Posts

Core CISO Data BreachesHumans tend to move on to the next big thing quickly, and with rapidly changing security and regulatory environments, CISOs are no different. We all face new challenges daily, but as we focus on the latest priority in front of us, we must also remember to look back and revisit previous events to ensure we’re practicing hard lessons learned.

Thousands of hacks and data breaches have been reported this year, with victims ranging from public and private companies to local governments and school districts. However, several breaches stand out to me, and now that the dust has settled on them, I think they warrant a deeper dive to uncover what lessons can be gleaned from them.

In this post, I’ll share the story of three data breaches and highlight the salient details you need to know to protect your organization in this age of cybercrime.

Looking Back – Three Data Breaches

  1. The Okta Breach

Okta works with several partners to help manage its enterprise. Hackers targeted an employee of one of these partners, the Sitel Group, who had privileged access to provide customer service to Okta clients and data. That account was empowered to reset passwords and reset multifactor authentication.

The Sitel Group serves many more customers than Okta. To perform their jobs, support staff often need administrative privileges in their customer’s environment. The attack highlights the increased risk of outsourcing access to your organization’s internal environment.

  1. The Microsoft Breach

In March, Microsoft revealed that an employee account was compromised, which granted hackers “limited access” to Microsoft’s systems and allowed the theft of the company’s source code. Microsoft referenced the hackers’ use of “social engineering and identity-centric tactics” in a blog post detailing the breach. This attack illustrates why training employees about phishing and other social engineering tactics is so important.

  1. The Nvidia Breach

Nvidia, one of the world’s largest graphics processing unit (GPU) manufacturers, was breached in a cyberattack that resulted in the theft and release of over a terabyte of proprietary data and over 71,000 employee credentials. In a statement after the breach, an Nvidia spokesperson did not disclose how hackers were able to gain access, only referring to the attack as a “cybersecurity incident,” but a well-known hacking group quickly took credit for the attack.

What Do These Attacks Have in Common?

It is no coincidence that I am looking back at these three cyber events. The hacks were all claimed by a hacking group known as the Lapsus$ group. Lapsus$ claimed responsibility for the Okta breach, the Microsoft breach, and the breach of Nvidia, among others. It first made headlines in December 2021 when it conducted a ransomware attack against the Brazilian Ministry of Health, but its origins most likely can be traced back at least a couple of years. However, the most surprising piece of information is that the group is allegedly run by a group of teenagers.

Lessons to be Learned from Teenagers?

The tactics used by the Lapsus$ group are wholly unsophisticated but have still proven time and time again to be effective. The good news is that because their tactics are easily thwarted, organizations have plenty of opportunities to avoid getting hacked by following best practices.

Lapsus$ primarily relies on social engineering schemes to gain access to a target directly or seek access via an organization’s supply chain or service providers. The group claims that its goal is financial and has no political agenda; however, its chaotic approach is just as destructive in its pursuit of exploiting data.

The Lapsus$ group’s attacks are a reminder that even the most robust cyber defenses can be circumvented if attackers can exploit weak links in the chain. These weak links can be found in both the technical and human domains, but the likeliest way for hackers to gain access is via end-users. As a result, organizations need to be vigilant in educating employees about cyber threats and how to identify and avoid them.

Third-party risk management is also critical in protecting against the type of supply chain attack used against Okta. Companies need to vet their service providers and have security protocols in place to prevent attackers from exploiting these relationships to gain access to sensitive data.

Additionally, the Lapsus$ group’s attacks show that even small groups of relatively primitive attackers can cause much damage. This fact should be a reminder that organizations must be prepared for all threats, not just those from well-funded and well-developed cybercriminals.

It is important to remember that breaches can and will happen, whether perpetrated by Lapsus$ or other sources, and your company’s response can make all the difference in whether it will survive unscathed. The risk of lost revenue, fines and penalties, and reputational damage require that your company set and follow disaster response and recovery plans.

What Can You Do to Reduce Your Risk from Data Breaches?

Data BreachesThere are a variety of actions your firm can take to reduce your risk of being hacked, but here are a few key points to keep in mind:

  • Employ multifactor authentication.
  • Review all critical users’ access levels.
  • Perform due diligence for service providers and third-party vendors.
  • Conduct tabletop exercises to identify possible gaps in controls and training. For example, if an internal employee shared their credentials with an attacker, how could you tell?
  • Take care of your employees. Disgruntled employees are more susceptible to bribes.

Next Steps

Lapsus$’s attacks are a reminder that cyber defenses can be circumvented if attackers can exploit the weakest links in the chain. The best defense is to employ a multilayered cybersecurity solution that includes end-user training, comprehensive security policies and protocols, incident response planning, regular security audits, and more.

In today’s digital world, data is the new currency. And like any other type of currency, it needs to be protected from those who would exploit it. Unfortunately, the Lapsus$ group is just one example of the many cyber criminals out there looking to profit from the data of others.

Whether you work with an internal team or outsource your IT functions, employing robust cybersecurity solutions and regularly reviewing them against your risk profile is critical. Reach out to our security professionals for help evaluating your cybersecurity program to find gaps and areas that need improvement. Implementing security controls is not “set it and forget it” but must routinely be assessed to match the needs of your business and the external challenges of today’s cyber landscape.


JasonAbout Jason

Jason Martino is passionate about the intersection of security and compliance. He is responsible for Coretelligent’s internal cybersecurity programs, governance, risk, compliance activities, and educating staff and customers on an ever-evolving threat landscape.

Cybersecurity for Broker-Dealer Firms

Cybersecurity for Broker-Dealer FirmsAs a broker-dealer firm executive, you know that one of FINRA’s key mandates is to help prevent cyberattacks against its regulated firms. The Financial Industry Regulatory Authority, or FINRA, is, of course, a not-for-profit regulatory organization authorized by Congress to protect investors and ensure market integrity in the United States. This post will explore some of the most common cybersecurity threats faced by FINRA firms.

What are the Most Common Cybersecurity Threats for Broker-Dealer Firms?

Now more than ever, broker-dealer firms rely on their technology infrastructure the cyber landscape presents a regular number of security challenges requiring robust preparedness for brokerages and other financial services firms.

1. Imposter Websites

According to FINRA, member firms routinely report phony websites posing as FINRA members and using registered names and company data to establish fraudulent sites that market investment services and products. These sites attempt to steal both personal information and money by leading visitors to believe they are interacting with a bona fide business.

2. Customer And Firm Employee Account Takeovers (ATOs)

Email account takeovers can occur with both customer or firm personnel accounts and begin with a comprised email account. Cybercriminals can gain unauthorized access to email accounts through data breaches, phishing emails, or websites that trick users into clicking on malicious links allowing them to execute unauthorized transactions in financial accounts, firm systems, bank accounts, and credit cards.

One of the dangers of an ATO for an employee account includes criminals creating fake identities to establish accounts for automated clearing house (ACH) or wire fraud.

3. Malware and Ransomware

Malware is malicious software and can take many forms, including viruses, spyware, and ransomware. These malevolent programs can steal data, encrypt it, delete it, and even hold it for ransom by infiltrating and taking over computing operations. Phishing is one of the most common ways that malware is introduced. Ransomware is a type of malware that, when launched, can encrypt data and prevent access to networks until a ransom is paid to the attacker.

4. Data Breaches

A data breach is a security incident in which hackers gain unauthorized access to confidential data like financial records or personally identifiable information (PII). Data breaches can lead to financial losses, reputational damage, lawsuits, and fines and penalties.

What Can FINRA Firms do to Prepare?

Core Cybersecurity for Broker-Dealer FirmsEarlier this year, FINRA, along with the SEC, Homeland Security, and other agencies, alerted members to the increased likelihood of cyber attacks as part of the invasion of Ukraine with a Sheilds Up warning.

In a recent op-ed, written by Jen Easterly, the director of CISA, and Chris Inglis, the national cyber director, the pair consider when the Sheilds Up warning might be lifted:

When will we be able to put our shields down? In today’s complex, dynamic, and dangerous cyberthreat environment, the answer is that our shields will likely be up for the foreseeable future.

For broker-dealer firms, this means continuing to follow the guidance provided by FINRA as well as cybersecurity professionals with experience within the financial services sector. There are cybersecurity controls that can mitigate the risk of cyber attacks.

To learn more, download our Guide to Effective Cybersecurity Controls for Broker-Dealer Firms.

Additionally, our Cybersecurity Threats and Effective Controls for FINRA Firms Infographic provides a quick overview of the threats faced by FINRA firms, as well as the controls to implement to reduce the risks from those threats.

Combining Cybersecurity Controls and Expertise

Balancing business initiatives with security and technology can seem challenging, particularly for broker-dealer firms without an internal team of cybersecurity experts, but Coretelligent can help. We offer our expertise and robust cybersecurity solutions to solve the challenges of the highly regulated financial services industry. In addition, we have years of experience working with broker-dealer firms and other firms like hedge funds, venture capital, and family offices. As a result, we understand the pain points these firms face in the digital world and have the solutions—from compliance and cybersecurity to growth and business transformation—to solve them.

Life Sciences Industry Innovation is Where Business & Technology Intersect

Life Sciences Industry Innovation is Where Business & Technology IntersectThe life sciences industry is experiencing a period of rapid growth. Not only does the sector produce life-saving and life-enhancing treatments, but it is fueling investment across the globe. For example, 78 startups went public in 2020 in the biotech sphere, representing a 77% increase from the previous year. Additionally, the first half of 2021 saw already seen 62 biopharma companies progress to IPO status. With the increased demand for innovative drugs, medical devices, and other therapies in the wake of the ongoing COVID-19 pandemic and vaccine development, various trends within the industry (like changes to clinical trials), and increased levels of investment, 2022 is shaping up to be a big year for the sector.

Innovation is the driver of the current expansion within the life sciences market. However, the key to maximizing this ROI, or Return on Innovation, requires that business and technology synchronize. This imperative calls for a carefully planned IT roadmap that enables companies to achieve a competitive advantage and improve business outcomes throughout the development, startup, growth, and expansion stages.

To help executives better understand the timeline, Coretelligent has developed a chart outlining the technology and business needs of the life sciences ecosystem throughout their life cycle. Download our datasheet Innovation is Where Business & Technology Intersect outlining how to plan your company’s IT strategy as you move through funding phases.


To dive deeper, download our data sheet → Innovation is Where Business & Technology Intersect.


In an earlier post, we shared some of the IT challenges faced by early-stage life sciences organizations. With this post, let’s take a deeper look at later-stage companies and what their IT strategy should be focused on as they scale.

What are the main IT priorities of life science firms as they move into their growth and expansion stages?

 

→ Employ technology for data management

As biotech, biopharma, and other life science enterprises grow, managing data increases in scale and complexity. As a result, cloud-based solutions and SaaS applications must align to ensure that enterprise data is available, usable, consistent, reliable, and secure. Employing the right technology solutions, including cloud-based services, backup and recovery, and others that store, manage, and protect data are critical at this stage.

→ Leverage technology to drive innovation

Not only has innovation come to the life sciences space, but it’s also bringing emerging technological trends with it. Advances in Artificial Intelligence (AI), Robotic Process Automation (RBA), Machine Learning (ML), Cloud/Big Data, and other developing technologies are evolving as disrupters to the sector. Successful life science companies will envision how to capitalize on these tools.

→ Optimize technology to grow operations

Even as innovative technology trends shift the landscape, IT becomes more integral to the core business operations as companies scale. While some may be using a managed IT model, most companies likely employ co-managed solutions during the later stages. A co-managed service provider empowers internal IT staff to drive technology delivery at scale and focus on strategic priorities. A technology partner can lighten the load by fulfilling tech support, plug critical skill gaps, and complement in-house capabilities with specialized technology services.

→ Utilize technology to ensure security and compliance

As a life science firm grows, compliance requirements increase in size and scope. At the same time, these companies have become more attractive targets for cybercriminals. As a result, life science firms must prioritize implementing robust cybersecurity tools and compliance processes to keep pace with evolving regulations while protecting sensitive data from bad actors.


Related Content → GxP and FDA 21 CFR Part 11 Compliance with Egnyte for Life Sciences.


Developing IT Growth Strategy for the Life Sciences Industry

The life sciences industry is booming, and the future looks even brighter. But the key to success involves more than just innovation—effective growth also depends on how well your life sciences company can leverage IT capabilities throughout your life cycle. In building out an effective IT strategy for startups, begin by understanding where your organization stands today, followed by preparing for those IT areas that will require digital transformation. Furthermore, leveraging new technologies like AI, RPA, ML, and Big Data, can help accelerate your progress and open up new opportunities in the journey towards achieving your goals.

To sum up, you need to understand what’s possible before embarking on any journey. By taking stock of current practices, planning ahead, prioritizing initiatives based on pain points, incorporating new technologies, and teaming up with a technology partner, you’ll be well-positioned to meet future growth. Coretelligent is an industry leader with extensive experience in the life sciences sector. To learn more about how Coretelligent can help your company successfully scale so that growth doesn’t stifle innovation, talk to one of our technology experts today.

Proactive cybersecurity support

Proactive cybersecurity solutionsImproving the operation of your business often starts with consolidation: creating a more cohesive structure that eliminates redundancy and slashes inefficiencies throughout the organization. Business leaders have been focused in this direction for generations, often looking for the smallest advantages that will allow them to outpace the competition. With the renewed focus on cybersecurity, it’s not unusual for businesses to focus more on protecting the security of their organization than attempting to improve operational excellence. What you may not realize is that some of the same initiatives that will help smooth operational hurdles can also provide added levels of cybersecurity. What can be difficult is finding the spaces where you can bring these goals into alignment and create a comprehensive strategy that addresses the holistic needs of the organization and provide proactive cybersecurity support.

Shifting Cybersecurity From a Defensive Strategy

As hackers continue to expand their reach throughout the business community, technology leaders often double-down on the defensive postures that can help guard against the immediate threats of ransomware, phishing emails and direct data breaches. While these are important steps, it’s also important that you create a more active role for cybersecurity within the organization. Consider the cybersecurity and data security compliance requirements as enablers of innovation that will help the business move forward, instead of restrictive policies that are being forced upon the organization. This mental shift offers a broader scope that can become a platform for evolutionary change within the business.

Proactive Cybersecurity Support as a Competitive Advantage

The same work that you’re doing to build your cybersecurity posture and disaster recovery strategies provides your business with an opportunity to review business processes that have been part of institutional knowledge for years and challenge the status quo. Businesses often find that there are high-level items that can quickly be resolved, as well as finding deeper growth options that will reduce work blockages and help you maintain a greater velocity for your business. Business leaders may find that situations that have been causing inefficiencies can be overcome if the changes are in alignment with best practices for cybersecurity and business continuity. In this way, focusing on cybersecurity actually becomes a competitive advantage for your business, tightening operations and removing inconsistencies. While it is easy to see how these strategies could enhance the operations of the organization, getting started or even scoping the breadth of the necessary changes can be overwhelming. This is one of the reasons that businesses are shifting to a co-managed IT services model that allows internal teams to focus on the future while the day-to-day operations and Help Desk support are managed through a network of trusted providers.

Protect your business from operational slowdowns when you explore the Co-Managed IT Services from Coretelligent. This approach allows us to empower your internal technology teams to drive innovation at scale while relying on Coretelligent to provide the best-in-class cybersecurity and infrastructure solutions that your business needs. Our team has expertise providing trusted technical support, in-depth strategies, planning and more to a range of businesses from life sciences and financial services to manufacturers.

Outsourced IT Solutions

Outsourced IT SolutionsEven with all of the available technology solutions, one of the biggest challenges you will continue to hear from technical teams is lack of time. Everything from upgrading current platforms to researching new solutions requires dedicated focus, and the ability to shut out all by-the-minute frustrations and do the work required to move your organization into the future. It’s not surprising to find that many business professionals feel as though they are being shut down by IT teams and attempt to “go rogue” — something that would be less likely to happen if IT teams are able to meet their needs more quickly. Outsourced IT solutions is a cost-effective and practical way to solve these challenges.

As the cost of cybercrime around the world rises into the trillions and companies look to IT for differentiation, it’s clear that something in the traditional business model that includes standalone internal IT teams simply must change. Working with a trusted and reliable outsourced IT provider offers a way for internal teams to retain control of their solutions while offering ways to expand the reach of technology to support new and unique business models.

  1. Help Team Members Focus on What Matters the Most

Time and resources are always a constraint for businesses, so how do you choose where to focus your efforts and attention? Technology is ever-changing, and it can be extremely difficult for small teams to find the time to keep new projects moving forward and support a complex IT infrastructure. When you work with an outsourced IT services provider, your internal teams suddenly gain hours each day — time that isn’t spent tracking down passwords, freeing up storage solutions, administering software and more. This helps boost the focus for your over-leveraged technical teams, allowing productivity to skyrocket on these critical innovations your business requires.

  1. Gain Access to Enterprise-Scale Solutions

It’s easy to envy enterprises with their near-unlimited resources, extensive IT budgets and expansive technology teams. Fortunately, IT managed services providers are able to provide you many of the same resources used by these larger companies without the upfront investment or ongoing costs that are usually required. Since an outsourced IT company works with many different clients, they can often afford to provide you with enterprise-scale solutions for network infrastructure, VoIP calls, data storage and cybersecurity. Plus, you’re not tasking internal teams with learning yet another software platform — instead, you are relying on a trusted partner to administer these solutions using ever-changing industry best practices.

  1. Enhance Your Cybersecurity Profile

Government technology leaders agree: cybersecurity is on the rise and your company has never been at greater risk. Companies of all sizes are vulnerable to these rising attacks, 2021 saw a year over year 17% increase in reported attacks . Without a robust and multi-layered approach to security, you are putting your company in a dangerous situation. Remediation after an attack is extremely costly, with companies citing losses of millions of dollars per data breach for remediation, customer notifications, lost revenue and more. Having access to the enterprise-scale tools and information you need to maintain business operations is a mission-critical endeavor for organizations — particularly those in the life sciences, financial services or other high-touch, fast-moving businesses.

  1. Empower Business Teams with Rapid Problem Resolution

When your business teams are confident that their problems can be quickly resolved, they are able to reduce their stress levels and the time spent on stressing over any technical issues. Having the least amount of uncertainty in your business processes can cause teams to fall into a low period in terms of activity, particularly in complex projects with many moving parts. Outsourcing your IT help desk support provides the peace of mind your teams need to know that any reported problems can be quickly resolved — allowing teams to maintain their forward momentum on important projects.

  1. Improve Your Customer Experience

Are your customers citing issues such as slow response times to customer service inquiries, the latency on your websites or other problems that can be tied back to your network operations or data storage solutions? Having a single point of contact for your IT infrastructure and help desk solutions helps aggregate these issues and allow them to bubble up for quick remediation. Your customers will appreciate the ability to rapidly access their information and your services, and reward your company with additional revenue and improved reviews. Customers are unwilling to wait for information or service answers for more than a few minutes. Don’t frustrate your clients and your staff with slow-moving networks that don’t offer the optimal experience.

Pulling together all of the various aspects of your IT solutions often requires working with several different service providers, but that’s not the case when you partner with Coretelligent. Our deep experience in a wide range of industries allows us to leverage cross-functional knowledge to provide the smooth and exceptional IT support that your company deserves.

Multifactor Authentication

Multifactor Authentication

Multifactor authentication (MFA) is a security technology that requires multiple methods of authentication from distinct categories of credentials to verify a user’s identity. It is a crucial component of a robust multilayered cybersecurity posture to help mitigate the risk of a cyber-attack. It is also considered a best practice for organizations of all sizes and across all sectors to meet compliance standards—especially in highly-regulated sectors like financial services and life sciences.

Multifactor Authentication Explained

The multifactor authentication method should be familiar to all readers at this point. Companies from Apple and Google to Facebook and Amazon utilize (or require) multifactor authentication to reduce risk. Many more will follow in their footsteps as the threat landscape intensifies from cyber-attacks and data breaches and as regulatory agencies require the process.

When MFA is implemented, systems require users to present a combination of two or more qualifications to verify their identity for login. The first authentication consists of a password, which is all that’s required with single-factor authentication. The second verification can vary but often involves asking for a code sent via text or email to a device or account that has previously been verified.

MFA increases security because even if one credential becomes compromised, unauthorized users will not be able to meet the second authentication requirement and will not be able to access the device, network, or database. MFA prevents the unauthorized access of data—including personally identifiable information, intellectual property, and financial assets—by a third party who may have discovered a single password through illegal channels or via a phishing attack.

Multifactor authentication is an element of identity and access management, which consists of policies and practices designed to manage access to enterprise resources and keep systems and data secure. Additionally, Privileged Access Management (PAM) is a subset of IAM that allows for an even more granular distinction between users and access to more sensitive data.

Two-Factor vs. Multifactor vs. Adaptive Multifactor

Two-factor authentication (2FA) is the simplest and most common form of multifactor authentication. With 2FA, users must supply two distinct proofs of identity for access. In nearly every case, two-factor authentication is a massive improvement over single-factor.

On the other hand, two-factor authentication might not be flexible or robust enough for certain situations and specific industries. With MFA, more than two factors are required for authentication, enabling more variables and security. To elaborate, MFA can grant degrees of access across a broad spectrum of possibilities depending on various data points and multiple factors obtained from the login.

Adaptive Multifactor Authentication is yet another certification tool that uses contextual information and business rules to determine which authentication factors to apply to a particular user, at a certain time, and in a specific situation. It combines user authentication with AI and is an effective tool for balancing security requirements and the user experience. Adaptive MFA also makes access decisions based on data, such as: consecutive login failures, geo-location, geo-velocity (or the physical distance between consecutive login attempts), device type, time of day, and 3rd party intelligence data.

MFA and Multilayered Cybersecurity

While MFA can help strengthen your security, it is still best employed as part of a multilayered cybersecurity program based on a defense-in-depth strategy. Defense-in-depth is a cybersecurity model that employs continuous multilayered security for real-time, holistic protection. The reality of today’s cyber threats is that no one cybersecurity practice is enough to protect on its own. Instead, overlapping layers of cybersecurity protections are recommended. A layered defense helps security organizations reduce vulnerabilities, contain threats, and mitigate risk.

It is also important to note that it is still critical to practice good cyber hygiene, even with MFA. Organizations should set password management policies and educate end-users about best practices. Such policies should include requirements for unique passwords and review the frequency of password rotation, among others.

Which is Right for Your Organization?

The answer to this question depends on the specific needs of your business. However, in general, as the threats faced by organizations have become more sophisticated, it has become clear that single-factor authentication is no longer enough to protect data and systems.

Organizations must implement additional layers of security, and MFA is an essential part of that process. Therefore, when selecting an MFA solution, it is important to consider your firm’s needs and choose a solution that will be easy to use and manage by both your IT team and your end-users.

Reach out to our security experts for help in determining which is the right solution for your business and security needs. We can help you assess your risk exposure, determine any compliance requirements for your sector, and evaluate the ease of deployment and implementation necessary, along with other factors.


About Chris

As Chief Technology Officer at Coretelligent, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Click here to learn more about Chris.

Core CISO Risk Management

Core CISO Risk ManagementThis is the debut post from Coretelligent’s Chief Information Security Officer (CISO), Jason Martino. Jason will be regularly sharing his thoughts about information security on the Coretelligent blog.

With the shift towards security as a business priority, the role of the Chief Information Security Officer (CISO) has expanded and gained prominence within corporate structures. CISOs have long been the subject matter experts on cybersecurity best practices, but as the threat landscape has changed, so too has the position in the ongoing effort to protect company assets and manage risk management.

As the CISO of Coretelligent, I am responsible for our internal cybersecurity and compliance programs. I function as a conduit between IT and business and weigh in on IT and non-IT decisions, ranging from access control reviews and vendor selection to mergers and acquisitions. I also educate staff and customers on their roles in this increasingly dangerous threat environment.

At Coretelligent, we understand the risk of an inadequate security posture. Our C-suite appreciates and values the expertise of its information security professionals in evaluating and mitigating risks and connecting them to business objectives. Unfortunately, in my experience, I have seen too many businesses that do not give their security team a seat at the table. From my perspective, those businesses are still thinking of IT security as a cost center and not a revenue center. This approach is out of step with today’s reality of protecting assets in addition to a company’s reputation and brand.

To persuade any executives who need convincing, here are three takeaways that every CISO wishes their executives would better understand about information security and its role within risk management.

3 Things Your CISO Wants You to Know About Cybersecurity and Risk Management

 

1. Cybersecurity is About Risk Management and Not the Sole Responsibility of IT

Treat cyber risks as a risk-management issue and not solely as an IT function. Facing increased cyber threats, companies must address cyber risk in a business context or face dire consequences, including lost revenue, loss of critical data, reputational damage, compliance fines and penalties, and even the complete failure of the business. Therefore, risk needs to be identified and reduced to an acceptable level as guided by the company’s risk tolerance.

Companies must seek out and mitigate cyber risk on many levels and integrate cyber risk management throughout the organization. Unfortunately, when some executives think about information security, they mistakenly consider it a function of the IT team. But information security and information technology require different skillsets and involve entirely different responsibilities.

2. Prioritize and Practice Policy

Given the opportunity to assess hundreds of companies’ policies, I’ve realized that most companies treat policy as a checkbox activity. However, policy is more powerful than you realize.

Essentially cybersecurity is everyone’s responsibility, but executive buy-in is critical in successfully implementing an effective strategy. Executive buy-in is the crucial first step in aligning business objectives to policy and eventually to practice.

Second, creating policy shapes behavior to manage obligations and mitigate risks. Policies explain requirements for specific processes and the responsible parties involved. Keep content at a high level to avoid overloading policies with best practices, procedures, and other details that will overwhelm non-experts. Policies should be clear and achievable, setting the tone for behavior and expectations.

3. Focus on the Basics

If my inbox is any indication, there is an endless amount of vendors that claim their product or service will make your business more secure. While that may be true in some cases, it is critical to start with a good foundation. Just like you cannot decide to learn a language and become fluent overnight, focus on the fundamentals when mitigating risk. Advanced security products, services, and techniques will not be effective if you do not first build a solid foundation.

Asset management is the beginning of any security journey. To that end, create an inventory of your organization’s IT infrastructure and data and repeat this process continuously. You cannot protect an asset or confidential data if you do not know it exists. This process will allow you to understand your risk exposure. Additionally, an inventory is necessary for knowing where, when, and how to implement security patching versus functional patching.

Not all data is created equal. A one-size-fits-all approach to data protection just does not work in today’s data-driven business landscape. To that end, a tiered approach to protecting data may be more effective than blanket coverage. For example, consider who needs access, data storage and recovery costs, compliance requirements, and other parameters in determining your organization’s strategy. However, it is imperative that you identify and protect the crown jewels—the data assets that generate the most value for your company—and develop a plan that provides the best coverage for those assets.

Once you have a clear outline of your assets, the next step is to perform a risk assessment. Just as all data is not created equal, not all risks are equivalent. This exercise will enable your organization to identify and prepare for the most critical threats.

A critical component of any risk assessment involves identifying threats and vulnerabilities to IT assets. This step connects your inventory to the associated risks and allows your organization to develop a roadmap to mitigate those risks. A useful tool in completing this task is a risk heat map. A risk heat map is a data visualization tool that can help identify, prioritize, and communicate your risk exposure. In addition, it can highlight where best to allocate resources to mitigate risk.

Mitigating Risk Management

I have no doubt that there is more that your organization’s CISO would like to share with you. So, reach out to them and to our experts here at Coretelligent to learn more about protecting your business and mitigating your risk.


JasonAbout Jason

Jason Martino is passionate about the intersection of security and compliance. He is responsible for Coretelligent’s internal cybersecurity programs, governance, risk, compliance activities, and educating staff and customers on an ever-evolving threat landscape.

life science cybersecurity

As the life sciences industry evolves, so do the cybersecurity threats it faces. Cybercrime has risen dramatically in recent years, and life science organizations are increasingly the target of these cyber threats. Access to personal information and sensitive, proprietary business information make the life science industry an attractive option for cybercriminals.

However, being aware of critical vulnerabilities can help keep your organization a step ahead of those looking to exploit them. Below are some of the most common vulnerabilities facing the life sciences industry today.

Keeping Pace with Growth:

Life sciences organizations often undergo rapid growth as they transition from the investigational stage to market launch. As the company grows, so do opportunities for cyber threats that target employees due to the increased staff size needed to meet the growing company’s needs. A critical vulnerability comes when companies are unprepared to scale up their cybersecurity, compliance, and IT plans to match their growth. Establishing an IT roadmap can help minimize vulnerabilities associated with rapid growth.

Maintaining Compliance:

The high level of regulation in the life science industry can make maintaining compliance difficult. There are compliance rules and regulations on storing the organization’s data and the secure transference of said data to outside entities if needed. However, in many cases, simply maintaining compliance isn’t enough, as the regulations are frequently evolving to further protect personal data, preserve patient safety, and maintain a considerable level of transparency. Due to this evolution, life sciences organizations must be ready to pivot quickly to maintain overall compliance.

Protecting Intellectual Property:

Intellectual property (IP) is invaluable to a life science organization. A cybersecurity breach that leads to the theft of IP can be detrimental to the organization’s market value and competitive stance. Reliance on external contractors and partners, who often have access to sensitive networks that house intellectual property, poses a significant potential vulnerability—especially for smaller partner organizations that may not have robust cybersecurity defenses and processes.

Business Continuity:

Events of recent years have served as a wake-up call for organizations in life sciences to re-evaluate business continuity plans. Is your organization prepared for the next major catastrophe it will face? Risks are particularly acute for the life sciences industries due to the nature of the data housed within them. Being caught unaware or unprepared can expose vulnerabilities that cybercriminals can take advantage of. While it isn’t always possible to anticipate future events that could threaten normal business functions, it is possible to create a plan preemptively to minimize the impact of these events and continue serving customers.

With a solid background in supporting life science organizations at all stages of growth, the experts at Coretelligent have the knowledge and experience required to address any needs you may have. Our team of technical and business professionals will support each stage of your journey from inception to IPO, ensuring that you have the solutions and support needed to fuel your growth. Contact us today at 855-841-5888 or fill out our online form.

 

Cybersecurity Tips

Cybersecurity TipsCybersecurity Awareness Month, now in its 18th year, aims to raise awareness about the importance of cybersecurity in both our professional and personal lives.

Held every October, Cyber Month is a collaborative effort between government and industry to ensure that individuals, organizations, and businesses have the cybersecurity tips and resources they need to be safe and secure online.

Every year, led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), Cybersecurity Awareness Month sends a clear message about security and the importance of partnership between government and industry, from the White House to individuals.

Doing our part to help raise awareness, Coretelligent will be sharing information and resources to help keep your business safe from cybersecurity threats.

To kick things off, we have put together a list of cybersecurity tips as a quick introduction to persuade your team to assess your firm’s current security readiness from a cyber attack. Stay tuned throughout October for more cybersecurity tips and resources.

Cybersecurity Tips for Good Corporate Cyber Hygiene

  1. Double (or triple) up on login protection.

    Enable multi-factor authentication (MFA) across your organization for all accounts and devices to ensure that only authorized users gain access to your secure data. CISA’s Multi-Factor Authentication (MFA) How-to-Guide is a good resource for more information.

  2. Shake up your password protocol.

    According to the NIST guidance, users should consider using the longest password or passphrase permissible. Encourage end-users to switch up passwords across applications, accounts, and websites. Using unique, strong passwords can make it more difficult for cybercriminals to gain access and protect your organization in the event of a breach.

    A password manager and online password generator can be employed to generate and for remembering different, complex passwords. Another solution is to employ SSO to control passwords centrally and avoid user password sprawl across various platforms, which can lead to poor password choices, reuse, and insecure safekeeping.

  3. If you connect, you must protect.

    Whether it’s a laptop, smartphone, or another networked device, the best defense against viruses and malware attacks is to perform updates on a regular basis to verify that the latest software updates get applied to your software, browser, and operating systems.

    A plan that includes the automatic security update is a critical layer of security and part of a multi-layered defense strategy.

  4. Don’t get hooked.

    Cybercriminals use phishing tactics, hoping to fool their victims. So if you’re unsure who an email is from—even if the details appear accurate— or if the email looks phishy, do not respond and do not click on any attachments or suspicious links in emails.

    Instead, report the phishing attempt to help your IT team and email provider block other suspicious fake emails before they arrive in your inbox. In addition, the use of random phishing simulations are a valuable exercise to help end-users spot phishing attempts.

  5. Beware of social engineering traps.

    Many people don’t realize that much of the posts seen on social media asking for seemingly random details are created by criminal networks. They use these posts to gather data that can be mined for potential passwords and other secure information.

    For example, posts like, “What car do you wish you still had?” or “Tag your childhood best friend” can be used to help criminals work out the answers to your security questions.

    Not only can these tactics impact personal data, but are used to target employees in order to gain access to corporate networks. Read CISA’s Social Media Cybersecurity Tip Sheet for more information about good social media and cybersecurity practices.

  6. Don’t forget about mobile.

    Most connected Internet of Things devices are supported by mobile applications. Mobile devices are often filled with suspicious apps running in the background, or using default permissions users never realized they approved, that are gathering personal information and login credentials without user being aware.

    A robust cybersecurity posture should include a plan for protecting data from employees using compromised mobile devices to access to corporate networks.

  7. Stay protected while connected.

    Utilizing Virtual Private Network (VPN) for employees remotely connecting is the best way to protect networks. A VPN creates a secure connection that encrypts information so that it’s hidden as it travels. This connection makes it harder for attackers to see and access data.

    VPNs are essential when accessing sensitive data like personally identifiable information (like social security numbers) or protected health information, especially when using public wi-fi networks. In today’s hybrid workplace, VPNs are a must to protect against suspicious activity.

From a phishing attack to a ransomware attack, cyber threats are constantly evolving. If you are unsure whether your firm employs good cybersecurity hygiene practices or not, then it may be time for a security check-up.

Remember, cybercriminals will use any security vulnerabilities they can find to gain access and steal data. You can start with these cybersecurity tips and move on to using our free Cybersecurity Checklist to review your security measures.

Coretelligent is here to help with advice from our cybersecurity experts. Protect your business and learn more about our enhanced managed cybersecurity services designed specifically for small-to-mid-sized companies. Reduce your risk from security incidents – contact us today for help responding to your cybersecurity gaps.

Financial services institutions have long been a top target for cyber threats. Access to a large amount of sensitive and confidential information makes the financial sector a target-rich environment for cyberattacks. In addition to mitigating cybersecurity threats, financial firms must also prioritize maintaining and strengthening compliance. These balance of these two priorities presents a unique set of challenges for companies in financial services.

With the inherent diversity of the financial services sector and the shifting cybersecurity and compliance landscape, identifying a one-size-fits-all set of vulnerabilities for all financial services institutions is impossible. However, there are common vulnerabilities to be aware of.

  • Reactively Evaluating Current Cybersecurity Posture:

    Institutions cannot address cybersecurity and compliance vulnerabilities of which they are unaware. Moreover, leaving these vulnerabilities unaddressed can have costly consequences. If unaddressed until an incident occurs, institutions have no choice but to utilize a reactive approach that can leave the business facing outages and shaken customer confidence. Instead, financial service firms should consider taking a proactive approach. By utilizing Coretelligent’s Cybersecurity Evaluation Checklist designed for financial services as a jumping-off point, financial service firms can do an initial assessment of existing vulnerabilities to discuss with a managed service provider (MSP).

  • Ransomware Attacks:

    As the world continues to become more digitally integrated, opportunities for ransomware attacks grow exponentially. In a ransomware attack, attackers use malware to gain access to your organization’s systems or data and hold that data until a ransom is paid by the organization. The results of these attacks are devastating. In addition to the price of the ransom, there are legal fees and other costs associated with damage control, as well as potential loss of data.

  • Access Vulnerability:

    Flaws in various levels of access to information can leave sensitive data exposed and vulnerable for attackers. Cybersecurity integration is key across all divisions and at all levels of access in an organization. Cybercriminals will seek to exploit any weaknesses identified at any level, regardless of the internal structure of the business.

  • Managing Compliance:

    The evolution of information technology has increased the compliance burden on the financial services industry. Financial service organizations are amongst the most regulated business segments in the U.S. However, simply maintaining compliance may no longer be enough. Instead, actively managing compliance risk and strengthening compliance overall is key in earning customer confidence and avoiding costly penalties.

  • Business Continuity:

    What comes next if the worst happens and a cyberattack hits your company? Is your data backed up safely? How quickly would you be able to restore access to users? A proactive and dynamic backup and disaster recovery solution is critical for preventing business interruption and loss of essential data, which could trigger a compliance violation. Off-the-shelf, onsite backup solutions often do not provide the level of performance required to meet the needs of financial and investment organizations. It is vital to establish a solution before an outage to ensure timely recovery and minimize interruption time for clients.

Addressing security and compliance vulnerabilities may seem challenging, but Coretelligent can help. Working with Coretelligent means working with an IT partner who understands both the security and compliance needs of the financial services sector. Contact us today at 855-841-5888 or fill out our online form.