One of my favorite parts about creating this newsletter is picking a theme and seeing what AI will design as an appropriate image – who knew you could combine CyberSecurity and Thanksgiving!
Sidechain Security wishes a very Happy Thanksgiving to all our customers – enjoy the time with your families.
Quick Take
We’re in the lead up to Black Friday and arguably the largest shopping day of the year, Cyber Monday! If you’re like me, you have your list ready and you’re waiting to pounce the instant you see the price drop (if you’re interested, my big ticket item this year is a fancy Breville espresso machine, no more daily trips to Starbucks for me!). However, online shopping isn’t just a convenience for us, it’s great for businesses and it’s even better for scammers and cyber criminals. This article is an easy reminder of some basic steps you can take to keep yourself and your money safe. Take a look here and shop with care this buying season!
If you’re a small business, you probably have an array of tools to serve customers and manage your operations. However different technologies come with different types of risk and require different protection strategies. Here are some quick wins when it comes to security awareness training content for both large and small businesses.
Quiz
In our day to day business we all interact with external vendors, these are necessary transactions yet can also be a source of data breaches and require the same level of care we treat other organizational relationships. Your vendors can also play a part in keeping your organization safe – take this quiz to see what changes you might need to implement!
The first five people to send their correct answers to us here, will receive Sidechain swag!
1. Requiring vendors to use multi-factor authentication to access your network makes users take an additional step beyond logging in with a password. True or False?
What steps should you take when selecting vendors who will have access to your sensitive information? Pick the best answer.
Include provisions for security in your vendor contracts, like a plan to evaluate and update security controls
Only do business with well-known vendors
Ensure that your vendors understand your compliance rules
Confirm that the vendor understands the importance of Cybersecurity
Properly configured strong encryption – recommended for any devices that connect remotely to your network – can help you detect cyber attacks in your system. True or False?
What should you do if a vendor has a breach that impacts your business data? Pick the best answer.
Change all network passwords
Turn off all your computers and devices
Make sure the vendor fixes the vulnerabilities and ensures that your information will be safe going forward
Disable Multi-Factor Authentication systems
Anyone with access to your business network should be required to use a strong password. How long should a strong password be?
Passwords should be at least 8 characters with a mix of numbers, symbols, and both, capital and lowercase letters
Passwords should be at least 5 characters with a mix of numbers, symbols, and both, capital and lowercase letters
Passwords should be at least 12 characters with a mix of numbers, symbols, and both, capital and lowercase letters
Passwords should be at least 10 characters with a mix of numbers, symbols, and both, capital and lowercase letters
Keep scrolling to see if you got it right!
Industry Trends and News
Apple has fixed two zero-day vulnerabilities used in attacks on Intel-based Macs. A zero-day attack refers to a security vulnerability in software that is completely unknown to the software vendor (in this case, Apple), meaning they have “zero days” to fix it before malicious actors can employ its. Essentially it’s a critical flaw that attackers can use before a patch is available because the company hasn’t even discovered the problem yet! These particular flaws allowed attackers to achieve remote code execution through maliciously crafted web content. Read more here. The good news is even though they have fixed 6 zero-days so far this year, they had 20 last year!
Q3 in 2024 saw significant developments in ransomware extortion tactics with an evolving lineup of info stealers and a surge in VPN-related exploit attempts. We’re seeing a shift in strategies for ransomware groups with RansomHub surpassing LockBuit as the leading insoleware operator. These emerging trends emphasize a need for pro-active defense strategies to combat the growing reach of cyber threats. Download the full Q3 report here.
If you are concerned that your organization is at risk, contact Sidechain Security to discuss.
Data Encryption Decoded
Data Security
Thales, the leading global technology and security provider and Sidechain partner, announced on November 19th, the availability of CipherTrust Transparent Encryption (CTE) through the CipherTrust Data Security Platform as-a-service. CTE is designed to provide transparent, high-performance encryption for complex environments without the need to modify applications or underlying infrastructure. If you need assistance managing this solution, contact Sidechain – we are leading experts in CTE
And following on from that…
Protect your Data Without Breaking the Bank
We know data protection is a top concern but it’s often hard to get budget dollars allocated when everything is running smoothly. Cyber security is a protection that should be put in place before an incident, while a remediation plan is important, it’s more important to never get to that stage.
Read onto discover why it might be a smart move to look into Managed Security Services Providers (MSSP’s)
Did you know?
The answers to the quiz are:
True
1.
False
3.
3.
Remember the first 5 correct responses will win Sidechain swag!
There were 2,365 cyberattacks in 2023, with 343,338,964 victims.
Business email compromises accounted for over $2.9 billion in losses in 2023
