We've all become familiar with QR codes — those square bar codes that seem to be everywhere. You scan them with your phone camera and they take you directly to a website. QR codes are an incredibly convenient way to access information, but scammers are clever and already use them as part of their scam arsenal. Fortunately, everyone can protect themselves from QR scams by learning how they work and remaining vigilant.
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Protection, risk
You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.
What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?
Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering
If you were going to test the fault-points of a building, you wouldn’t hire the architect, you’d hire a demolitions expert. Similarly, you don’t want the designer of your network testing its security. If the team that configures your network does so incorrectly, they are most likely unaware. The creator of the environment has an inherent bias based on the angle from which they view it. They are blind to vulnerabilities, not necessarily because they are under-qualified, but because they are too close to the project. A security team has a “black box perspective”, which means they have the same outside view of the system that an attacker would. This outsider point of view is just one of the advantages a security expert has over an internal IT team. They also have the training, experience, time, and resources that would be impossible to lump in with a standard IT program.
Topics: Cybersecurity, Network Security, Information Security, Data Security, Data Ownership, Incident Response, cybersecurity plan
Improving communication within an organization has been proven to increase productivity; that’s easy to see. A study by SalesForce found that more than 80% of employees and executives believe weak communication is the main cause of workplace failures. What might those workplace failures look like? Missing a deadline or offending a client are bad outcomes, but we also need to prepare against exposure of sensitive or personal information.
In this series, ProCircular’s team of information security specialists break down the top cybersecurity risks for small and medium-sized businesses in 2023. How do SMBs prepare for cybersecurity threats and prevent security incidents? Trevor Burke lays out the best ways to get leadership’s support behind security investments.
Topics: Cybersecurity, Information Security, Data Security, Security Awareness Training, vCISO
Any time we log in to socials, we should be cognizant of the information we're willing to reveal and how for-profit actors could use that personal data. Sharing our time, tastes, and feedback with online communities is what draws us to the apps, but it’s easy to “overspend” your seemingly limitless personal data in exchange for entertainment. The TikTok application is unlike its contemporaries because its information-gathering technology is steps ahead and much more powerful. That information is primarily used to tailor the user’s feed and promote engagement with targeted advertisements.
Topics: Cybersecurity, Data Security, risk, Social Media