Category: Best Practices Weekly Summaries

Responding to a Cyber Security Incident

What is a Cyber Security Incident? A Cyber Security Incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. Events happen all the time in a network. It is the adverse events, ones that violate the policies and standards that is created to protect a […]

Romance Scams: True Deception

On February 12, 2019, The Federal Trade Commission (FTC) release an article warning of the dangers of the Romance Scams.  In a Romance Scam, cyber criminals gain the confidence/trust of their victim and trick them into sending money. Data collected from the members of the Consumer Sentinel Network show a reported 21,000 incidences in 2018, […]

Domain Name System(DNS)

DNS allows a user to type a Uniform Resource Locator (URL) into the browser which sends the user the requested website. In the background, DNS servers are communicating with each other to resolve that URL into an Internet Protocol Address (IP). Sounds good, but what could go wrong? Attack on DNS Malicious actors use a […]

Email: Don’t Pass Go!

Businesses are highly affected by email scams. One scam reaching critical level is the W-2 scam.  The scam is aimed toward the HR department of an organization using sophisticated phishing technique and pretexting via email.  Attackers can gain access to company information, specifically an employee’s W-2 and file taxes in their name. The money will […]

Access Control Models

Background – Considered one of the most crucial assets in a company, access control systems hold significant value. The term ‘access control’ refers to “the control of access to system resources after a user’s account credentials and identity have been authenticated and access to the system has been granted.” Access control is used to identify […]

Password Manager

Background – Today, there are still people who use the same passwords across their online accounts. Often times, passwords are only changed when they are forgotten. Identity theft is a result of these poor password practices. Considered one of the top safety practices recommended by security experts, the password manager is a tool that should […]

Data Breaches – What You Can Do

Background – A security incident where information is accessed without authorization is also known as a data breach. Data breaches are a costly expense that can hurt consumers and businesses in many different ways. “Globally, the average total cost to a company of a data breach is $3.86 million”, according to a study by the […]

SIM Card Identity Theft

Background- What is a SIM card identity theft? Basically, it is the stealing of your mobile identity. This fairly new way of identity theft/fraud is appearing everywhere. The list of attacks to watch out for in the cyber-security world is becoming more prominent and this subject deserves a spot near the top. The SIM swap […]

Incident Response Plan

Background- Cyber-attacks are becoming a more serious issue by the year. Today, there is no arguing with the facts: attacks are more frequent, sophisticated, widespread, and costly than ever. In 2015, cyber-attacks cost companies about $3 trillion according to “DarkReading”. By 2021, the number is expected to double, this means more emphasis on cyber security […]

Biometrics Authentication (3FA)

Background- Sometimes two-factor authentication is not enough. By using “something you know” – username and password, along with “something you have” – hardware token, SMS, software token; you have implemented two-factor authentication. To take it to the next level you can add “something you are” or biological traits such as, – fingerprint, iris, facial traits, […]