Annual Cybersecurity Survey Reveals Challenges for 2016
2015 was a tough year for data breaches. Companies of all sizes and industries fell victim to hackers, costing billions of dollars and harming the reputations of many organizations. So what is in store for 2016? Will cybercriminals continue to find new ways to get onto networks or will enterprises be prepared to prevent damaging […]
Increased Risk of Foreign Cyber Attacks
In April, we alerted customers that hackers are planning to use zero day exploits to take over unpatched Windows XP machines and use them as botnets in coordinated DDOS attacks. This cyber attack alert discusses a new threat that is also related to Windows XP vulnerabilities. According to our sources, government agencies believe the current […]
Data Privacy Day 2016
Today, January 28th, is Data Privacy Day. Data Privacy Day (DPD) is part of the #PrivacyAware campaign, which reminds businesses of the importance of data security within their organization. As a DPD Champion, we’re working towards the common goal of improving consumer and business consciousness while also encouraging and empowering people to be more aware […]
Five Use Cases of Behavioral Analytics to Protect Customer Networks
Interest in user and entity behavioral analytics, or UEBA as recently coined by Gartner, has risen dramatically over the past 12 months. And it’s for valid reasons. Attackers are using more and more sophisticated approaches to bypass traditional defense mechanisms. Companies are constantly looking for enhanced solutions to protect their users and valuable assets, but […]
The Importance of Controls for MSSPs
Should Your MSSP be SOC 2 Compliant? SOC stands for Service Organization Controls and falls under the Statement on Standards for Attestation Engagements (SSAE) No. 16. SSAE 16 was issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) in 2010. SSAE 16 effectively replaces SAS 70 as the authoritative […]
Medical devices growing concern in healthcare IT security
Practically every hospital and healthcare institution invariably depend upon medical devices. These devices produce a sizable amount of data and despite the fact that very little of this data is retained for any longitudinal patient benefit, the data must be safeguarded per federal requirements. Proficio’s security engineers have worked with a number of healthcare IT […]
Cybersecurity Awareness Month: A 3-Step Plan to Being Cyber Secure
Cybersecurity Awareness Month: A 3-Step Plan to Being Cyber Secure Step 1: Train your employees to be security savvy Some of the most basic, “expected” tools in security are often those most overlooked. Your first step to defense from cyber criminals is your employees. Having a security training program in place and creating policies to […]
The Scary Truth About CyberSecurity
With just two months left in 2015, it is shocking to find that this year may be one of the scariest years as far as data breaches go. Recent reports show data breaches to be increasingly common. And as these threats become bigger and more harmful, the future looks spooky. The overall costs for cyber […]
Simple Cross-Device Correlation is No Longer Enough
In today’s demanding security environment, companies are more than ever challenged to identify serious threats before they lead to a data breach. Using a SIEM tool to correlate security events is a good start, but an effective defense requires a combination of both advanced cross-device correlation and alert prioritization. We wanted to provide you some examples of […]
Next Gen SIEM for the Rest of Us
SIEM systems were first created for large enterprises and government agencies that were frequent targets of advanced cyber attacks. Back then, smaller and lower-profile organizations were able to get by with basic security tools as they were seldom the target of hackers. The world has changed and today cyber attacks have become so widespread and […]
Using a SIEM to Detect Cryptolocker Attacks
As cybercriminals continue to use ransomware as a means for profit such as Cryptolocker and Cryptowall, organizations must develop detection capabilities around this threat. SIEM technology combined with threat intelligence can be effectively used to detect ransomware. We recommend you ask your MSSP or SIEM Administrator to create the following use cases: Antivirus Repeat Infection […]
They’ve Got Your Email – Email Security Solutions
Lost or stolen laptops and now smart phones with unencrypted data account for many of the cases of compliance violations. Often the confidential data is inside an email. We recommend using an email security solution, such as Proofpoint, with integrated Data Loss Prevention (DLP) and policy-based encryption capabilities to minimize the risk of disclosing protected […]