual ePI privacy over individuals’ health records. This regulation was put in place to allow people to transfer their health coverage, but also to minimize the risk individuals take on as far as fraud and abuse of their health records is concerned. This week we’d thought we’d discuss four ways your technology can help your organization keep its HIPAA compliance. 

This is a true story, and a perfect lesson on how cybercrime and scammers use your emotions against you to get you to fall for their tricks. I think it’s also a lesson on just how helpless a victim of a scammer can become, as well as how immune the bad guys are while performing these horrible acts on people.

Password changes, multi-factor authentication, and countless changes in policy and procedure can make daily workflows more and more complicated. Cybersecurity can truly be a pain—a necessary pain, granted—but a pain nevertheless, and one that can gradually lead to burnout if you aren’t careful. Let’s go over how to mitigate the likelihood of it.

The Federal Trade Commission, or FTC, has put together a Safeguard Rule to help establish guidelines for how businesses store and interact with customer information. Enacted in 2003, this rule was recently revamped in 2021 to stay relevant with the latest technology used by businesses. Let’s look at some of the policies and procedures that your business needs to know about the FTC Safeguard Rule.

While it is important that your business implement comprehensive network protections, there are plenty of simple ways that your business’ cybersecurity could potentially fail. This could easily cost you heavily in your available capital, financial and social alike.

There is no denying that Quick Response codes—better known as QR codes—are a handy little invention. Just a few years ago, many businesses heavily adopted these contactless communication tools, allowing customers with a smartphone to access menus, documents, and more with ease. Having said that, we unfortunately can’t deny that cybercriminals are taking advantage of how handy QR codes are, too.

Your business’ computing infrastructure is a pretty resilient system. It has all types of tools added on to keep malicious code, bad actors, and even sabotage from ruining the good thing you have. This reliability has led to hackers changing the way that they go about their business. Nowadays, most of the attacks that affect businesses are phishing attacks. In today’s blog we will go through the elements of a phishing attack and how you can protect your business from them.