Search Results

Several key factors are driving the global increase in cybersecurity spending. Firstly, adopting cloud computing has increased investment in securing cloud environments, with spending on cloud security projected to rise by 24.7% in 2024. Cloud Access Security Brokers (CASB) and Cloud Workload Protection Platforms (CWPP) will be crucial in safeguarding cloud assets. The COVID-19 pandemic has accelerated the shift towards remote and hybrid work models, leading organizations to invest in endpoint detection and response (EDR) and managed detection and response (MDR) solutions to protect their distributed workforce. These technologies provide real-time threat detection and response capabilities, mitigating risks in a dynamic work environment. Cybersecurity Spending Soars in 2024 Generative AI, or GenAI, is emerging as both a tool for security teams and a weapon for threat actors. Organizations are increasing their investments in AI-powered security solutions to stay ahead of adversaries and harness the full potential of AI for defensive purposes. Privacy regulations have undergone a global overhaul, and companies are adapting to new data protection rules. Spending on data privacy is projected to grow by over 24% in 2024 as organizations strive to comply with stringent data processing rules. Modern privacy regulations are reshaping how personal data is handled, with an estimated 75% of the world's population falling under these regulations by 2025. Data privacy and cloud security are paramount concerns, with regulations like GDPR and CCPA holding organizations accountable for the data they collect and process. Spending on data privacy is surging as companies aim to protect sensitive information. Cloud security spending is also expected to rise significantly. CASBs and CWPPs play a crucial role in ensuring a secure cloud journey. Regarding segment-wise cybersecurity spending trends, application security spending is set to increase by 15.7% in 2024, reflecting the need to protect critical software from vulnerabilities and attacks. Identity access management is projected to grow by 14.8%, while infrastructure protection spending is expected to rise by 17.5%. Security services, including consulting, IT outsourcing, implementation, and hardware support, will total $90 billion in 2024. Organizations recognize the importance of investing in cybersecurity to address evolving threats, legal requirements, and technological advancements. The forecasted increase in cybersecurity spending reflects the growing significance of protecting digital assets in today's digital economy. You can read more about the breakdown on The Cyber Express publication: https://thecyberexpress.com/cybersecurity-spending-trends-2024/

I keep telling you about human error and cyber risk. Well, once again, we had a high-profile hack and ransomware event last week. The recent cyberattack on MGM sites in the U.S. has highlighted the vulnerability of businesses to human error or behavior. The attack involved voice phishing, where hackers impersonated an employee to gain access to systems and compromise the casino. This type of attack is common, with 74% of security incidents having a root cause in human error or behavior. To better protect against these attacks, businesses need to address the human risk factor. Compliance training for staff is not enough, as it is often infrequent and not targeted. Human risk management training, using data and predictive analysis, can identify employees most at risk and provide targeted training to prevent security breaches. Data points such as job titles, data access, and risky behaviors like clicking links or reusing passwords can be used to create a risk profile for employees. This allows for more prescriptive and targeted mitigation steps. A holistic measurement of human risk is necessary, taking into account business risks like account compromise and data loss. A data-driven and predictive approach is needed to protect businesses effectively. Eventually, organizations may be required to have evidence of an effective human risk management program. It is crucial for companies to acknowledge that checkbox training is insufficient and move towards a more comprehensive approach to human risk management. What Happened? MGM Resorts, a prominent hotel and entertainment company, has fallen victim to a severe cyber-attack that began with a fraudulent call to their Service Desk. The attack has caused widespread outages across their Las Vegas properties, including the MGM Grand, Bellagio, Aria, and Cosmopolitan. The internal networks, ATMs, slot machines, digital room key cards, electronic payment systems, TV services, and phone lines have all been affected. Staff are now resorting to using pen and paper to manage the large queues of guests. The attackers responsible for the breach are known as Scattered Spider or UNC3944 and claim to be a subgroup of the ALPHV ransomware group. They gained access to MGM Resorts' systems through social engineering by impersonating an employee and requesting access to their account. After initial entry, they escalated their privileges and launched a ransomware attack. The extent of the data breach and the potential consequences are still unknown. However, ALPHV has been known to post stolen files on the dark web in previous cases. The attackers have also stated that they still have access to some of MGM's infrastructure and are prepared to carry out additional attacks if their demands are not met. This incident highlights the importance of better authentication protocols to prevent initial access. Stronger verification methods could have allowed the service desk to confirm the identity of the impersonator. It is also interesting to note that the attack initially was not planned as a ransomware attack but escalated due to "revenge for bad faith negotiation." This emphasizes the need for organizations to detect and address threats during the reconnaissance phase before they escalate into more significant attacks. To prevent social engineering at the service desk, it is crucial to enforce user verification before allowing password resets or account unlocks. Solutions like Specops Secure Service Desk offer authentication methods that go beyond knowledge-based verification, requiring something the user possesses, such as a device. Implementing such measures can significantly enhance security and reduce the risk of impersonation or unauthorized access. Overall, this cyber-attack serves as a reminder of the ongoing threat landscape and the importance of robust cybersecurity measures in place to protect businesses from potential breaches.

A study by the Ponemon Institute found that organizations that conduct regular cyber vulnerability assessments are 45% less likely to experience a data breach than those that do not. It is difficult to say definitively how much risk a mid-size company can reduce by conducting a cyber vulnerability assessment. The amount of risk reduction will vary depending on a company's size and complexity, the scope of the assessment, and the effectiveness of the mitigation measures that are implemented. Organizations that conduct regular cyber vulnerability assessments are 45% less likely to experience a data breach than those that do not. The study also found that organizations that implement the top five security recommendations from the assessment are 70% less likely to experience a data breach. However, a study by the Ponemon Institute found that organizations that conduct regular cyber vulnerability assessments are 45% less likely to experience a data breach than those that do not. The study also found that organizations that implement the top five security recommendations from the assessment are 70% less likely to experience a data breach. Some of the key benefits of conducting a cyber vulnerability assessment include: Identifying and prioritizing security risks Mitigating risks through the implementation of appropriate controls Improving overall cybersecurity posture Reducing the likelihood and impact of a data breach If you are the owner or manager of a mid-size company, I would strongly recommend conducting a cyber vulnerability assessment on a regular basis. It is an essential step in protecting your organization from cyber attacks. This is why Integrated Cyber leads with Vulnerability Management services. This is the quickest way to 'plug the holes' in a company systems to 'slow down' the cyber risk a company's team is battling every day. Cybersecurity breaches are on the rise, and they're having a major impact on businesses and individuals alike. In 2021, there were over 6.2 billion records exposed in data breaches, according to the Identity Theft Resource Center. This is a significant increase from 2020, when there were 4.1 billion records exposed. The impact of a data breach can be devastating. Businesses can lose customers, suffer financial losses, and have their reputations damaged. Individuals can have their personal information stolen, which can lead to identity theft, fraud, and other financial losses. Here are 10 examples of cyber breaches that had a major impact: Marriott International: In 2018, Marriott International was hacked, exposing the personal information of over 339 million guests. Equifax: In 2017, Equifax was hacked, exposing the personal information of over 147 million people. Target: In 2013, Target was hacked, exposing the personal information of over 40 million customers. Yahoo: In 2013 and 2014, Yahoo was hacked, exposing the personal information of over 3 billion users. Heartland Payment Systems: In 2009, Heartland Payment Systems was hacked, exposing the credit card information of over 130 million customers. Sony Pictures Entertainment: In 2014, Sony Pictures Entertainment was hacked, exposing the personal information of over 50,000 employees and confidential company information. Bangladesh Bank: In 2016, the Bangladesh Bank was hacked, resulting in the theft of over $81 million. WannaCry ransomware attack: In 2017, the WannaCry ransomware attack infected over 230,000 computers in 150 countries. SolarWinds hack: In 2020, the SolarWinds hack compromised the networks of over 18,000 organizations, including the US Department of State and the Department of Homeland Security. Besides calling Integrated Cyber, here are some additional resources that you may find helpful: NIST Cybersecurity Framework: https://www.nist.gov/cyberframework CISA Risk and Vulnerability Assessments: https://www.cisa.gov/resources-tools/resources/risk-and-vulnerability-assessments Ponemon Institute Study on the Cost of Data Breaches: https://securityintelligence.com/series/2022-cost-of-a-data-breach-report/

While most companies invest in cybersecurity measures such as firewalls, antivirus software, and employee training, the human factor remains one of the weakest links in the security chain. One of the most common ways that employees inadvertently put their companies at risk is by clicking on malicious links or attachments. In this blog post, we'll explore the 20 "Stupid Things” employees click on that put their company at cyber risk. Cyber Training Clicking on Links You Should Not Companies should invest in regular employee training on cybersecurity best practices, including recognizing and avoiding these types of threats. Doing so can reduce the risk of cyber-attacks and protect your sensitive data and reputation. Learn more about how we introduce or manage your cybersecurity training. https://www.integrated-cyber.com/employee-awareness-training Suspicious email links: Employees may receive emails with links that appear to be from a trusted source but are actually malicious. Unknown email attachments: Employees may receive emails with attachments from unknown senders that can contain malware. Phishing emails: Employees may receive emails that appear to be from a trusted source but are actually designed to trick them into providing personal or sensitive information. Pop-up ads: Employees may click on pop-up ads that lead to malicious websites. Social media scams: Employees may fall for social media scams that lead them to malicious links or encourage them to share sensitive information. Fake software updates: Employees may click on fake software updates that can install malware on their computers. USB drives: Employees may insert unknown USB drives into their computers, which can contain malware. Fake job offers: Employees may fall for fake job offers that require them to provide sensitive information. Free software downloads: Employees may download free software that can contain malware. Unsecured public Wi-Fi: Employees may use unsecured public Wi-Fi networks, which can be used by hackers to intercept their data. Personal email accounts: Employees may use personal email accounts to send and receive company information, which can be hacked. Outdated software: Employees may use outdated software that can contain security vulnerabilities. Social engineering: Employees may fall for social engineering tactics such as pretexting, baiting, or quid pro quo. Clickbait headlines: Employees may click on clickbait headlines that lead them to malicious websites. Fake news stories: Employees may click on fake news stories that lead them to malicious websites. Infected websites: Employees may visit infected websites that can infect their computers with malware. Remote desktop connections: Employees may use remote desktop connections that can be hacked by cybercriminals. Personal devices: Employees may use personal devices to access company data, which can be lost or stolen. Email scams: Employees may fall for email scams that require them to wire money or provide sensitive information. Password reuse: Employees may reuse passwords across multiple accounts, which can make them vulnerable to hacking.

I hope you answered “No” to the question, otherwise, you could be in for a big surprise! Let me explain…. Companies spend far too little on protecting their sensitive data. Typically 10% of your total IT budget is allocated to digital security. That is barely enough to build and operate your defense mechanisms, and certainly not enough to implement the proper vigilance on odd behavior. Unless you keep your money under the mattress, you trust your bank to keep your cash safe, right? Of course, they no longer keep a pile of notes in a vault, and most of the transactions consist of bits and bytes. Sometimes crooks get their hands on your assets, but the banks are good at discovering this and covering any losses. That’s not too difficult, because it’s pretty obvious that something has gone missing. Back at the office, you put your valuable information (like trade secrets or tomorrow’s quarterly results) in your company computer systems, safe in the knowledge that your servers and networks are managed by trusted professionals who are loyal employees of your firm. If something went missing, you would know immediately, wouldn’t you? But that’s the fundamental issue with cyber security – nothing goes missing, and everything is still exactly as you left it. There is no broken glass or forced locks, and no evidence an intrusion, so of course you do nothing. Meanwhile, the thief has copied the data and can exploit it or sell it without fear of being discovered. But they are vetted for that role? Of course, they are vetted. Sometimes by amateurs in your HR department, sometimes by professionals in third party vetting companies, and sometimes by government agencies. But it doesn’t matter, because one-time screening will not find someone who shifted his allegiance from his employers over some time. Could your company re-screen its employees (and contractors) in these roles several times a year? I doubt many IT professionals would tolerate that sort of intrusion, and they would go to work for a more reasonable employer. So what should we do? Beyond an integrated approach to cyber systems, process, and education for employees, a best practice also calls for a segregation of duties, where it would take at least two people in a position of trust to perpetrate fraud. The accounting profession has invested significantly in “Separation of Duties” because of the understood risks accumulated over hundreds of years of accounting practice. For example, many corporations found that an unexpectedly high proportion of their internal control issues came from IT, and so they insisted on the Separation of Duties for that aspect of their business. Separation of Duties is now becoming the norm in large IT organizations so that no single person is in a position to introduce fraudulent or malicious code or data without detection.

As published on INN: https://investingnews.com/cyber-security-for-smbs-an-untapped-market/ When it comes to cybersecurity, small and medium-sized businesses (SMBs) represent a largely underserved market, and innovative solutions that address SMBs’ unique challenges offer significant opportunities for investment, according to Integrated Cyber Solutions (CSE:ICS) CEO Alan Guibord. “(The cybersecurity market for SMBs) is still in the infancy stages, but it's in the billions,” he said. “The reason that we chose the SMB market is because they don't have the capability or capacity to invest like the larger corporations do, but there's tens of thousands of them just in the US alone, and more in Canada and more around the world. And we feel that this market is really ripe for our kind of service where we can really bring them the capabilities that the large corporations have at a very affordable price.” Integrated Cyber offers a suite of internet security solutions that are driven by artificial intelligence and designed to address the vulnerability challenges of SMBs. The company’s offerings include pen testing, vulnerability assessments, remediation, cyber training and managed detection and response, as well as managed services. “The perspective that we have created is one that is really what the market needs right now,” Guibord said. "Instead of going out and selling software point solutions, we're out there selling an environment where people can use the cyber tools that we create for them to better understand and manage their risks and their needs and their responses." Watch the full interview with Integrated Cyber Solutions CEO Alan Guibord above. Disclaimer: This interview is sponsored by Integrated Cyber Solutions (CSE:ICS) . This interview provides information which was sourced by the Investing News Network (INN) and approved by Integrated Cyber Solutions in order to help investors learn more about the company. Integrated Cyber Solutions is a client of INN. The company’s campaign fees pay for INN to create and update this interview. INN does not provide investment advice and the information on this profile should not be considered a recommendation to buy or sell any security. INN does not endorse or recommend the business, products, services or securities of any company profiled. The information contained here is for information purposes only and is not to be construed as an offer or solicitation for the sale or purchase of securities. Readers should conduct their own research for all information publicly available concerning the company. Prior to making any investment decision, it is recommended that readers consult directly with Integrated Cyber Solutions and seek advice from a qualified investment advisor. This interview may contain forward-looking statements including but not limited to comments regarding the timing and content of upcoming work programs, receipt of property titles, etc. Forward-looking statements address future events and conditions and therefore involve inherent risks and uncertainties. Actual results may differ materially from those currently anticipated in such statements. The issuer relies upon litigation protection for forward-looking statements. Investing in companies comes with uncertainties as market values can fluctuate.

Understanding Cyber Exposure - Without Exposing Yourself CIOs across the Middle East, especially in the UAE, are once again being asked to lead the charge in protecting our organizations from escalating cyber threats. It’s a familiar responsibility—but this time, the stakes are higher. With geopolitical tensions, nation-state actors, and increasingly sophisticated attacks targeting critical infrastructure, we must move from reactive defense to proactive resilience. It’s not just about protecting the company anymore—it’s also about safeguarding leadership, reputation, and national interests. We have a plan to help you do exactly that. The reality is clear: cyber risk in the region is accelerating at an unprecedented pace. As UAE-based organizations embrace digital transformation and Industry 4.0 technologies—from smart cities to connected manufacturing—they also expand their digital attack surfaces. In this article, we’ll explore why cybersecurity vulnerability management is more essential than ever in the Middle East, and outline actionable steps to help you stay ahead of evolving threats. A Dozen Steps for Countless Security Security measures come in various forms, each with its own purpose and scope. Here are 12 actions you should take immediately to secure your business and yourself: Engage a Trusted Advisor Jointly Develop a Game Plan Conduct a Confidential Risk Exposure Assessment Assess Your Technology & Cultural Landscape Develop a Short-Term Plan of Attack Assess Remaining Risks and Costs Share Critical Findings with Your Team Create a Plan to Address Immediate Critical Findings Develop a Long-Term Remediation Plan Present the Plan to Management & Secure a Budget Establish a Management-Level Cyber Risk Team Create an Ongoing Cyber Risk Protection Plan and Process 1. Engage a Trusted Advisor Engaging a trusted advisor is one of the most effective first steps in addressing your cybersecurity vulnerabilities—especially in a region like the Middle East, where threats are evolving rapidly and local resources may be stretched. By working with an expert from a mature cybersecurity market like North America, you gain access to deep experience and proven strategies developed in some of the world’s most targeted industries. A seasoned advisor who has been in your shoes and successfully navigated these challenges can help you cut through complexity, identify your most critical risks, and guide you in building a roadmap that fits both your business goals and regional realities. 2. Jointly Develop a Game Plan Working with your trusted advisor, develop a comprehensive game plan for managing your organization's cybersecurity risk. This plan should include short-term and long-term strategies for addressing potential vulnerabilities and be tailored to your organization's specific needs and risk profile. 3. Conduct a Confidential Risk Exposure Assessment Before you can effectively address your organization's cybersecurity vulnerabilities, it's essential to understand your current risk exposure. Start by conducting a confidential assessment of your organization's risk exposure. Then identify the highest exposure areas and initiate an immediate triage plan to address them. 4. Assess Your Technology and Cultural Landscape In addition to evaluating your organization's technical infrastructure, it's crucial to assess the cultural landscape within your organization. This includes examining factors such as employee awareness of cybersecurity risks, training programs, and the overall cybersecurity culture within the organization. 5. Develop a Short-Term Plan of Attack If your initial assessment reveals significant vulnerabilities, it's essential to develop a short-term plan of attack to address these issues immediately. A plan of attack may include implementing new security measures, updating software, or conducting employee training sessions. 6. Assess Remaining Risks and Costs Once you've addressed the most critical vulnerabilities, assessing the remaining risks and associated costs is essential. This will help you prioritize your long-term remediation efforts and focus on the most significant threats to your organization. 7. Share Critical Findings with Your Team Share critical findings from your assessments with your team to ensure that your entire organization is informed and engaged in the cybersecurity vulnerability management process. This will help create a sense of urgency and foster a culture of shared responsibility for addressing cybersecurity risks. 8. Create a Plan to Address Immediate Critical Findings After sharing critical findings with your team, develop a plan to address the next set of urgent vulnerabilities. This may involve implementing additional security measures, updating systems and software, or providing targeted training to employees. 9. Develop a Long-Term Remediation Plan With immediate critical findings addressed, developing a long-term remediation plan based on your organization's risk and cost assessments is essential. This plan should outline your organization's steps to address ongoing cybersecurity risks and protect your systems and data. 10. Present the Plan to Management and Secure a Budget Once you've developed a comprehensive remediation plan, present it to your organization's management team and a proposed budget for implementing the necessary measures. This will help ensure that your organization is committed to addressing cybersecurity risks and has the resources required to do so effectively. 11. Establish a Management-Level Cyber Risk Team Establish a management-level cyber risk team to ensure ongoing oversight and coordination of cybersecurity vulnerability management efforts. This team should include representatives from various departments within your organization and be responsible for monitoring progress, addressing emerging risks, and adjusting your remediation plan as needed. 12. Create an Ongoing Cyber Risk Protection Plan & Process Finally, develop an ongoing cyber risk protection plan and process for your organization. This should include regular risk assessments, updates to your remediation plan, and continuous monitoring of emerging threats. Regularly reporting on your organization's progress and the effectiveness of your cybersecurity measures will help maintain management support and ensure your organization remains vigilant in the face of evolving cyber threats. Conclusion Effective cybersecurity vulnerability management isn’t a one-time fix—it’s an ongoing journey that requires strategy, alignment, and expert guidance. By taking the steps outlined in this article—from engaging a trusted advisor and conducting a confidential risk assessment to building a long-term remediation plan—you can transform uncertainty into action and establish a culture of cyber resilience. Whether you're just beginning or refining your approach, we’re here to help. Connect with us to tap into real-world experience and develop a clear, customized roadmap that protects your organization today and prepares it for tomorrow.

In today's interconnected world, cyber breaches have become a significant threat to organizations, governments, and individuals alike. While technical defenses such as firewalls, encryption, and intrusion detection systems are often the focus of cybersecurity efforts, it's important to understand that the human element plays a critical role in both the prevention and execution of cyberattacks. This article explores how human behavior contributes to cyber breaches and the vital need for addressing these aspects in cybersecurity strategies. The Human Factor: A Key Vulnerability Despite the sophistication of modern cybersecurity measures, human behavior remains one of the most significant vulnerabilities in any organization's defense strategy. Research consistently shows that human error is one of the leading causes of data breaches. In fact, studies suggest that over 90% of cyberattacks involve some form of human interaction, whether through clicking a malicious link, weak passwords, or sharing sensitive information. Here are some of the most common human behaviors that contribute to cyber breaches: 1. Phishing Attacks: The Power of Deception Phishing is one of the oldest but most effective tactics in cybercrime. Cybercriminals craft deceptive emails or messages to trick individuals into revealing sensitive information, such as login credentials or financial details. Phishing is so successful because it targets human psychology—specifically, our tendency to trust familiar-looking sources or to act quickly without thoroughly considering the consequences. Organizational employees often fall victim to phishing because of time pressures, distractions, or simply because they are not properly trained to recognize suspicious communication. The ease with which phishing attacks can be carried out—requiring only an email or a social engineering technique—makes them a preferred method for cybercriminals. 2. Weak Passwords and Poor Security Practices Another key aspect of human behavior contributing to cyber breaches is using weak passwords or reusing passwords across multiple platforms. While password managers and two-factor authentication have made securing online accounts more accessible, many individuals still rely on easily guessable passwords, like "123456" or "password," or use the same password for multiple accounts, making them easy targets for hackers. In the workplace, employees may neglect to follow password security protocols or may share their login information with colleagues or vendors, inadvertently creating vulnerabilities in the system. Even a simple mistake, like leaving a password written down on a sticky note, can lead to catastrophic results. 3. Social Engineering: Exploiting Trust Social engineering is another human-driven vulnerability. Attackers exploit people's natural tendency to trust others and manipulate them into divulging confidential information. A common example of social engineering is pretexting, where the attacker impersonates someone the victim knows or trusts—such as a co-worker or IT support technician—to gain access to sensitive data or systems. A well-crafted phone call or a convincing message encouraging individuals to reveal personal information or provide access to secure systems have often started many breaches. The threat of social engineering is not only technical but psychological, as it capitalizes on the individual's emotions, trust, and desire to be helpful. 4. Lack of Cybersecurity Awareness and Training A significant portion of cyber breaches can be attributed to a lack of awareness or inadequate training in cybersecurity practices. Many employees are unaware of the latest threats, such as ransomware or spear-phishing, and may not know how to spot warning signs or avoid risky online behaviors. Furthermore, a lack of training on best practices, such as updating software, avoiding public Wi-Fi for sensitive transactions, or using strong and unique passwords, can leave organizations exposed to attacks. Cybersecurity is often treated as an IT issue rather than an organizational culture issue. However, for it to be truly effective, cybersecurity must be woven into everyday practices and habits. People must be educated and empowered to make safer decisions in their digital interactions. 5. Insider Threats: A Growing Concern Not all cyber breaches come from external actors. Insider threats—whether malicious or accidental—represent a significant risk to organizations. Employees, contractors, or business partners with access to critical data may intentionally misuse that access for personal gain or inadvertently expose sensitive information through negligence. The motivations behind insider threats vary, but they often stem from issues like employee dissatisfaction, financial pressures, or even a lack of oversight. In many cases, an insider threat arises from employees who feel disconnected from the organization or lack proper security training, leading to poor decision-making that compromises data security. Mitigating Human Error in Cybersecurity Given the significant role that human behavior plays in cyber breaches, it's clear that cybersecurity strategies must address the human factor. Here are some practical approaches to reduce the risks associated with human behavior: 1. Comprehensive Employee Training Regular and updated cybersecurity training ensures employees understand the latest threats and best practices for mitigating risks. Training should cover common attack vectors like phishing, the importance of strong passwords, and how to recognize suspicious behavior both online and in the workplace. Simulated phishing exercises can also help employees practice recognizing and responding to real-world attacks. 2. Establishing Clear Security Policies Organizations should implement clear and enforceable security policies that set expectations for secure behavior. These policies should include password management policies, guidelines for sharing sensitive information, and the use of secure communication tools. Having these policies in place and regularly reminding employees about them ensures that security becomes a core part of the organizational culture. 3. Multi-Factor Authentication (MFA) Requiring employees to use multi-factor authentication (MFA) can significantly reduce the likelihood of unauthorized access, even if login credentials are compromised. MFA adds an extra layer of security by requiring a second form of verification, such as a text message code or biometric scan before access is granted. 4. Creating a Strong Cybersecurity Culture Cybersecurity should be seen as a shared responsibility. By fostering a culture of cybersecurity within an organization, employees are more likely to be vigilant and proactive in reporting suspicious activity. Regularly communicating the importance of cybersecurity and encouraging employees to take ownership of their role in keeping systems safe can help reduce human errors. 5. Monitoring and Incident Response Plans Even with the best preventative measures in place, mistakes can still happen. That's why it's essential to have monitoring systems in place to detect unusual activities and breach attempts quickly. An incident response plan should also be in place so that organizations can respond rapidly and effectively to mitigate the impact of a breach. Conclusion: Humans and Technology Must Work Together While technology continues evolving and cyber threats grow more sophisticated, the human element remains critical in cybersecurity. By understanding the psychological and behavioral drivers behind cyber breaches, organizations can take steps to address these vulnerabilities and reduce the risk of cyberattacks. It's not just about investing in advanced tools; it's about creating a culture where security is everyone's responsibility. Cybersecurity is ultimately about people, and only when organizations focus on both technology and human behavior can they hope to build robust defenses against the growing threat of cybercrime.

Building automation giant Johnson Controls hit by ransomware attack Johnson Controls International, a multinational conglomerate specializing in industrial control systems and security equipment, has experienced a significant ransomware attack that has impacted its operations. The attack involved the encryption of company devices, including VMware ESXi servers. The breach is believed to have originated from the company's Asia offices. As a result, Johnson Controls and its subsidiaries, such as York, Simplex, and Ruskin, have experienced technical outages on their websites and customer portals. Customers of York have reported that the company's systems are down and have been informed that it is due to a cyberattack. A sample of the ransom note used in the attack, which demands $51 million and claims to have stolen over 27 TB of corporate data, was shared by a threat researcher. Johnson Controls has yet to respond to inquiries about the attack. Dark Angels, the ransomware gang responsible for the attack, is known for breaching corporate networks and conducting double-extortion attacks by stealing data before encrypting devices. The Linux encryptor used in this attack is similar to the one used by Ragnar Locker since 2021. Dark Angels operates a data leak site called "Dunghill Leaks," where they threaten to leak stolen data if the ransom is not paid. Johnson Controls has confirmed the cybersecurity incident and is working with external experts to investigate and mitigate the impact. They are also coordinating with insurers. The company's applications remain largely unaffected, but disruptions are expected in certain areas of their business operations. The incident may also impact their ability to release financial results on time. Overall, Johnson Controls International has suffered a significant ransomware attack that has led to technical outages and potentially compromised data. The company is actively addressing the situation and taking steps to mitigate the impact of the incident.

In today's interconnected digital landscape, cybersecurity is not just a concern for financial institutions and tech companies. The recent cyberattack on Omni Hotels & Resorts is a stark reminder of the critical importance of robust cybersecurity measures for hotels and other operators in the hospitality sector. The ramifications of such attacks are not limited to financial losses but also encompass the erosion of customer trust, operational disruptions, and potential legal and regulatory consequences. This incident underscores the urgent need for comprehensive cybersecurity strategies to safeguard sensitive customer data, preserve operational continuity, and shield the reputation of businesses in the hospitality industry. The cyberattack on Omni Hotels & Resorts, resulting in a nationwide IT outage, has disrupted its operations and exposed vulnerabilities in its systems. The prompt response from Omni, including the shutdown of affected systems and the cybersecurity experts' engagement, reflects the situation's seriousness. However, the impact on reservations, hotel room door locks, and point-of-sale (POS) systems has undoubtedly caused inconvenience to guests and financial implications for the business. Such disruptions tarnish the guest experience and pose a significant threat to the hotel's revenue streams and brand reputation. One of the most concerning aspects of this cyberattack is the potential compromise of sensitive customer information, particularly credit card data. The previous data breach experienced by Omni in 2016, where attackers targeted its POS systems to pilfer payment card details, serves as a poignant example of the persistent threat facing the hospitality industry. The unauthorized access to such information can lead to financial fraud, identity theft, and legal liabilities, amplifying the significance of implementing stringent cybersecurity measures to safeguard customer data and uphold privacy regulations. The nature of the cyberattack, which is speculated to be a ransomware incident, introduces a new layer of complexity and urgency. Ransomware attacks, where cybercriminals encrypt critical systems and demand a ransom for their release, disrupt operations and introduce the peril of data extortion. If a ransom is not paid, the potential exposure of sensitive customer data can lead to severe financial and reputational repercussions for Omni Hotels & Resorts. Moreover, the looming threat of data leakage by the attackers further exacerbates the risks associated with this cyber incident. The implications of this cyberattack extend beyond the immediate operational disruptions experienced by Omni Hotels & Resorts. The erosion of consumer trust and confidence in the security of their personal information can have lasting ramifications, impacting customer loyalty and the hotel's competitive standing in the market. Additionally, the regulatory scrutiny and potential legal consequences stemming from the mishandling of customer data underscore the multifaceted fallout of cybersecurity breaches in the hospitality sector. The hospitality industry, encompassing hotels, resorts, and related operators, must recognize the imperative of prioritizing cybersecurity to fortify their digital infrastructure and protect customer data. Proactive investment in cybersecurity technologies, regular security assessments, and robust incident response plans are indispensable components of a comprehensive cybersecurity strategy. Moreover, fostering a culture of cybersecurity awareness and employee cyber training is paramount in mitigating the human factor in cyber incidents, such as phishing attacks and social engineering schemes. In an era where technology underpins nearly every aspect of the guest experience, from online reservations to smart room amenities, the interconnectedness of hospitality operations amplifies the vulnerability to cyber threats. The Omni Hotels & Resorts cyberattack demonstrated that the interconnected systems and data dependencies within the hospitality sector necessitate a holistic approach to cybersecurity. The integration of robust data encryption, network segmentation, and intrusion detection mechanisms can bolster the resilience of hotel IT infrastructure against evolving cyber threats. Furthermore, collaborations with trusted cybersecurity partners and industry-specific threat intelligence sharing can augment the defensive capabilities of hotels and operators, enabling proactive threat detection and mitigation. Establishing cybersecurity best practices and standards tailored to the unique operational dynamics of the hospitality sector can serve as a beacon for industry-wide cybersecurity resilience, fostering a collective defense posture against cyber adversaries. The consequences of cybersecurity lapses in the hospitality sector are not confined to individual businesses but reverberate across the broader industry, impacting consumer confidence and regulatory perceptions. As such, a concerted effort to elevate cybersecurity preparedness and resilience is imperative for safeguarding the integrity of customer data, preserving operational continuity, and fortifying the reputation of hotels and operators in the hospitality sector. In conclusion, the cyberattack on Omni Hotels & Resorts serves as a poignant wake-up call for the hospitality industry, emphasizing the critical importance of cybersecurity in safeguarding customer data, preserving operational continuity, and fortifying brand reputation. Hotels and operators in the hospitality sector must heed this warning and embrace a proactive cybersecurity stance, encompassing robust technologies, employee awareness, and industry collaborations. By prioritizing cybersecurity, the hospitality sector can fortify its defenses against cyber threats, uphold customer trust, and navigate the digital landscape with resilience and confidence.

Most small-to-midsize businesses and organizations utilize a local MSP for network and hardware support. The MSP's expertise is focused on IT infrastructure, and most do an excellent job. MSPs provide critical services such as help desk services, password resets, server and network updates, and more as their clients' technical environments and requirements constantly change. It's quite easy to find out if you are getting the proper level of protection through your MSP. Start by asking them these three questions. And, depending on their answers, you may want to give us a call for a free consultation. Keep good notes and we'll provide an independent view on what you can/should do to proceed. You don't want to wait until after you're hacked to ask your MSP if you're protected. 1) How often do you run vulnerability scans on my network? Why? Vulnerability scanning is a procedure that uses specialized software that accesses vast databases that catalog all known possible exploits and look for vulnerabilities to those exploits within your network, such as dangerous software and operating system configurations, open ports, software that has not been updated, and many other issues that could allow hackers entry to your system. Best practices dictate scans weekly so that remediations can be performed between scans. If the answer to this question is, "We do not do vulnerability scans, or any scans," you are at risk for cyber threats. 2) What safeguards are in place to protect me from well-meaning employees who accidentally expose their credentials or other protected information in a phishing or social engineering attack? Why? Most small and mid-sized companies believe that endpoint protection software is all they need to keep malicious emails out of their system. The problem is that not all phishing emails carry malicious payloads. Many hackers send people to "look-alike" websites to collect login credentials, which circumvents any protections you may have in place. They can then use those credentials to log in as users and invade your network. Over 85% of all successful cyber-attacks happen through poor employee computer habits. If your MSP responds with one or more of the following: We do not monitor your network for misused credentials We do not monitor for the use of legitimate credentials from unexpected locations (China, Russia, etc.) We do not look for unexpected employee behavior like large downloads of protected information We have not implemented, nor do we have a cyber-training program for your employees, Your company is at risk for cyber threats. 3) Is the SOC (Security Operations Center) that monitors my network operational 24x7? Why? Having a group of specialists monitoring your networks for any malicious activity is vital. They are fed by software that collects network information from any hardware that can provide data. When the SOC finds issues, they immediately contact your IT department (usually through tickets – phone contact if it is a severe issue) to warn you of what is happening. If your MSP does not have a 24x7 SOC monitoring your network, your company is at risk for cyber threats. While many other questions should be asked to ensure you're protected, we advise you start with these. If you are unsatisfied with the answers to any of these questions, we do not recommend removing your current MSP; we recommend adding a vital layer of cybersecurity to your operations with the help of an MSSP. Integrated Cyber would be happy to schedule a no-cost consultation to discuss the cyber risks to your company and the options available to you to start lowering those risks.

To be adequately protected from cyber-attacks, it is essential to know the delineation of services between a Managed [IT] Services Provider (MSP) and a Managed Security Services Provider (MSSP). As we reach out to companies of all sizes, we are constantly told that companies do not need cyber security services and that their MSP "has their back." In reality, they are putting themselves at risk for cyber breaches that could cripple their business or organization. In parallel, we get several weekly calls from companies that use MSPs asking for assistance to recover from the cyber breaches they assumed their MSP protected them. Most small-to-midsize businesses utilize a local MSP for their network and hardware support. The MSP's expertise is focused on IT infrastructure, and most do an excellent job. MSPs provide critical services such as help desk services, password resets, server and network updates, and more as their clients' technical environments and requirements constantly change. They do not, however, provide cybersecurity services or tools. Some MSPs may provide firewall management, but firewalls have become the easiest point of entry for hackers and, therefore, cannot be considered more than the first line of a multilayered defense. Once penetrated, MSPs lack the expertise to react to and remediate intrusions. While MSPs provide network management, they do not provide Managed Detection and Response (MDR). As they are tasked with maintaining your infrastructure, it would not be to their advantage to tell you what and where your vulnerabilities are, how many you have, and how to remediate them, so they do not offer those services. MSPs do not provide risk analysis for the same reason. Endpoints have become a growing source of intrusions and need expert cybersecurity management. Endpoint protection software alone is not enough to keep your company safe. The single most significant cause of successful attacks comes from inside the company. More than 85% of successful attacks are initiated by well-meaning employees exhibiting poor cybersecurity habits. Employee training is an area that, at worst, is largely ignored or, at best, improperly executed and analyzed. MSPs do not have the expertise or manpower to test and train your employees properly, and few companies secure the proper resources to do it themselves properly. The solution to these issues is not to eliminate your MSP, but to engage an MSSP. An MSSP can provide a comprehensive set of services designed to reduce cybersecurity risk proactively before the "bad guys" can act. These services include Managed Detection and Response, Continuous Vulnerability Scanning, Penetration Testing, Risk Management, and Continuous Managed Cybersecurity Awareness and Training for employees, all areas your MSP is not equipped to execute. A premium MSSP will also provide for the integration of data that cybersecurity tools generate and provide analysis and insights as to what this integrated data means. To be properly informed of the cyber risks your company faces, companies need to integrate the data that comes from the deployed cybersecurity tools into one data location for experienced cybersecurity experts to analyze and identify potential risks. This area of expertise is the domain of the MSSP. In summary, understanding the services, expertise, and focus of an MSP and an MSSP is crucial to ensuring you are appropriately protected. Integrated Cyber's sole purpose is to protect organizations like yours from cyber predators. Our proactive, human-centered approach to cybersecurity reduces risk, finds the gaps in your defenses, and helps you to close those gaps. Learn more at https://www.integrated-cyber.com .