Our team recently attended a very informative presentation by Miles Walker and Kaseya. I came away with seven cybersecurity threats and four important defense measures that companies should be implementing.
Kaseya completed a cybersecurity report at the end of 2023 and discovered that phishing Attacks are still the number one way, hackers are using to breach businesses. 90% of all hacks start with some kind of phishing email. According to the Annual Data Breach Report In 2023 data breaches increased by 78% and affected of 353 million individuals. Now we are seeing small to medium businesses being the main targets of attacks because they are easier to target and Zero Day Attacks are increasing.
Several Factors have contributed to Zero Day attacks being on the rise including; evolving cybercriminal tactics, overworked IT Teams, Modern Software Practices, and using temporary fixes instead of solving underlying problems. We wanted to highlight 7 Cyber trends to be aware this year.
Schools are being hacked in order to gather information to use in other systems and find information they can sell to other hackers. It affects the school’s ability to access student records, email and phone and use computers on site.
Hackers will piggy back off other breaches and email victims direct asking for ransom. This happened when MediaWorks was breached and eventually their data was released on the dark web. You could be doing everything right but one of you partners might not be. More and more companies are doing their due diligence before signing with a vendor to make sure they have certain cybersecurity frame works in place.
AI is now everywhere it is important to be aware of its uses for cybercrimes- Deep fakes, Chat bots and Chat GPT are being used to craft phishing emails, spread misinformation, help less experienced hackers and create new malware. Some defensive measures we recommend is running a dark web scan regularly, Combine and EDR and a SOC- why are you not letting an expert manage your cybersecurity that is what you get when using s SOC, use a layered email security and conduct regular Security Awareness Training. Your team is not going to be able to become experts at identifying phishing emails if they are not being allowed to fail by training in a secure environment with their IT team first.
NIST uses a detailed framework to:
This Framework allows for workflow automation that leads to less downtime working through vulnerabilities. Having a NIST Framework combined with, Dark web scans, layered security implementing a SOC and EDR and having regular training. This will help protect not just your business but other vendors you work with and your clients and employees. The biggest take-away from the event for us setting a baseline is important to see how you can improve your cyber posture, being able to run scans on the dark web can alert you right away if any data has been leaked on the dark web and may be accessible to a bad actor, running a SOC and EDR gives company a no brainer way to protect their business, it is still important to have a multi-layer email protection even with phishing training.
If you need help starting your cyber journey let us know and we can walk you through your first steps. Call us today at 905-432-7751 If you are in the Durham area, 416-900-6047 if you are located in Toronto and 613-480-0652 If you are located in Eastern Ontario.