How Safe is Microsoft Teams?

Microsoft Teams

How Safe is Microsoft Teams? Understanding the New Vulnerability Vectra Uncovered

Key Points in This Article

  • Cybersecurity researchers at Vectra recently unearthed a new vulnerability in Microsoft Teams that may allow cyber criminals the means to cause considerable harm.
  • The vulnerability requires cybercriminals to already have a certain level of access to your network or device.
  • Rather than asking what you should do about Teams in light of this vulnerability, you should take every possible precaution and measure to keep your access credentials secure.

It’s a foregone conclusion these days that no matter what software application significant players like Microsoft roll out or security updates they provide, a new vulnerability will invariably be discovered. After all, a veritable army of hackers, cybercriminals, and even nation-state actors work continuously to identify these vulnerabilities for their own purposes. And these threat actors often think in creative ways that corporations are designed to, allowing them to find weaknesses that even experienced cybersecurity professionals overlook.

Microsoft Teams

Understanding Software Application Vulnerabilities

When a software vulnerability is found in an application at a company like Microsoft, Apple, or Google, it quickly makes headlines in not just industry publications but also mainstream media. However, those working in cybersecurity know that such vulnerabilities are pretty common and that not all vulnerabilities pose the same level of risk. Nevertheless, those outside the field often quickly question whether widely used software is safe or whether it should be quickly discarded in favor of a new, unidentified, yet presumed safer measure.

Microsoft Teams recently made some headlines when cybersecurity researchers at Vectra unearthed a new vulnerability in the application. And because of the headlines, it’s likely some business leaders may have found themselves asking their CIOs and IT directors whether Teams was still safe to use.

When such headlines occur, influential IT professionals likely have taken the time to understand the nature of this vulnerability and assess the risks it may pose before making recommendations or taking action. Doing so can help save them from acting precipitously by spending time and money moving to a competing software without determining if a simple patch or other safety measures might eliminate the risk.

So what is the nature of the vulnerability? How much of a risk does it pose? And is Microsoft Teams still safe for businesses like yours to use?

The Microsoft Teams’ Vulnerability Vectra Uncovered

Vectra researchers realized that the Teams holds user authentication tokens in plain text on their desktop devices. When you install and use the Microsoft Teams client on Windows, Mac, or Linux, those credentials can be found on your device even when Teams is closed. A hacker or cybercriminal who has access to your system could use these credentials to access Teams, Outlook, and SharePoint, among other applications, modify files, steal data, and compromise your security.

Moreover, these credentials allow a hacker to take any action you might through the Team interface, bypassing the need for multi-factor authentication. For example, a cybercriminal who accesses the account of a C-suite leader through this Teams’ vulnerability could hijack their Outlook account and steal proprietary information from the business leader’s email account or SharePoint document library.

Cybercriminals could also use their newfound access credentials to send phishing emails to employees throughout the organization. These phishing efforts, coming from the email account of a company leader, could be designed to encourage employees to take actions that further compromise network security, such as downloading malware or ransomware. These are just two possibilities. An enterprising cybercriminal could easily cripple a business or organization in many other ways.

Vectra initially discovered this vulnerability after one of its customers noted that Teams users cannot remove deactivated accounts through the Teams UT when their user account is disabled. Vectra began investigating and learned that Teams’ storage of user credentials was not secure. The company shared its discovery of the vulnerability with Microsoft in August 2022. Perhaps surprising to some, Microsoft did not immediately set about patching this exploit. They confirmed that it could pose a threat and indicated they would address it in a future Teams update.

What Relative Risk Does This Vulnerability Pose?

This response may seem to downplay the possible risk and strike some as cavalier. But while this vulnerability allows cybercriminals with only read access to your system to gain your Teams credentials, the truth is if a cybercriminal gains access to an employee’s account, there are many other ways they can leverage that access at the expense of the business or organization. And it remains incumbent on employees in every department (not just IT) to ensure that authentication credentials don’t fall into the wrong hands.

Businesses and organizations must provide their employees with regular, practical, and current cybersecurity awareness training to ensure that all employees do their part to protect their employers. Employees must understand how to identify and report suspicious activity they encounter, take steps to secure their devices, and avoid downloading applications that could house malware and viruses. They must understand and follow their employer’s cyber security policies without fail to keep their account credentials out of the hands of third parties.

CIOs and IT professionals must develop, maintain, and refine strong cybersecurity policies that cover the entirety of the organization. And they must ensure that all areas comply and that no shortcuts are taken. That means eliminating legacy practices like granting certain users local admin privileges to cut down on help desk requests. It also means continuously testing existing measures to pinpoint vulnerabilities before third parties. A single exploit left unidentified and unaddressed can prove catastrophic. One recent study holds that the average cyberattack costs a company $200,000, which can be enough to put a small business out of business.

So, while Microsoft’s response may seem to downplay the risk, businesses and organizations most at risk from this vulnerability are those with poor fundamental cybersecurity measures in place already. And while business and IT leaders should be aware of this vulnerability, it does not make Microsoft Teams more unsafe to use. Those who are concerned about it should take every available measure to protect their network and device access credentials from falling into the wrong hands before giving any thought to switching platforms. Because no matter which platform you select, if a cybercriminal obtains usernames and passwords, everything is vulnerable.

Cyber Risk Insurance 101

Cyber Risk Insurance 101

Cyber Risk Insurance 101: What is it and Who Needs It?

Every business needs to protect itself against cyberattacks. That’s why companies must have cyber risk insurance. Cyber risk insurance can help you pay for the costs associated with a data breach or ransomware attack, but there are other things that you should consider as well. Understanding cyber risk insurance, why it’s necessary, and how it works will help determine if your business needs this coverage.

Cyber Risk Insurance 101

What is Cyber Risk Insurance?

First, let’s define what cyber insurance is. Cyber risk insurance is a protection plan provided by an insurer to help protect your organization from monetary loss resulting from a cyber breach or attack. It works like traditional property and casualty insurance: you pay the premiums, and in the event of a loss (or series of losses) due to cyber-related incidents, your insurer reimburses you for any financial costs associated with that loss.

If a breach occurs and leads to stolen customer data or other damages, your company can file a claim with its insurer—and get paid out accordingly if approved.

Who Needs Cyber Risk Insurance?

The answer to this is simple: all businesses. Cyber risk insurance can be a lifesaver for those who may not have the means or desire to purchase cyber protection. There are several instances where organizations of all sizes should consider cyber insurance coverage, from startups to government agencies and nonprofits.

In addition to the apparent need for small businesses, however, it’s worth noting that large firms also benefit from cyber risk insurance. Large corporations with thousands—or even hundreds of thousands—of employees can experience significant downtime if their computer systems suffer an attack on their networks. A large company may also have access to sensitive information about its customers or suppliers that could be used against other companies with whom they do business.

Many considerations go into cybersecurity and protecting your business from financial loss due to a cyberattack. Here are some of the key ones:

  • The cost of a data breach. According to the Ponemon Institute, the average cost of a data breach is well over $4 million.
  • The cost of an attack on your business. A cyberattack can lead to physical damage or theft from your company’s stockroom or warehouse, intellectual property theft, and loss of customer data and trust.
  • The cost of ransomware attacks – Ransomware attacks are malicious software designed to block access to infected computers until users pay ransom demands (often via Bitcoin), which amounts to digital extortionists trying to extort money by holding computer files hostage until they pay up! How much do these hackers demand? Exorbitant sums that could total in the six-to-seven-figure range.

Why Should I Buy It?

While you may think that your business is immune from cyberattacks, the truth is that no company is completely safe. While there are no guarantees that a cyberattack won’t happen to your business, the right insurance protects you and your team from the damage caused by one.

Cyber insurance is one of the best ways for businesses of all sizes to protect themselves against cybercrime and other unexpected losses from data breaches. The cost of recovering can be astronomical—and if you don’t have the proper coverage in place, they could put your entire business at risk. It may seem an expense at first glance, but it can be well worth protecting against financial threats.

Put another way: if you think purchasing cyber risk insurance is expensive, imagine how expensive it will be when you’re under a cyber attack and don’t have any protection.

Types of Cyber Insurance Policies

Numerous types of cyber risk insurance policies are available to businesses. You’ll have to evaluate your own specific needs to understand which one fits your organization best:

  • Business interruption insurance: This policy protects against the loss of income resulting from a cyberattack, such as a denial-of-service attack that results in a website being down for an extended period.
  • Cyber extortion insurance: This policy covers the cost of responding to ransomware attacks and ensures that your business is compensated if you pay an attacker’s ransom demand.
  • Data breach insurance: If you suffer from a data breach or lose customer information due to hacking, this type of cyber insurance can help cover costs associated with notifying customers and handling any legal action taken against you by consumers whose private information was compromised as part of an attack on your servers or network infrastructure.

Keep in mind that in many cases, you can mix and match the type of policies you buy. It is better to err on the side of caution, opting for more protection versus less. That way, you’ll have more holistic security against possible cyber attacks.

Should You Buy Cyber Insurance?

If you’re not sure whether or not cyber insurance is right for your business, ask yourself the following questions:

  • Do you have a budget for a potential breach? You may not be able to afford $2 million worth of coverage upfront, but that doesn’t mean it’s not worth investigating. Many carriers offer packages based on risk tolerance, which means they’ll provide coverage even if there are gaps in your policy.
  • Are you comfortable with the risks associated with cyber-attacks? While some companies might be squeamish about admitting their vulnerabilities, others would rather know what they’re up against so they can start taking steps to mitigate those risks.
  • Do you already have an established plan for responding to and recovering from an attack? If so, buying cyber insurance might make sense because it gives peace of mind knowing that your company will be protected financially should something go awry (and trust me—it will).

Cyber insurance is a crucial part of cyber risk management and should be essential to your overall business plan. If you’re unsure if cyber risk insurance is right for your business, contact us, and we can answer any questions you may have. And remember: The cost of a security breach or data breach can be devastating. It’s always better to be safe than sorry.

Why Small Businesses Must Implement Ongoing Risk Management

Risk Management

Why Small Businesses Must Implement Ongoing Risk Management

Key Points

  • Risk management is identifying, assessing, and managing risks to help protect against potential losses or liabilities.
  • Risks can come from financial, operational, legal, or reputational risks.
  • By identifying and assessing risks early on, you can take steps to mitigate or avoid them altogether.

The traditional security perimeter is no longer enough to keep organizations safe. Cybercriminals are increasingly sophisticated and can easily bypass perimeter defenses. Preventing sophisticated attacks requires a new approach that starts with risk management and extends security throughout the entire network. Risk management is vital for small businesses. Implementing ongoing risk management as a standard practice can help protect your small business against potential losses and liabilities.

Risk Management

What Is Risk Management?

Risk management is a proactive approach to security that starts with identifying assets and vulnerabilities and then implementing measures to protect against potential threats. By taking a proactive approach, organizations can reduce the likelihood and impact of security breaches.

Risk management starts with a risk assessment, identifying and evaluating potential security risks. Once identified, organizations can develop and implement strategies to mitigate or reduce those risks.

Risk management strategies can include developing security policies and procedures, implementing security controls, and increasing employee awareness. Organizations must continually monitor and adjust their risk management strategies as new risks emerge, and existing risks change.

Effective risk management requires a commitment from everyone in the organization, from the CEO to the front-line employees. When everyone understands their role in security and works together to reduce risks, organizations can better protect themselves from potential threats.

What Are the Components of Risk Management?

There are four main components of risk management:

  • Asset identification: Organizations must first identify their assets, which can include things like data, systems, and people.
  • Vulnerability assessment: Once assets have been identified, organizations must assess their vulnerabilities. Vulnerabilities are weaknesses that can be exploited by threats.
  • Threat assessment: Organizations must then identify the potential threats to exploit their vulnerabilities.
  • Risk mitigation: Once risks have been identified, organizations can implement strategies to mitigate or reduce those risks. Risk mitigation strategies can include developing security policies and procedures, implementing security controls, and increasing employee awareness.

These components work together to form a comprehensive risk management strategy. Organizations can better protect themselves from potential threats by taking a proactive and holistic approach to security.

What Are the Benefits of Risk Management?

There are many benefits of risk management, including:

  • Reduced likelihood of security breaches: Organizations can reduce the likelihood of a security breach by identifying assets and vulnerabilities and implementing security measures.
  • Reduced impact of security breaches: If a security breach does occur, risk management can help reduce the impact. Organizations can limit the damage and quickly recover from a breach by having policies and procedures in place.
  • Improved security posture: A proactive approach to security can help organizations improve their overall security posture. Organizations can become more resilient to potential threats by identifying and addressing risks.
  • Improved compliance: Risk management can help organizations meet compliance requirements related to data security and privacy.

Implementing Ongoing Risk Management in Your Business

As a small business leader, you always seek ways to protect and grow your company. One way to do this is by implementing an ongoing risk management strategy.

Here are a few tips to help you get started:

  • Identify potential risks. The first step in risk management is identifying potential risks that could affect your small business. This can be done through various methods, such as brainstorming sessions, conducting surveys or interviews with employees, or reviewing previous incidents. Once you’ve identified potential risks, you can begin assessing them.
  • Assess the likelihood and impact of each risk. The next step is to assess the likelihood and impact of each risk. This will help you determine which risks are more serious and must be addressed first. To assess the likelihood of a risk, consider how probable it is that the event will occur. To assess the impact of a risk, consider the potential financial or reputational damage that could be caused by the event if it were to occur.
  • Develop mitigation strategies. Once you’ve identified and assessed the risks, you can develop mitigation strategies. Mitigation strategies are designed to reduce the likelihood or impact of a risk occurring. For example, if you’re concerned about the possibility of a data breach, you might implement safeguards such as encryption or two-factor authentication for your digital systems.
  • Implement control measures. Control measures are designed to prevent or detect errors or fraud. For example, control measures for financial risks might include implementing Independent Reviews or separating roles within your accounting department so that one person cannot record and approve transactions.
  • Monitor and review regularly. Risk management is not a static process; it should be revisited regularly so that new risks can be identified and existing mitigation strategies can be updated as needed. Depending on the size and complexity of your small business, this might be done quarterly, semi-annually, or annually.

By following these tips, you can help ensure that your small business is prepared for any potential risks that may come it’s way. Implementing ongoing risk management as a standard practice will help protect your business against losses—and allow you to sleep better at night knowing that you’re prepared for anything.

Applying Zero-Trust Principles to Your Risk Management Strategy

Zero-trust is a security principle that states that organizations should not automatically trust anything inside or outside their networks. Instead, all users, devices, and resources should be verified and authenticated before being granted access. Zero trust prevents cybercriminals from penetrating your organization by validating every user, device, and connection trying to access data or systems.

Adopting and implementing a zero-trust security strategy is not just about investing in the right technology. It’s about changing the way your organization thinks about security. Zero trust requires a shift in mindset from perimeter-based security to identity-based security. Organizations that have yet to make this shift are at a greater risk of data breaches and expensive cyber attacks.

According to IBM’s Cost of a Data Breach 2022 report, 41% of organizations revealed they have deployed a zero-trust security architecture, while the other 59% have not. The report also revealed the organizations that have deployed a zero-trust security architecture saved over 1 million dollars in data breach costs.

Zero trust is no longer a new or emerging technology – it’s a must-have for any organization looking to protect its data and systems. As the need for better security grows, so does the adoption of zero trust.

Wrapping Up

Risk management is an important part of running a successful small business. By identifying potential risks and implementing mitigation strategies, you can help protect your business against losses. Review your risk management strategy regularly to ensure that it stays up-to-date, and don’t hesitate to seek professional help if you need it.

Why You Should Backup Microsoft 365

Backup Microsoft 365

Why You Should Backup Microsoft 365

Key Points:

  • Microsoft 365 is one of the most popular business solutions for collaboration in the cloud.
  • Businesses of all sizes and types are experiencing an increased risk of cyber attacks.
  • Microsoft 365 has several built-in security features, but data backup is vital and should be a habit.

As businesses embrace a hybrid and remote workforce, more and more organizations are choosing Microsoft 365. Formerly known as Office 365, Microsoft 365 is a great software suite that offers many benefits for businesses and has become the leading solution for collaboration in the cloud.

Organizations choose Microsoft 365 for various reasons, such as cost, available tools, or because the subscription-based software enables users to add Microsoft’s core applications to their subscription plan. In addition, Microsoft 365 continues to offer advancements and enhancements that firmly establish its position as the leading software solution for many businesses.

One of the primary reasons many organizations choose Microsoft 365 is because it is one of the most secure productivity tools available. In addition, Microsoft 365 is hosted in the cloud, on a remote server, and developed by one of the biggest names in tech.

Storing data in the cloud is convenient because it makes data universally accessible to everyone in your organization, regardless of their physical location. Your team can use Microsoft 365 to access data anytime connected to the internet. But storing data in the cloud also increases the risk of data loss, which has become a severe issue in recent years.

No matter how good a product or service is, there are always drawbacks, and Microsoft 365 is no exception. For example, Microsoft 365 has a host of built-in security measures but doesn’t include a native option to create Microsoft 365 backup and store data on the cloud.

Backup Microsoft 365

Microsoft 365 Risks

All software, even Microsoft 365, comes with certain risks. Typically, it’s your responsibility if an issue causes you to lose valuable business data. While software developers, such as Microsoft, strive to eliminate any potential problems before they occur, you must ensure your data is protected with an accessible backup.

According to Microsoft’s Services Agreement, the company and its distributors make no warranty concerning the use of their services. The agreement goes on to say that the use of the service is at your own risk and that because of the nature of computer and telecommunications systems, there is no guarantee that services will be uninterrupted, timely, and secure or that errors and content loss won’t occur.

In addition, the Services Agreement states:

“We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

What Are the Risks?

Microsoft 365 is known for being a highly secure app. This reputation for security is because the app has several built-in security features that help keep your data as secure as possible. For instance, apps like OneDrive and SharePoint have a data retention period. Typically set by default to 90 days, the data retention period ensures that if you accidentally delete a file or data, it can still be accessed for a period of time afterward.

But what if you don’t discover the error within the retention period? How would you recover your critical data without an accessible backup? Losing accidentally deleted data is one of the potential risks of Microsoft 365. Other risks may also include the following:

Cyberattacks

Cyberattacks are a growing threat that all organizations face, regardless of size or industry. While Microsoft is one of the biggest names in the tech industry, that doesn’t mean they are immune to cyberattacks.

Known for being proactive when it pertains to cyber security, Microsoft’s Security Response Center is the company’s front line of defense. Staffed by leading cyber security experts, the Security Response Center works to defend consumers and internet users at large from cyber threats.

Microsoft’s security response team has responded to several recent threats, including some tied to malicious actors either sponsored or protected by foreign governments. In 2020, the U.S. government imposed sanctions against Russia because of the country’s connection to the SolarWinds hack.

The U.S. has recently found that China has also been involved in cyber warfare attacks. Microsoft and the U.S. believe China is either behind or supporting the cybercriminals responsible for attacking vulnerable Microsoft Exchange servers. Security experts and government officials believe that attacks from malicious nation-states will continue to grow and that no organization is immune from these attacks.

In all of these cases, Microsoft’s security response team has responded quickly to stop the attack and remediate the compromised accounts. But unfortunately, even Microsoft’s cyber security experts fear that the risk will continue to grow as attacks become more sophisticated.

Internal Breaches

Whether intentional or accidental, internal data breaches occur. Often a data breach results from a simple mistake. The mistake may result from a lack of training or simply a lack of attention at the wrong moment. For instance, an employee may inadvertently click on a malicious link because they thought it was legitimate.

In other cases, a disgruntled former employee could make intentional changes to your data and systems if their access permissions have not been removed. In either case, whether deliberate or accidental, without having an accessible backup, your organization could experience severe problems from this activity.

Always Back Up Your Data

Microsoft 365 has many security features to protect your system and data. While these features are an excellent first line of defense against attacks and loss, you are solely responsible for your data. With the threat of cyber attacks growing exponentially, it pays to have an up-to-date backup of your business data. For example, suppose you have an issue recovering your data due to intentional or accidental actions. In that case, having your Microsoft 365 data in an accessible backup can ensure that your organization can recover quickly and get back to business.

Uber Investigating Security Breach After Hacker Gains Access to Internal Databases

UBER DATA BREACH

Uber Investigating Security Breach After Hacker Gains Access to Internal Databases

Key Points

  • Uber announced a security breach last Thursday evening in response to a report from The New York Times.
  • The breach was carried out by an unknown hacker, who made their presence known in a message sent to Uber’s employees over Slack.
  • The hacker claimed to have compromised several internal databases.

On September 15, 2022, Uber contacted law enforcement to report that an unauthorized third party had accessed its network. According to some sources, the Uber security breach “looks bad”, but the extent of the damage is still unknown.

According to a security engineer, the hacker released proof of the security breach on a Slack channel used by Uber employees. The proof consisted of the names of several internal databases that the hacker claimed to have compromised and how the databases were accessed. The hacker also shared explicit photos with Uber employees through the Slack platform. After Uber became aware of the communication on Slack, the company took steps to take the channel offline.

Some systems the hacker compromised include the Amazon and Google-hosted cloud environments used by Uber to store its customer data and source code. The hacker, who claims to be an 18-year-old, seems to have conducted this breach for publicity. However, any sensitive information obtained could still be used to blackmail or extort Uber customers, drivers, and employees. The hacker could also potentially sell this information on the black market.

Uber works with law enforcement and cybersecurity experts to investigate security breaches and determine how to best protect its customers, drivers, and employees. Also, many employees have worked tirelessly to lock down the affected systems and prevent further damage.

UBER DATA BREACH

A Social Engineering Attack Started It All

The Uber breach was caused by a social engineering attack that allowed the hacker to access an account. The hacker claims to have obtained a password from an Uber employee through the social engineering attack. The hacker communicated with the employee and claimed to be a corporate IT employee who needed a password. The unsuspecting employee complied, and the hacker could access an Uber database.

This is not the first time Uber has been the victim of a data breach. In 2016, Uber suffered a data breach that affected 57 million riders and drivers. That data breach was caused by hackers who could access Uber’s customer database. The hackers could obtain Uber customers’ names, email addresses, and phone numbers. They also obtained the driver’s license numbers of 600,000 Uber drivers.

Looking back at the 2020 Twitter hack and the breaches at Microsoft and Okta, it is evident that social engineering attacks are on the rise. Cybersecurity experts believe that social engineering attacks will continue to be a major problem in the future. These types of attacks exploit the trust that people have in others.

To carry out a social engineering attack, a hacker will usually pose as an IT employee or someone who works for a company with which the victim is familiar. The hacker will then ask the victim to share sensitive information, such as passwords. The best way to protect yourself from a social engineering attack is to be suspicious of any email, phone call, or text message that asks you to share sensitive information.

If you are unsure if the request is legitimate, you can always call the company or person who is supposedly asking for the information. Do not share sensitive information unless you are absolutely sure the request is legitimate.

What the Uber Breach Means for Other Companies

The breach on Uber will be a wake-up call for other companies who are lax about their cybersecurity measures. It shows that no one is exempt from being hacked—not even big corporations with plenty of resources. If anything, they’re more likely targets because hackers know they have more to lose.

So what can companies do to protect themselves? For starters, they must ensure that their two-factor authentication system is airtight. They also must regularly review their security measures and update them as necessary. Additionally, companies must educate their employees about cybersecurity best practices and ensure they follow them at all times.

When a company suffers multiple data breaches, it may give more cybercriminals the idea to target that company. So companies must take measures to prevent future breaches from happening. Cybersecurity is an ongoing process, not a one-time event. companies need to be vigilant about their cybersecurity at all times in to protect their customers and employees.

How to Protect Your Business from Hacks and Data Breaches

Like most business owners, you probably think your company will never be the victim of a hack or data breach. Unfortunately, that’s not the case. No company is immune to hacks and data breaches, no matter how big or small.

So what can you do to protect your company? First, you must ensure that your cybersecurity measures are up to date. This includes using two-factor authentication and regularly reviewing your security measures. Additionally, you must educate your employees about cybersecurity best practices and ensure they’re following them at all times.

Here are a few tips to help you protect your company from hacks and data breaches:

  1. Use two-factor authentication for all of your accounts.
  2. Review your security measures regularly and update them as necessary.
  3. Educate your employees about cybersecurity best practices.
  4. Make sure your employees are following best practices at all times.
  5. Have a plan in place for if/when a data breach occurs.

By following these tips, you can help protect yourself from data breaches. However, even if you take all of these precautions, you may still be at risk. That’s why it’s important to have a data breach response plan in place so you know what to do if your company is ever targeted.

Final Thoughts

Data breaches, social engineering attacks, phishing attacks, and other cybersecurity threats are rising. As our dependence on technology grows, so does our vulnerability to these threats. Cybersecurity is a critical issue that must be addressed by businesses and individuals alike. As Uber attempts to recover from its recent breach, it is important to remember that no organization is immune to these threats.

Cybersecurity is everyone’s responsibility. Does your organization have a plan to protect itself from these threats? If not, now is the time to develop one.

Will Your Cybersecurity Insurance Claim Be Denied?

Cybersecurity Claim Denied

Cybersecurity Insurance: Will Your Claim Be Denied?

Key Points:

  • Cybersecurity insurance is an important tool to help protect businesses from the financial costs of a data breach. Still, it’s important to understand your policy’s limitations and ensure you have the right coverage.
  • Not every cyberattack will be covered by insurance; in some cases, claims may be denied.
  • It’s important to keep up-to-date with regulation changes, work with your insurance broker or provider to ensure you have the right coverage, and understand the terms of your policy.
  • Proactive risk management practices are also important, as is having a plan in place in case of a data breach.

If you believe that every cybersecurity insurance claim will be approved, you may be surprised to learn that many claims are denied. When your insurance provider reviews your claim, they will assess your due diligence in maintaining cybersecurity for your organization. Your claim may be denied if it is determined that you could have prevented the data breach or incident. While having cybersecurity insurance is a must-have for businesses, there is no guarantee that your claim will be approved.

Cybersecurity Claim Denied

Why Is It Important to Comply With Cybersecurity Insurance?

You likely agreed to certain terms and conditions when you signed your insurance policy. One of these was likely a duty to take reasonable care to protect your property from loss or damage. This means you must take reasonable steps to protect your business from a data breach or cyber attack. If you have not taken reasonable steps to protect your business, your insurance company may deny your claim. This is why it is so important to have strong cybersecurity measures and keep up with the latest cyber threats.

Why Are Some Cybersecurity Insurance Claims Denied?

As we mentioned, one of the reasons claims are denied is a failure to take reasonable steps to protect your business. However, there are other reasons claims may be denied as well. Some insurers will only cover certain types of cyberattacks or data breaches. For example, they may not cover phishing attacks or social engineering. Check with your insurer to see what is and is not covered under your policy.

There are several reasons why cybersecurity insurance claims are denied. Here are some of the most common:

You Did Not Have Adequate Cybersecurity Measures in Place

Your claim might be denied if you did not have adequate cybersecurity measures in place at the time of the data breach or incident. Your insurance provider will want to see that you took reasonable steps to protect your data and systems. This includes things like having a firewall, using strong passwords, and having up-to-date anti-virus software.

You Failed to Take Reasonable Steps to Prevent the Data Breach or Incident

Even if you had cybersecurity measures in place, your claim may still be denied if it is determined that you could have prevented the data breach or incident. For example, your claim may be denied if you failed to patch a known security vulnerability.

You Did Not Notify Your Insurance Provider Promptly

If you did not notify your insurance provider of the data breach or incident promptly, your claim might be denied. It is important to contact your insurer as soon as possible to begin the claims process.

Your Policy Has Exclusions

Some cybersecurity insurance policies have exclusions that may prevent your claim from being approved. For example, many policies exclude claims from certain cyberattacks, such as ransomware. Review your policy carefully to see if any exclusions could apply to your claim.

You Did Not Cooperate With the Investigation

Your claim might be denied if you did not cooperate with the insurance company’s investigation into the data breach or incident. The insurance company will want to interview you and review your records to determine what happened.

You Made Material Misrepresentations in Your Application

Your claim might be denied if you made material misrepresentations on your insurance application. For example, your claim may be denied if you failed to disclose a previous data breach or incident. Be sure to disclose all relevant information on your insurance application to avoid denying your claim.

The Incident Occurred Outside the Policy Period

Your claim might be denied if the incident occurred outside of the policy period. For example, if your policy has a one-year term and the incident occurred two years after the policy was purchased, your claim will be denied.

What Are the Impacts of a Cybersecurity Insurance Claim Denial?

If your cybersecurity insurance claim is denied, you may be left to pay for the damages out of pocket. This can be a significant financial burden, especially for small businesses. In addition, a denial can damage your reputation and leave you vulnerable to future attacks. If you are denied coverage, you can appeal the decision. Many insurance companies have an appeals process that you can follow.

Here are two real-life examples of companies that had their claims denied:

P.F. Chang’s China Bistro vs. Federal Ins. Co

Computer hackers stole nearly 60,000 credit and debit card numbers from P.F. Chang’s China Bistro restaurants in 2014. P.F. Chang’s had a cybersecurity insurance policy with Federal Insurance Company. Federal reimbursed Chang’s for nearly $1.7 million in costs under the policy, including conducting the investigation and legal fees. However, Bank of America Merchant Services(BAMS), Chang’s merchant services provider, imposed assessment fees totaling $1.9 million.

A federal district court ruled that Chang’s had no cyber protection company for the assessment fees. The court found that the insurance policy’s “Privacy Injury” coverage did not apply to the claim because the policy’s definition of “Privacy Injury” required the compromised confidential records at issue to be the claimants. In this case, the payment card information taken in the breach belonged to Chang’s customers and the card-issuing banks, not the acquiring bank that sought reimbursement.

The policy also did not include Payment Card Industry coverage, a coverage option for restaurants, retailers, and other businesses that handle debit or credit card information. Without this coverage, Chang’s was not insured for the amounts assessed by the card company.

Family and Children’s Services of Lanark, Leeds and Grenville vs. Co-operators

According to FCSLLG(a Canadian not-for-profit organization), an unidentified hacker accessed the organization’s website and stole sensitive information in 2016. The stolen data was later shared on multiple Facebook pages. As a result, a class proceeding was filed against FCSLLG, seeking damages of $75 million. FCSLLG filed a claim against the company it hired to revamp its website.

FCSLLG had two policies with Co-operators during the breach, but Co-operators denied coverage for both policies. Co-operators also denied coverage to the third party. The policy excluded any loss from the distribution or display of data utilizing an internet website.

These are only two examples of many companies that have had their cybersecurity insurance claims denied. As you can see, even with insurance, there is no guarantee that you will be covered in a cyberattack. It is important to carefully read your policy and ensure that you are aware of any exclusions.

How to Navigate Compliance for Cybersecurity Insurance

While it may seem daunting to keep up with all the different compliance regulations, there are a few key steps you can take to make it easier:

  1. Keep up-to-date with regulation changes. This can be done by signing up for newsletters or following industry news sources.
  2. Work with your insurance broker or provider to ensure you have the right coverage.
  3. Make sure you understand the terms and conditions of your policy.
  4. Be proactive in your risk management practices. This includes having strong security measures and being aware of the latest threats.
  5. Have a plan in place in case of a data breach. This should include who to contact and what steps to take.

Cybersecurity insurance is an important tool to help protect businesses from the financial costs of a data breach. However, it’s important to understand your policy’s limitations and ensure you have the right coverage in place. Cybersecurity insurance is not a cure-all, and it’s important to complement your policy with strong risk management practices.

iOS 16 Is Finally Here: What Should You Know?

ios16

iOS 16 Is Finally Here: What Should You Know?

Key Points

  • After months of anticipation, iOS 16 is finally here!
  • If you’re using an iPhone 8 or later, you can update to the newest version of iOS right now.
  • New features include Messages, Maps, and more improvements.

iPhone. One word. So many different meanings. For some, it’s a status symbol. For others, it’s a life-saving tool. For many, it’s a way to stay connected to the people and things we love. With that being said, there is always a sense of excitement when a new iOS update is released because it has the potential to improve the way we use our iPhones. Now that iOS 16 is here, let’s look at some new features and changes it brings.

ios16

Widgets Galore

One of the biggest changes in iOS 16 is the addition of widgets to the Home screen. With iOS 14, Apple introduced a new way to view and customize your widgets, but you still couldn’t put them on your Home screen alongside your apps. Now, with iOS 16, you can add widgets to your Home screen and stack them on top of each other. Plus, new Smart Stack widgets use on-device intelligence to surface the right widget at the right time based on your usage patterns.

Notifications Have Moved

Another change you’ll notice in iOS 16 is that notifications are no longer displayed at the top of the screen. Instead, they appear at the bottom. While many did not have a problem when notifications were displayed at the top, some people felt it was disruptive to have them in such a prominent position. With notifications being displayed at the bottom, you can still see your notifications, but they’re not right in your face. For those who prefer the old way, you can simply tap up on the notification stack to return it to its original position.

What’s New in Maps?

If you use Apple Maps, you’ll be happy to know that there are some new features in iOS 16. One of the most useful is multi-stop routing. This allows you to add multiple destinations to your route, and Maps will give you the best way to get there.

Live Text in Videos

Another new feature in iOS 16 is Live Text in Videos. This lets you select text from a video and perform actions like copying, looking it up, or sharing it. This is a handy feature if you come across an interesting quote in a video or want to share something you saw with a friend. Also, data detected in photos using Live Text can be used in other apps, so you can quickly find more information about something you see in a photo.

Focus Mode

With iOS 15, Apple introduced Focus mode, a new tool to help you stay on task and avoid distractions. With Focus mode, you can choose which apps and notifications can send notifications and alerts. iOS 16 builds on this feature by adding the ability to schedule Focus mode. So, if you know you need to focus on a task at a certain time, you can set Focus mode to turn on automatically.

PassKeys

Another new feature in iOS 16 is PassKeys. This new way to securely log in to apps and websites using Face ID or Touch ID. With PassKeys, you don’t have to remember multiple passwords or log in with a different account each time. Instead, you can use your Face ID or Touch ID to log in with a single tap.

Lock Screen Improvements

There are also some improvements to the Lock screen in iOS 16. One of the most welcome changes is the ability to customize your lock screen. Users can now add widgets to their lock screen, choose custom fonts, and apply their favorite filters. Another welcoming change is the addition of haptic feedback when you press the Home button or the Lock button. This provides a physical confirmation that you’ve pressed the button, which can be helpful if you’re not looking at the screen.

Messages Receive a Big Update

In addition to all of the new features and changes in iOS 16, there are many new features and changes to Messages. With iOS 16, you can now go back and edit your messages after you’ve sent them. Just tap and hold on to the message you want to edit and select the “Edit” option. You have 15 minutes to edit a message after you’ve sent it. After that, the message will be locked, and you won’t be able to edit it. Sometimes we don’t realize we’ve made a mistake in a message until after we’ve already sent it, so this is a welcome addition.

Another big change in Message is the addition of the Undo Send feature. This feature has been available in other messaging apps for a while, and it’s finally arrived in Messages. With Undo Send, you can recall a message after you’ve sent it. Just tap and hold on to the sent message and select the “Undo Send” option. While you are given 15 minutes to edit a message, you only have 2 minutes to recall a message after you’ve sent it. So if you realize you made a mistake right after sending a message and need to delete it, you should quickly recall it.

iOS 16 has already shaken up the iPhone operating system with its many new features and changes. Apple has also made some changes to how Siri works. With iOS 16, Siri is now more contextually aware and can provide more useful information.

Wrapping Up

The above are just a few of the many highlights of the latest iOS update. There are many more new features and changes in iOS 16.  So, if you haven’t already, update to iOS 16 and enjoy its new features! If you own an iPhone 8 or later, you can update your phone to the new software by going to Settings > General > Software Update and following the prompts. As always, be sure to back up your device before updating.

How Do Phishing Scams Work?

Phishing Scams

How Do Phishing Scams Work?

You may have heard of the term “phishing,” but you may not be completely aware. If you operate a business or even conduct any kind of transactions online – which represents the majority of people – you may be susceptible to a phishing attack. When executed correctly, a phishing attack can leave you or your business in major personal or financial trouble.

In this post, we’ll dive deeply into defining a phishing scam, understanding the common traits, and identifying the various types of scams. Finally, we’ll look at what you can do to prevent a phishing attempt from disrupting you or your organization.

Phishing Scams

What is a Phishing Scam?

A phishing scam starts with a hacker or malicious actor reaching out to you. These individuals are looking to access information that you hold. To gain access to this, they’ll attempt to contact you (usually by email, but it can also be via phone or text) with a message prompting you to click on a link.

These scams use social engineering tactics compelling you to comply (more on those below). Once you or someone within your organization clicks the link, it may then upload destructive malware or viruses to your device, system, or network. This malware then provides them access to your personally identifiable information (PII), financial information like credit card numbers, or other information you don’t want falling into the wrong hands.

How a Phishing Scam Works

As noted above, phishing scams use social engineering tactics to trick recipients into complying with a requested action. Hackers will pose as an institution the individual knows or trusts to gain their trust.

For example, let’s say you receive an email from your bank asking you to log in to your account due to a problem. At first glance, the email may appear legitimate as it contains your bank logo and a similar font. But have your bank ever contacted you in this way before? The answer is likely no, as banks don’t ask you for information like this over email.

Everything from the email address the hacker uses to the language they use in the email might appear legitimate. That’s why it’s important to examine them carefully and err on the side of caution.

The Common Traits of a Phishing Scam

Every phishing attempt looks different, but they tend to have some traits in common across attacks. For one, email phishing attacks prompt you to click a link within your email.

Additionally, many attacks attempt to create a false sense of urgency. They’ll say there’s an issue with your account or suspicious activity that you’ll need to log in to resolve. This is, of course, a ruse meant to create a feeling of panic in the recipient. The hackers are banking on you, reacting without thinking.

Other phishing scams mimic or recreate an email address for a friend or family member. Have you ever gotten an email from a family member that contained a link but didn’t look right? It was almost certainly a phishing attempt.

You may also get an email from what you believe to be a trusted source, like your employer or healthcare provider. If the email looks suspicious, it likely is. Your default stance should always be to follow up with the sender to confirm the email’s legitimacy.

It bears repeating: if anyone asks you for any type of sensitive information over an email, text, or phone, you’re probably on the receiving end of a phishing attempt.

The Different Types of Phishing Scams

While phishing attempts happen over email, similar attacks happen over phone or text. Email phishing scams involve you clicking on a bad link. The other types of scams have different tactics with the same desired outcome for the hacker.

In the case of phone attacks (also known as vishing), you’ll receive a call from someone asking you to relay personal information over the phone. You may even be prompted to dial a specific number. These attackers often spoof numbers from trusted institutions like your bank. They might tell you that a friend or family member needs assistance to increase your feeling of urgency. They can also ask you to verify personal information to authenticate your identity to them – when, in fact, they’re stealing the information themselves.

Another common phishing scam is attacks conducted over SMS text messages (also known as smishing). These operate similarly to email attacks. You’ll receive a text from someone or some institution you trust asking you to click on a link.

How to Respond to a Phishing Scam

The first step is to be aware that phishing scams exist. Knowing what they might look like helps you know what to watch out for. If you are part of an organization, create this culture of awareness with your team. By educating your staff on what to expect, you’ll be able to prevent them from impacting your business in the future.

But what happens when you do receive a phishing attempt? The most important action you can take is this: nothing at all. Don’t interact or engage with a phishing attempt. If it’s a text or email, don’t click the link. If you’re on the phone with someone attempting to scam you, don’t engage – simply hang up as soon as possible.

Phishing Scams are Growing Increasingly More Common

In summary, phishing scams tap into sophisticated social engineering techniques, using people’s fears to gain access to sensitive information. This information can then be used to defraud the person or organization financially or steal their identity. They can be carried out over email, phone, or text message. When you get a phishing attempt, the best action is no action. Don’t engage – just block and delete.

The sad reality of phishing scams is that they aren’t going away anytime soon. You can’t prevent them from happening. All you can do is maintain awareness and constant vigilance of an attack possibly occurring. Be wary of emails that look suspicious and even those that don’t – as phishing strategies become more complex, you’ll be more likely to fall prey to one. Exercise utmost caution when communicating with anyone over email, phone, or text.

Contact us today for more on how we can help your organization navigate phishing attempts or provide other managed IT services.

10 Best Practices for Working Remotely

Working Remotely

10 Best Practices for Working Remotely

Key Points:

  • Working remotely is not going anywhere and will become increasingly popular as time goes on.
  • It is important to know the potential security risks when working remotely and take steps to mitigate those risks.
  • Maintaining a secure remote working environment begins with the right tools and processes.

The way we work has changed dramatically in the last decade. With the advent of technology, there is no longer a need to be tethered to a physical office space to be productive. Instead, more and more people are finding that they can work remotely, either from home or in various locations. Working remotely has many advantages, including increased flexibility and freedom, but some challenges come with it.

Cybercriminals are always looking for new ways to exploit vulnerabilities, and remote workers can be an easy target. Maintaining a secure remote work environment is vital to protecting your company’s data and keeping your confidential information safe. Before maintaining a secure remote working environment, it is important to understand the potential risks.

Here are 5 of the most common security risks for remote workers:

1. Unsecured Networks

One of the most common risks for remote workers is using unsecured networks. When you connect to an unsecured network, you are giving hackers an easy way to access your data. To mitigate this risk, only connect to networks you trust and ensure your device is up-to-date with the latest security patches.

2. Malware and Phishing Attacks

Another common risk for remote workers is malware or phishing attacks. These attacks can happen when you click on a malicious link or attachment or visit an infected website.

To protect yourself from these attacks, be careful about the links and attachments you click on and only visit websites you trust. If you think you may have been infected, run a virus scan on your device as soon as possible.

3. Unencrypted Devices and Data

If your device is lost or stolen, it’s important to ensure your data is encrypted. Otherwise, anyone who gets their hands on your device can access your data.

4. Weak Passwords

One of the most common security risks is weak passwords. Hackers can easily guess weak passwords, so choosing strong, unique passwords for all your accounts is important.

To create strong passwords, use a mix of letters, numbers, and symbols. Avoid using easily guessed words like your name or birthdate. Never reuse passwords across different accounts.

5. Lack of Security Awareness

Even if you have all of the right security measures in place, they won’t do you good if you don’t know how to use them. That’s why it’s important to have security awareness training for all remote workers.

Working Remotely

10 Best Practices for Working Remotely

Now that you know about some of the most common security risks for remote workers let’s look at 10 best practices for maintaining a secure environment.

1. Keep Your Software Up to Date

It’s important to keep all of the software on your device up-to-date, including your operating system, web browser, and any applications you use. Software updates often include security patches that can help protect you from newly discovered threats.

2. Use Two-Factor Authentication

Two-factor authentication is an extra layer of security that requires you to confirm your identity with two different factors: your password and a code sent to your mobile phone.

3. Implement BYOD Policies

If your company allows employees to bring their own devices (BYOD), it’s important to have policies to secure them. Make sure employees understand the security risks and know how to protect their data.

4. Use a VPN

One of the best ways to protect your data when working remotely is to use a Virtual Private Network (VPN). A VPN encrypts your data and routes it through a secure tunnel, making it much more difficult for hackers to intercept.

5. Educate Your Employees

As we mentioned before, security awareness training is critical for all employees, especially those who work remotely. Employees should know how to identify security risks and what to do if they suspect their device has been compromised.

6. Migrate to the Cloud

There are many benefits to migrating to the cloud, including increased security. When you store data in the cloud, it’s stored on secure, regularly backed-up servers. You can still access your data from another device if your device is lost or stolen.

7. Use Security Tools

There are a variety of security tools available that can help you protect your data. Some common tools include firewalls, anti-virus software, and intrusion detection systems.

8. Monitor Your Network

If you have a remote network, it’s important to monitor it for suspicious activity. There are a variety of tools available that can help you do this, including network intrusion detection systems and log monitoring tools.

9. Restrict Access to Data

You should only give employees the access they need to do their jobs. For example, if employees don’t need access to certain sensitive data, they shouldn’t have it. This will help reduce the risk of data breaches.

10. Regularly Back Up Your Data

It’s important to regularly back up your data in case of a security breach. You can do this in various ways, including storing data in the cloud or on an external hard drive.

Wrapping Up

Digital transformation has changed how we work, and remote work is here to stay. Given the rise in remote work, it’s important to be aware of the security risks and take steps to protect your data. Remember, security risks can come from anywhere, not just external hackers. Disgruntled employees, for example, could wreak havoc on your company’s systems if they decided to take advantage of their access privileges. So it’s important to have policies and procedures to mitigate employee risks working remotely.

What Is Microsoft Purview?

Microsoft Purview

What Is Microsoft Purview? The Ultimate Guide to Data Governance

Key Points:

  • Microsoft Purview is a cloud-based data governance tool that helps organizations manage and govern their data.
  • Purview provides a central repository for data assets and role-based access control to manage who can see and use what data.
  • Purview can help organizations meet compliance requirements, such as GDPR and CCPA, by providing a way to track and manage data.

What Is Microsoft Purview?

Microsoft Purview is a cloud-based data governance tool that helps organizations manage and govern their data more effectively. It provides a central repository for storing and managing data and a set of tools for analyzing and reporting on that data. Purview also includes several features that make collaborating on data governance projects easier, such as workflow and approvals.

Microsoft Purview

Data Governance in Today’s Digital World

Data governance is a critical success factor in any digital transformation. The processes and policies ensure data is accurate, consistent, and compliant with regulations. With the proliferation of data, it is becoming increasingly difficult to manage and govern. There are different types of data that organizations have to deal with, including but not limited to financial data, customer data, employee data, and more

With over 90 percent of organizations using some form of cloud services, it can be challenging to keep track of all the data stored in the cloud. Additionally, many organizations use multiple cloud providers, which complicates things further. In addition to managing a multi-cloud strategy, businesses and organizations must keep up with the latest laws and regulations regarding data privacy and security.

Small, mid-size, and large organizations must comply with the ever-changing regulatory landscape, which can be challenging. Organizations have to ensure that they have a way to collect, process and store all of this data in a way that complies with the law. Organizations also have to be able to access this data when they need to, and they have to be able to protect it from unauthorized access.

Many regulatory requirements around data governance are changing, and organizations must adapt to these changes quickly or be subject to hefty fines. Businesses and organizations need a comprehensive data governance solution that will help them comply with the latest laws and regulations.

Managing Your Risks With Microsoft Purview

Microsoft Purview can help you manage risks by allowing you to see all of your data in one place. By identifying and addressing risks early, you can avoid potential problems later. Additionally, Purview can be used to create reports that show you how your data has changed over time. This can help you to identify trends and potential risks.

Purview can help you manage risk in several ways:

  • Helps you see all of your data in one place
  • Helps you understand who has access to your data and what level of access they have
  • Helps you create reports that show you how your data is being used

Risk management is an important part of any business, and Microsoft Purview can help you take control of your risk exposure.

What Does Microsoft Purview Do for Businesses and Organizations?

Microsoft Purview is a data catalog that helps you discover, understand, and govern your data. It provides a unified view of your data across all your data sources, so you can find the right data quickly and confidently. With Purview, you can do these things:

Discover What Data You Have, Where It’s Located, and How It’s Being Used

Purview helps you discover what data you have, where it’s located, and how it’s being used. You can use Purview to find the data you need and understand how it can be used to improve your business. Purview also provides you with a holistic view of your data to make better decisions about your business.

Governs Your Data to Ensure Compliance and Reduce Risk

Purview helps you govern your data to ensure compliance and reduce risk. You can use Purview to track and manage data to meet compliance requirements. Purview also allows you to control who can see and use your data. This helps you to keep your data safe and secure.

Automatically Classify Data

Purview automatically classifies data so that you can easily find the data you need. You can use Purview to classify data by customer, product, or even by time period.

Share Data With Others

Purview provides you with the ability to share data with others. You can use Purview to create groups and give access to specific data sets.

Integrate Data From Multiple Sources

Purview helps you integrate data from multiple sources. You can use Purview to connect to data sources and combine data from multiple sources into one central location. Additionally, Purview can be used to cleanse and transform data to be ready for analysis.

Understand the Meaning of Your Data

Purview provides you with the ability to understand the meaning of your data. You can use Purview to create models that analyze your data and provide insights into what it means. Additionally, Purview can monitor your data for changes and generate alerts when specific conditions are met.

Summing Up

Today, data is the most valuable asset for any company or organization. It helps businesses understand their customers, figure out what works and doesn’t, and make better decisions. However, its value depends on how quickly and easily it can be found and used. The more data a company has, the more difficult it becomes to find the most important data.

Microsoft Purview helps you gain the insight you need to make decisions about your business. It provides a unified view of all your data, including financial, operational, and customer data. With Purview, you can track performance, identify trends, and predict future business conditions. Purview is a powerful tool to help you run your business more effectively.