Jan 20, 2022 7:30:32 AM

Top 4 Cybersecurity Skills You Need on Your IT Team

Globally, we are experiencing the highest shortage in cybersecurity professionals ever. This is an issue that has effects well outside of the IT shop with many organizations citing lack of technology professionals as an impediment to business growth[1]. While universities, associations, and other educational entities are working diligently to turnout technology professionals to fill these needs, we know that having the right skills in your IT shop is key to executing on cybersecurity strategy and safeguarding your organization. We’ve rounded up four of the most important cybersecurity skills to have on your IT team:

Topics: IT administration, cybersecurity, information security

Nov 17, 2021 8:16:00 AM

Top 5 Tips for Secure Holiday Shopping

The holiday season is once again upon us. While there has been much discussion of supply shortages, shipping delays, and inflation, we are here to keep cybersecurity top of mind as you seek out the perfect presents for your loved ones this season. According to the FBI, thousands of Americans fall victim to holiday scams every year, robbing individuals of money and personal information. The Internet Crime Complaint Center (IC3) reported almost $129,000 in credit card fraud losses and approximately $265,000 in non-payment/non-delivery losses in 2020. The following tips will help you stay safe while checking off all the gifts on your list:  

Topics: cybersecurity, Vulnerabilities

Nov 11, 2021 7:00:00 AM

CMMC 2.0 - Major Changes for Contractors

Earlier this week, the Department of Defense and CMMC Accreditation Body released proposed changes to the CMMC implementation following a six-month review aimed at clarifying the standard, lowering the financial burden of compliance, and improving the program’s scalability. The overarching theme of the proposed changes is simplification. So, what’s new?  

Topics: cybersecurity, Vulnerabilities, CMMC

Oct 27, 2021 7:00:00 AM

Prioritizing Cybersecurity in a Hybrid Workplace

In this day and age, employees are more connected than ever. The hybrid workplace is here to stay, and for employees, this means relying on connected devices from their home office setups. According to recent data, smart home systems are set to rise to a market value of $157 billion by 2023, and the number of installed connected devices in the home is expected to rise by a staggering 70% by 2025. In this new normal where smart devices and consequently online safety are a must, here are some tips for securing those devices.  

Topics: cybersecurity, cybersecurity awareness month, Vulnerabilities, remote workforce

Oct 21, 2021 8:20:00 AM

#CyberCareerWeek: HORNE Cyber's Women in Tech

In honor of Cyber Career Awareness Week, HORNE Cyber is proud to introduce a few of our women in tech. Our team shares advice and encouragement for those aspiring to join the cyber field. In this blog, our team discusses why they went into cybersecurity, what they enjoy most about their job, who inspires them in this field, and provide advice for young women interested in pursuing a career in cybersecurity.

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Oct 20, 2021 10:40:00 AM

Why You Should Consider a Cyber Career

Cybersecurity is a rapidly developing field with new threats and challenges appearing every day. To stay ahead of active threats, both business and education sectors are putting forth a concerted effort to recruit individuals toward a degree and career in cyber.   Interested in joining this exciting new workforce? Here are four reasons why pursuing a degree and career in cyber could be right for you.  

Topics: cybersecurity, cybersecurity awareness month, Vulnerabilities, remote workforce

Oct 15, 2021 8:13:46 AM

Fight the Phish with Brad Pierce | HORNE Cyber

This week, we sat down with our Director of Security Operations, Brad Pierce, to get his thoughts on phishing attacks. Below we discuss best practices to fight the phish, phishing trends, why phishing is so lucrative and what to do if you have been caught in a phishing attack.

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Oct 13, 2021 7:15:55 AM

3 Fundamentals for Shoring Up Phishing Defenses

From ransomware to SolarWinds, the cybersecurity space has been as fast-paced as it has ever been over the last 12-24 months. However, for all of the emerging threats and news that are cropping up on the horizon, phishing -- one of the oldest pain points in cybersecurity -- is continuing to quietly wreak havoc and is as big of a threat as it has ever been.    Phishing has been a mainstay in the cybersecurity threat landscape for decades. In fact, 43 percent of cyberattacks in 2020 featured phishing or pre-texting, while 74 percent of US organizations experienced a successful phishing attack last year alone. That means that phishing is one of the most dangerous “action varieties” to an organization’s cybersecurity health. As a result, the need for proper anti-phishing hygiene, a culture of awareness, and best practices is an absolute must.    With that in mind, here are a few quick best practices and tips for dealing with phishing threats:  

Topics: cybersecurity, password security, securing your data, Vulnerabilities, Phishing

Oct 7, 2021 7:00:00 AM

Cyber Basics with Mike Skinner

This week, we sat down with our managing partner, Mike Skinner, to get his opinion on basic cyber hygiene when it comes to protecting yourself while on the internet. Below we discuss password best practices, most commonly seen mistakes, the importance of VPN, and why MFA matters.

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Oct 6, 2021 7:30:00 AM

Get Familiar with the Cyber Basics

At a time when we are more connected than ever, being “cyber smart” is of the utmost importance. This year has already seen more than a fair share of attacks and breaches, including the SolarWinds and Kaseya breaches as well as high-profile attacks on the Colonial Pipeline and other critical infrastructure. Furthermore, as has been underlined by these recent breaches, cyberattacks are becoming more sophisticated with increasingly evolved bad actors. Luckily, there are several steps that we can take on a daily basis to mitigate risks. Here are a few quick tips:

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Sep 16, 2021 12:15:00 PM

How Do You Manage Ransomware Risk?

Ransomware has become an all-too-common occurrence in today's digital world. With threat actors constantly evolving their tactics and developing new threats, protecting your organization against ransomware attacks can be difficult. However, following these 5 best practices can minimize your risk:

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Sep 9, 2021 9:29:26 AM

What to Know About Cybersecurity For Your Home & Family

Internet is an integral aspect of modern life. One that has brought us many conveniences and transformed businesses and human connection. However, this world of connection has brought many challenges and risks to our doorstep. Over the last year and a half, we have seen our homes become centers not only for leisure online activities such as social media, personal banking, gaming, and TV streaming, but also virtual schools and offices. Below, we share a few of our go-to best practices for upping your family’s cybersecurity awareness and protection.  

Topics: cybersecurity, password security, securing your data, Vulnerabilities

Jul 28, 2021 7:30:00 AM

Web Application Security 101

  What is a Web Application Pen Test? In today's interconnected business world, web applications (web apps) are indispensable. Whether they are a client portal or online shopping site, attackers can compromise web apps, impair business function, and steal sensitive data if they are not adequately tested and secured by your organization. Fortunately, these vulnerabilities can be mitigated through proper cyber hygiene and integrating penetration testing into the web app development lifecycle.   

Topics: data security, cybersecurity, Vulnerabilities

May 13, 2021 8:37:01 AM

Is Your Google Chrome Browser Up-to-Date?

Late last week, Google announced an urgent Google Chrome browser update (78.0.3904.87) for Windows, Mac, and Linux platforms. The update includes security fixes for two identified vulnerabilities within the current Chrome browser. Very little information about the two vulnerabilities has been released at this time; however, Google noted that one of the exploits is actively being exploited “in the wild”.

Topics: cybersecurity

Jan 1, 2021 4:21:00 PM

Don't Let Cyber Risk Derail Your M&A Deal

Headlines around hacking and data breaches have become a regular occurrence over the last few years. When a business loses the trust of its customers, it can be nearly impossible to win it back. Cybersecurity, or the lack thereof, can famously destroy existing companies, but could it also be killing future business deals?

Topics: risk management, cybersecurity

Jan 1, 2021 9:54:00 AM

Providing Peace of Mind Around Your Law Firm's Data Security

Have you ever wondered why Amazon Web Services (AWS) is so focused on security? When you visit their compliance page, they have nearly every privacy and security badge available, noted with the global standards highlighted below:

Topics: cybersecurity, SOC 1 Audit, securing your data, SOC for Cybersecurity, Cyber Assurance Insights, Cyber SOC, Compliance

Dec 10, 2019 6:30:00 AM

Cyber 2020: The Year of Situational Awareness

Situational Awareness: words that were ingrained in my psyche during my years in the military. The phrase is simply defined as, “the perception of environmental elements and events with respect to time or space, the comprehension of their meaning, and the projection of their future status.” By gaining situational awareness, IT teams can begin to form an idea of how an environment should be securely maintained and how it will likely evolve in the near future. Additionally, enhanced situational awareness will likely allow organizations to see a more logical approach to anticipating the future trends in cybersecurity as a whole.

Topics: cybersecurity, ransomware

Mar 6, 2018 10:30:00 AM

Choosing the Right Security Option for Your Organization

Cybersecurity in layers has been the go-to security model for some time now. There’s no one solution that will properly secure your organization’s network and sensitive information. In today’s environment, it takes an orchestra of teams, tools, and active threat detection and prevention operations to properly secure your organization from an attacker. It has become very clear that traditional layers, such as anti-virus, firewalls and monitoring tools, are just not enough.

Topics: Penetration Testing, cybersecurity, advanced penetration testing, Security Budget, Executive Insights, Good Enough Cybersecurity

May 11, 2017 10:00:00 AM

Breaking Bank: Episode 1

I don’t know about you, but I’ve read a lot of content-filled, factually intense cybersecurity articles over the past few months. I’ve read so many that I begin hearing similar concepts without actually understanding how it impacts my clients specifically. For this reason, today I don’t want to spout off a bunch of information (as accurate as it may be) and tell you to go make sense of it, I would instead like to tell you a story. So sit back, relax, and enjoy the movie (cue Disney Castle scene)…

Topics: cybersecurity, Cyber Assurance Insights

Mar 23, 2017 10:03:00 AM

Cyber Security for the Road Warrior

In my previous columns, I’ve been describing the benefits of having offense-oriented testing performed on your company’s network. This time around, I want to give some advice for the road warriors among you.

Topics: cybersecurity

Dec 8, 2016 10:00:00 AM

What Should You Learn From Your Penetration Test?

Having a true advanced penetration test performed on your organization’s infrastructure is one of the fastest ways to gain valuable insight on the state of your security posture. It provides quick situational awareness around where your weaknesses are and *should* provide you with a roadmap on how to approach remediation.

Topics: cybersecurity

Nov 22, 2016 10:00:00 AM

FFIEC Cybersecurity Assessment Tool Frequently Asked Questions

This past month the FFIEC issued a statement to provide clarification on several questions the FFIEC recieved for the Cybersecurity Assessment Tool (CAT). Since the release of the CAT and with the statement issued last month, I have recieved numerous questions from clients that I wanted to share with you to provide you insight on its value and use to your management team. So, here are our FAQs:

Topics: cybersecurity

Sep 28, 2016 10:00:00 AM

Strengthening Your Cyber Resilience: Six Questions to Ask Yourself

As a former network administrator and IT Manager, I’ve spent most of my IT career defending networks from the bad guys along with keeping the daily IT ship afloat. Take that and add a couple projects and helpdesk tickets and you’ve got yourself a never ending to-do list. It’s not an easy job to say the least, and sometimes you can’t help but wonder if you and your team have the all bases covered on the security front.

Topics: cybersecurity

Sep 14, 2016 10:00:00 AM

Size Doesn’t Matter to Cyber Criminals: 5 Tips for Securing Small to Mid-Sized Organizations

Data or access to another organization’s data is what makes a target attractive, not the size of the organization. We hear it over and over – “why would a hacker target me? I don’t have any valuable data, plus my organization is small compared to X, Y, Z.” We are seeing more and more smaller organizations being attacked for a few reasons:

Topics: cybersecurity

Aug 23, 2016 10:30:00 AM

5 Cybersecurity Strategy Mistakes You Can’t Afford to Make

Read through your Twitter feed or turn on the news on any given day and one thing is evident: cyber attacks are happening in every industry and organization size. It is obvious that these attacks are increasing in number and sophistication, and we’re confident in stating that this trend will continue.

Topics: cybersecurity