Sage Advice - Cybersecurity Blog

The Risks and Rewards of Cloud Services

Cloud computing has gained popularity over the past few years, and organizations large and small are utilizing a variety of cloud services to support their business needs.

Read More

Topics: Vendor Management, Cloud Security

The Danger of Stolen Usernames and Passwords: Credential Stuffing

The popular tax preparation software TurboTax recently announced that an unauthorized party had accessed an undisclosed number of its clients’ accounts. But it wasn’t because they had suffered a data breach. Instead they were victims of a credential stuffing attack – a cyberattack that continues to gain popularity. 

Read More

Topics: Cyber Defense, Privacy, Cybersecurity Awareness

Developing a Cyber Threat Intelligence Program

With cyber-attacks increasing, the likelihood that many organizations are experiencing the same attack is also increasing.  When such an incident occurs, the intelligence gathered – including what happened, how it was dealt with, and lessons that were learned – can teach your organization what to do in the same situation.  In today’s dynamic threat environment, it’s impossible to single-handedly keep on top of everything.  Implementing a threat intelligence program can help you better protect your organization.

Read More

Topics: Security Policy, Threat Intelligence, Information Sharing

Why Your Personal Data is Valuable – and How to Protect It

Looking back at recent data breaches, it’s interesting to note that the largest breaches didn’t involve stolen credit card or social security numbers. Instead a myriad of personal information is being stolen in massive quantities. Why this shift? It’s just more valuable!

Read More

Topics: Threat Intelligence, Risk Management, Privacy

Formjacking is on the Rise – A Look at the Top Cyber Threats

Cybercriminals are driven by opportunity and go where the money is. As soon as the good guys figure out how to stop them, they’ve already figured out their next move. So, it’s no wonder that the cyber threat environment is constantly changing, and exploits continue to evolve and shift.

Read More

Topics: Malware, Risk Management

Why is Data Classification Important for Information Security?

Data classification is as fundamental a part of securing your organization's information as knowing what data you have and who can access it. It's the process of identifying and assigning pre-determined levels of sensitivity to different types of information. If your organization doesn’t properly classify your data, then you cannot properly protect your data.

Read More

Topics: Security Policy, Risk Management

Email Security – What Does the Future Hold?

Email completely changed the way we communicate and the way we do business. While it makes us more efficient, it comes with a cost. And that is the risk of a data breach. There are a myriad of studies that reach the same conclusion year after year. The majority of cyberattacks begin when someone clicks on a link in a phishing email.

Read More

Topics: Social Engineering, Risk Management

Why Email is a Cybersecurity Risk and How to Protect Yourself

Many successful cyberattacks start with someone clicking a link in an email. According to Verizon’s latest Data Breach Investigations Report, phishing and pretexting represented 93% of all social breaches they studied. And email was the most common attack vector (96%). But it’s impossible to imagine doing your job without email, so what can you do to mitigate some of the risk?   

Read More

Topics: Malware, Risk Management

Automation, Algorithms and AI — Oh My

Futurist, author, and consultant Mike Walsh spends 300-some-odd days a year traveling the globe researching technology trends, keynoting industry events, and guiding organizational leaders through the complexities of digital disruption. Appropriately, then, his 2018 CyberCrime Symposium presentation took attendees on a whirlwind tour of the transformative forces they’ll manage if they want to thrive in an increasingly AI-driven world. As he told the info-sec and privacy officers in attendance, the goalposts that marked 2020 as AI’s future zone have been pushed back a decade or so, but he warned them not to get complacent.

Read More

Topics: CyberCrime Symposium, IoT, Privacy

Face It: Cameras are Everywhere

Christopher Pierson thinks facial recognition, as both a topic and a biometric, is “super cool,” and that enthusiasm energized his 2018 CyberCrime Symposium session, “The Privacy and Security Implications of Facial Recognition.” But because he’s worn so many professional hats — from inventor, CISO, CPO, and general counsel, to member of DHS’s Data Privacy and Integrity Advisory Committee and its Cybersecurity Subcommittee — he could exult in facial scanning technology’s cool factor while laying out some of the growing legal, ethical, and privacy concerns surrounding it. 

Read More

Topics: CyberCrime Symposium, Privacy