Cybersecurity Sense

Often in the information security industry, professionals can be accused of spreading fear, uncertainty, and doubt with cybersecurity concerns. However, considering the implications of integrity attacks, it is essential to pay close attention to them. As more organizations move to cloud storage, user authentication compromises are increasing. If an organization has sensitive information that can be accessed from anywhere online by simply using a username and password, that information is at risk, and organizations should make an effort to make their networks more secure.   In this podcast, LBMC Information Security’s Jason Riddle and Mark Fulford discuss the growing concerns with data integrity and how to avoid being a victim of attacks.   Listen, and discover these key takeaways: Feedback heard from the cybersecurity field The need for two-factor or multi-factor authentication The ability for integrity attacks to impact financial markets How integrity attacks could be more effective than availability attack

As operational technology (OT) networks are used with specialized Industrial Control Systems (ICS) to monitor and control physical processes such as assembly lines, mixing tanks, and blast furnaces, these networks have become ripe targets for adversaries. The lack of basic protections like antivirus can enable attackers to quietly perform reconnaissance before sabotaging these physical processes and compromising industrial devices. Once attackers have compromised an OT network, it is easier for them to learn how the equipment is configured and eventually manipulate it.   In this podcast, LBMC Information Security’s Bill Dean discusses how the manufacturing and industrial sectors are prime targets for cyber-attackers.     Listen, and discover these key takeaways:   Reasons we don’t often hear about industrial and manufacturing network breaches Reasons for industrial and manufacturing attacks and what attackers are looking for Reasons industrial and manufacturing sectors should be concerned How NIST’s Cybersec

Though not in the recent limelight, it’s no secret that espionage from nation states is happening once again. With sophisticated attacks on InfoSec supply chain companies in 2012, 2013—and as recently as the past few months—many people are left wondering who would target these specific companies? In the end, we know that despite agreements between countries, we have valuable intel within the United States that these attackers are seeking.   In this podcast, LBMC Information Security’s Bill Dean offers valuable insight on attackers who focus on the InfoSec supply chain.   Listen, and discover these key takeaways:   Information about some of the most popular InfoSec supply chain attacks Potential InfoSec supply chain attackers and what information they are looking for Possible reasons supply chain attacks may become popular again

For the past 20 years, Kaspersky Lab has provided deep threat intelligence and security expertise for businesses, critical infrastructure, governments, and consumers around the globe. More than 400 million users benefit from protection services provided by Kaspersky, in addition to approximately 270,000 corporate clients. Recently, Kaspersky has found itself under question from the U.S. Government regarding accusations that the company is hiding backdoors into its software to help Russia spy on high-profile users. In fact, the U.S. Government removed Kaspersky from its approved vendor list, citing spying concerns as the reason.  In this podcast, LBMC Information Security’s Bill Dean discusses Kaspersky’s current battle with the U.S Government, offering several helpful takeaways for cybersecurity professionals.

When an organization experiences a data breach, one would hope that a quick recovery is ideal, right? But, did you know that there are instances when a quick breach recovery can hurt an organization? For one healthcare facility, this was the case, as it fell prey to a ransomware attack. While the organization was able to quickly recover operations, it recovered so quickly that it failed to preserve needed evidence for proper forensic analysis. So, what did this organization do as a result? In this podcast, LBMC Information Security’s Bill Dean explains how quick breach recovery hurt this organization and the steps that can be taken to avoid it happening for your own organization.

Sadly, email data breaches continue to be an increasing problem for businesses and organizations who retain large amounts of sensitive client and customer data. In fact, more than 700 million email accounts and millions of associated passwords were recently leaked in the biggest spambot dump ever. Breaches of this scale and impact have happened to Dropbox, LinkedIn, and Adobe in the past few years. So, what is the risk to your organization? In this podcast, LBMC Information Security’s Bill Dean discusses the numerous ways these data breaches are also a risk to your organization. Take a listen, and discover these key takeaways: Information about one of the largest email data breaches that just hit the Internet Potential risks to your organization Obvious personal risks that you should address for yourself, your family, and your friends

Remote access to networks has become commonplace in today’s IT environments, as this access is mainly used for IT support, power users, and developers. While this capability can be provided in a safe and secure manner, it can also be deployed in a manner that leaves the organization at great risk. When Remote Desktop is enabled, attackers can brute force administrator credentials, because you can’t lock out the administrator account due to excessive failed logins. With this access, an organization’s entire network could be at risk of compromise and data theft. In this podcast, LBMC Information Security’s Bill Dean discusses the direct risks associated with remote access to Windows servers. Here’s what is covered within the podcast: Security risks involved with remote access to networks Recent statistics associated with Remote Desktop attacks LBMC Information Security’s experience with remote access attacks Ways to protect your organization from remote access attacks  

Especially for healthcare IT systems, cyber attacks can lead to the exposure of patient data, service disruptions, time-consuming recovery processes, and high costs in the form of paying a ransom or spending money on new servers, security systems, or consultants. However, that is only when an organization is aware of the breach. Some network breaches can go on for months or even years before an organization learns about it, and these can even be organizations that take information security very seriously with compliance requirements, appropriate budgets, and talented security personnel. The time elapsed between the initial breach of a network by an attacker and the discovery of that breach by the victim “dwell time” or the “breach detection gap.” In this podcast, LBMC Information Security’s Bill Dean discusses attacker dwell time and some methods that can be implemented to address it.  Listen in, and learn about these key takeaways: Advanced attacks will often circumvent traditional static protections. This

It’s true—insider threat events are typically much less frequent than external attacks. However, insider threats often pose a much higher severity of risk for organizations when they do happen. As insiders are given access to sensitive information for work purposes, there’s a great potential for them to do a tremendous amount of damage to a business if they accidentally break policy or choose to steal. Even more, it has been reported that nearly a third of all organizations still have no capability to prevent or deter an insider incident or attack.   In this podcast, LBMC Information Security’s Bill Dean addresses insider threats, while offering suggestions on how to combat them with digital forensics.   Here’s what is covered in the podcast:   Limiting the access to sensitive information to a “need to know” basis Understanding the value of digital forensics and knowing when to use it Being cautious about handling the analysis internally due to expertise

Since January of 2015, all 50 of the United States have reported an increase in business email compromise (BEC) attacks—a 1,300 percent increase, to be exact. Even worse, organizations have reported a loss of nearly one billion dollars. With everyone now being a potential target, it’s been noted that reconnaissance, social media, and social engineering has played a crucial role, as cyber thieves monitor and learn an organization’s “system.”   In this podcast, LBMC Information Security’s Bill Dean addresses BEC attacks and offers a few solutions for how to combat business email attackers.   Listen in and you’ll learn about:   BEC in the news (modern-day Nigerian money scams) Defining BEC The impact of BEC A brief overview of BEC Protections against BEC

SIEM, or security information & event management, is becoming a fairly common security control these days. It focuses on aggregation and analysis of log data. For this podcast we will assume you have a basic understanding of SIEM and how it’s commonly deployed. If you don’t have that base-level of understanding, you might want to check out one of our other podcasts that focuses on SIEM fundamentals.   We’re going to focus on 3 key value points that any SIEM implementation should provide. The reason for breaking these down for you is that we see far too many organizations that aren’t realizing the full value of their SIEM. 1- Worst Case Scenario Protection 2- Audit & Reporting 3- Research & Troubleshooting   No matter if you are using a managed service provider for SIEM or running your own platform in-house, you need to make sure you are getting at least these 3 key value points from the solution. The ability to articulate this value to your operational and leadership teams is going to go a long wa

Are you prepared for a ransomware attack? Bill Dean, Senior Manager, LBMC Information Security, discusses a low-cost approach method to determine how well you will respond to computer cybersecurity incidents, similar to those that you are reading about in the news, by performing incident response tabletop exercises.