Sage Advice - Cybersecurity Blog

Email Security – What Does the Future Hold?

Email completely changed the way we communicate and the way we do business. While it makes us more efficient, it comes with a cost. And that is the risk of a data breach. There are myriad studies that reach the same conclusion year after year. The majority of cyberattacks begin when someone clicks on a link in a phishing email.

Read More

Topics: Risk Management, Social Engineering

Why Email is a Cybersecurity Risk and How to Protect Yourself

Many successful cyberattacks start with someone clicking a link in an email. According to Verizon’s latest Data Breach Investigations Report, phishing and pretexting represented 93% of all social breaches they studied. And email was the most common attack vector (96%). But it’s impossible to imagine doing your job without email, so what can you do to mitigate some of the risk?   

Read More

Topics: Risk Management, Malware

Easy Tools to Help You Create Cybersecurity Checklists that Work

Documenting step-by-step processes that are easy to follow, repeatable, and transferable, is a great way to create institutional knowledge. It makes your organization more cyber mature, and therefore, more resilient. Checklists are one of the methodologies that you can use to make that happen.

Read More

Topics: Cybersecurity Culture, Risk Management

Checklists to Keep Your Cybersecurity Program on Track

It’s not unusual to encounter an organization that is using practical knowledge, a.k.a. tribal knowledge, to operate. Practical knowledge is what each individual professional knows in-practice and is able to perform, but isn't really documented anywhere. It may be about how hardware is configured, how applications are designed, or in some cases, it involves information about historical decisions. The issue with tribal knowledge is that it disappears from an organization when people move on.

Read More

Topics: Cybersecurity Culture, Risk Management

How Checklists Can Improve Your Cybersecurity Program

Checklists are a great tool for keeping us on track. Surgeon Atul Gawande argues in The Checklist Manifesto: How to Get Things Right, that the simple checklist – perhaps one of the most basic organizational tools — can improve the effectiveness of teams and individuals performing complex tasks. When his team introduced a two-minute checklist to eight hospitals as part of a research study in 2008, deaths were reduced by almost half.

Read More

Topics: Risk Management, Cybersecurity Culture

Understanding the Cybersecurity Threats That Put Your Business at Risk

A crucial piece of building a cyber resilient organization is taking a risk-based approach to decision making. You need to balance risk against rewards, and manage cybersecurity risk in a way that is consistent with your organization’s objectives. Having an effective Risk Management Program can ensure your organization’s resilience.

Read More

Topics: Risk Management

Managing Vendor Cybersecurity Risk: Lessons from the Mega Breach that Started it All

Even more than five years later, the Target breach is still one of the top 10 data breaches of the 21st century. It was also a watershed moment for cybersecurity. Not only did it shine a spotlight on payment card security, it also brought to light the idea that third-party vendors are a potential cybersecurity risk that organizations need to consider.

Read More

Topics: Vendor Management, Risk Management

Why Managing Third-Party Cybersecurity Risk Matters

It has become the norm for businesses today to rely on a multitude of third-party service providers and other vendors to support core business functions. It’s also pretty common for these third-party entities to have access to a company’s data and its internal systems. This interconnectivity presents an inherent risk that must be managed. After all, you can outsource the function, but never the responsibility.

Read More

Topics: Vendor Management, Risk Management

Cybersecurity Metrics Your Board of Directors Should Care About & Why

Businesses today are going through an incredible digital transformation – moving to the cloud, embracing the Internet of Things (IoT), implementing automation, etc. – all at a lightning fast pace. This is opening them up to new and expanding cybersecurity threats that are difficult to manage.

Read More

Topics: Cybersecurity Culture, Risk Management

Cybersecurity Questions Board of Directors Should Be Asking

One of the key findings from PwC’s 2018 Global State of Information Security Survey is that when it comes to managing cybersecurity risk and building cyber resilience, senior leaders driving the business must take ownership. In fact, they found that Board confidence in security measures is actually tied to their participation in the company’s overall security strategy.

Read More

Topics: Cybersecurity Culture, Risk Management