Infinite Group Inc.

Posts Taged security-measures

Containment is Key After a Cyber Breach

I came across this Interesting article in GCN which speaks to cyber breaches and the ability to contain the breach. As this author indicates, a major provider of firewalls announced a critical vulnerability with its appliance. It points to continued vigilance around vulnerabilityGCN white management and the need to have a process in place to manage these effectively.

This also highlights that root cause at the OEM level must be taken into account when managing your security platform. While this can be remediated through available patches, it demonstrates that just because the OEM is responsible for addressing problems in their products, they aren’t always quick to identify them. Ultimately, this could lead to complete compromise, which may open a Pandora’s box in authentication control.

The underlying point here is that many organizations may have varied plans in place to ensure they are maintaining security. We could debate whether appropriate measures are being used however, what is becoming clear is that strategies for mitigating loss in a post-breach scenario are not being actively discussed.

Management must look at breaches not as a possibility but a likelihood. As such, mitigation plans must be developed to contain your exposure, remediate, and begin to get back on-line and in business. Just as hackers get creative in breaching security systems, we as protectors must get creative in design, management and mitigation.

Andrew Hsecurity1oyen is a Chief Administrative Officer at IGI which is a firm specializing in products and solutions for cybersecurity and vulnerability management.

 

Continue Reading

Assessing Cybersecurity is a Necessity for Small Businesses

The threat of hackers and cyber-criminals is very real, not only for large companies but also for small businesses as well.  That means that business owners must accept that a strong cyber-defense system is a must in the modern business world. It is worth noting, while an internal plan may work, external resources particularly those of experts in the field can greatly improve your security measures.

There is an interesting article in Forbes magazine that speaks to this from the small business point of view – How Small Businesses Can Improve Their CybersecurityForbes

This quote says it all. Small businesses are just as vulnerable, if not more so, than business with large IT budgets. There are cost effective ways for SMB’s to pay attention to their Network Security at reasonable prices. A well thought out and well-rounded comprehensive Cybersecurity posture no longer has to be viewed as something only the “big guys do”.  Rather it is an essential aspect in doing business especially in cyberspace.

– James Villa, President and CEO of IGI

Continue Reading
TechNewsWorld

Assessing Medical Device Security Needs to be a Priority

The U.S. Food and Drug Administration (FDA) recently announced some proposed guidelines for managing cybersecurity in medical devices.  This is certainly interesting particularly as it relates to the Internet of Things (IoT).  This is highlighted in an article in TechNewsWorld – FDA Guidelines Target IoT Medical Device Security.  TechNewsWorld

However, as we all know and as the article states the operating systems and the applications that run on top of these devices are fraught with security issues. Identifying vulnerabilities is one thing, getting the OEM’s to address the issues by providing timely patches and re-configuration recommendations is another matter altogether.

We certainly need more than guidelines for medical product security.  There needs to be laws passed to enforce vigilant assessments and remediation for security flaws in these products. We must not forget that there are living, breathing patients hooked up to these lifesaving medical devices. A hacker exploiting a flaw that causes a device to fail could potentially kill the patient. This would change the hacker’s status to now be a murderer.

Christopher Karr, CISSP is a Director of CyberSecurity at IGI

Continue Reading
Program code on a monitor

SIZE DOESN’T MATTER WHEN IT COMES TO SECURITY

Security risks are not just a matter for large companies.  Smaller companies can be easier targets as they do not have the resources or expertise in place to provide complete security.  cybersecurity-graphicAre you an SMB that doesn’t think this could happen or thinks about security but doesn’t know where to take the first steps?  Or for that matter, know what would be helpful for my business to stay protected and proactive?

 

You’re not alone.  There are thousands of companies out there struggling with these same questions.  This certainly resonates in an article from the Constance Gustke of The New York Times – No Business Too Small to Be Hacked,  In this article, you see that your peer companies are in the saNew-York-Times-Logome proverbial boat.  Don’t neglect security but find ways to make your life easier now so you don’t have to deal with a myriad number of issues later.  Another important aspect is ensuring employees are properly educated on security procedures.  This will provide a grassroots level vigilance for protection.

How do you put security measures in place especially when you don’t have the expertise to do so and feel that every time you ask someone in IT, they give a complicated and very expensive answer?  Are there “plug and play” solutions out there that you can rely on that won’t break the budget?  These are all important considerations.  From that, you will need to be proactive in setting up your baseline and find the tools that help make security easy.  It is essential to develop a proactive security plan for your company and then implement it.  This will involve monitoring of your network to ensure any vulnerabilities are assessed and corrected.

Andrew Hoyen is a Chief Administrative Officer at IGI which is a firm specializing in products and solutions for cybersecurity and vulnerability management.

Continue Reading