Consider the Importance of Forensics in your Ransomware Response Plan
It was during an incident response test with a client that this topic came up. The scenario was something like this: Ransomware infects several...
1 min read
The 1 Thing that is Getting Overlooked by Banks on Secure Email
Chris Bedel : Mar 14, 2016
Dan Hadaway, with Infotex, goes into great detail on the risks associated with misconfiguration of "secure" email in one of his recent blog posts. He even titled his article: "Alarming Recurring Finding", describing the number of banks that he has audited where this has been an issue.
The risk that Dan is talking about is when a bank, or anyone for that matter, purchases a secure messaging service, keeps the default settings, establishes new accounts for their users, and starts sending files.
Where the problems arise is when secure email providers don't require the recipient to authenticate (enter a username and password) to see the message/file by default. The bank is responsible for ensuring this setting is in place, and many are failing to do so (I've seen this with my own eyes as well).
So here's the litmus test: if your recipient does not have to log in to receive the secure email/files that you send, then it's not secure, and you need to take action to enable that requirement.
Read the Full Article on the Dan's Website...
Consider Cybersecurity in Succession Planning for the Board
Chris Bedel : Jul 15, 2016
Benjamin Franklin is quoted as saying “If you fail to plan, you are planning to fail.” And that old quote couldn’t be more applicable to bank board...
Hackers are Leveraging Previous Breach Data to Attack Banks
Chris Bedel : Mar 2, 2016
Ever wonder why social engineering attacks are on the rise?