Shortly after I signed off of work last night, I checked my smartphone for the first time in an hour or so and discovered I'd missed a call. The waiting voicemail claimed to be from Amazon customer service warning me my account had been compromised by the unauthorized purchase of a refurbished $650 iPhone 6. The purchase had been stopped, the caller said, but my Amazon account would be closed if I did not call them back at 1-866-850-3558. 

Topics: cybersecurity, phishing, Cybercrime

The monstrous cost of cybersecurity failure is demonstrated in headlines daily:

Topics: cybersecurity, Cybercrime, End of Life

It happens so innocently: an employee logs into email, sees a message that his password needs to be updated in Outlook and clicks on the link provided. But the email wasn’t generated by Microsoft, it was sent from a cybercriminal who had an email address that looked legitimate. Suddenly, an attack has been launched on your employee and your firm.

The time is now to better understand your firm’s weaknesses. What systems are vulnerable? How can you best secure the environment? How can you best secure data stored in the cloud? How can you best secure on-premises infrastructure? How do you secure your firm’s general computing environment?

Our article “The Top 6 Penetration Testing Fails” will help you answer these extremely tough questions.

We'd love to share advice on enhancing your firm's cybersecurity. Call us at 1-800-541-0450 or email us at sales@innovativecomp.com to get started. 

 

Topics: cybersecurity, Cybercrime, Articles, Information Security, Penetration Testing

Everyone needs to know what to do in the event of a successful cyberattack.

Topics: Security, Training, Technology Consulting, cybersecurity, Ransomware, FBI Internet Crime Complaint Center, US-CERT, IC3, Secret Service, PII, Federal Trade Commission, Cybercrime, Publications, Articles, Information Security

Law firm cybersecurity continues to evolve. This is more than just a technology issue or an added clause in the retainer agreement—it’s one of the biggest risks that law firms will face in 2019. Cybersecurity is part of doing business, and pressure from clients is causing firms to invest and focus more on cybersecurity and its concomitant risk management.

Cyberattacks have become so frequent that it is no longer a matter of whether firms will be the victim of a cyberattack, but a question of when and to what extent. This is a result of easily accessible malware and increasingly sophisticated cybercriminals. It is no longer enough to relegate cyber-risk management to the IT department and it requires more than a general guideline on computer use. These prevalent threats are changing the entire IT ecosystem, including documents, websites, emails, servers, cloud applications and mobile devices.

In this webinar, attendees will hear from a panel of law firm professionals, information security experts and IT professionals who will discuss the current security landscape at law firms. The discussion will cover law firms' responsibility to manage cybersecurity, including risk management, potential future threats and steps firms should take today to ensure the security of their firms' and clients' data. The panel will also briefly highlight current security legislation and regulation highlights.

During this moderated discussion, attendees will learn:

• The state of law firm data security today
• The biggest cybersecurity risks for law firms
• What to do to manage cyber risk
• How to recognize a cyberthreat 
• The lawyer’s cyber standard of care
• Increasing client requirements of law firms 
• How to avoid cybersecurity legal malpractice claims

Topics: Webinars, cybersecurity, Cybercrime, Information Security, David Lam, Michael Kemps, Citadel Information Group

Recent research has shown changes in the effectiveness of various phishing attacks.

Cofense, previously PhishMe, issued a report based on 1,400 clients in 23 industries in more than 50 countries that notes that 7.5 million phishing emails were reported in 2017 alone. But the effectiveness of phishing campaigns has shifted.

In prior research, users were most emotionally motivated to open emails that made them feel a sense of urgency, fear or opportunity. Those three emotional motivators have now been replaced with entertainment, social and reward/recognition.

Topics: Security, Training, cybersecurity, Ransomware, Hacking, phishing, Cybercrime, Email Security, Information Security

If you want to know what’s happening in top cybersecurity threats right now, ask the FBI.

Topics: cybersecurity, Cybercrime

A recent ransomware attack against the city of Atlanta took its computers offline for over a week while city officials, along with the FBI, attempted to remedy the situation without paying the hackers $51,000 in Bitcoin. 

Topics: cybersecurity, Ransomware, Cybercrime, Email Security, Information Security

Topics: Security, Training, Malware, Information Governance, Email Management, Network, Access Control, Mimecast, Dual Factor Authentication, whaling, cybersecurity, Passwords, Biometric Authentication, Two Factor Authentication, Ransomware, Hacking, Advanced Persistent Threats, phishing, Antivirus, Cybercrime, Enterprise Mobility Management, Mobile, Email Security, 2FA, Information Security, Penetration Testing, Vulnerability Testing, firewall

We have recently been made aware of a sophisticated email phishing campaign targeting law firms and other businesses. 

Topics: Security, Alerts, Email Management, cybersecurity, Hacking, phishing, Cybercrime, Email Security, Information Security, Identity Theft

It's that time again — time to file your taxes early so criminals don't do it for you and steal your possible refunds. This is of special importance after the recent Equifax hack in which most Americans' personal information, including Social Security Numbers, was accessed by criminals. The most effective defense is to file your taxes early — before identity thieves have the chance to do it for you. 

Topics: Security, Alerts, Hacking, phishing, PII, Cybercrime, Identity Theft

Did you miss our CEO Michael Kemps' recent webinar on preparing your firm for the inevitable client audit?

 

Fortunately, we recorded it for you.

Topics: Webinars, cybersecurity, Cybercrime, Client Audits

 

Just after the school year commenced, Steve Bradshaw, superintendent of the Columbia Falls, Montana, schools got a menacing text from a number he didn’t recognize. The cyber thug behind the message made a myriad of threats – including physical harm to district students and staff and releasing their personal information – unless a ransom was paid in Bitcoin. The community was thrust into a panic, and the district closed its 30 schools for three days.  Was this response warranted or appropriate?

 

Topics: Information Governance, cybersecurity, Ransomware, Cybercrime, Information Security

Did you know that this month is National Cybersecurity Awareness Month? 

Topics: Information Governance, cybersecurity, Hacking, Cybercrime, Information Security

by Richard Forno, University of Maryland, Baltimore County
Story republished from The Conversation.

Topics: Information Governance, cybersecurity, Hacking, Cybercrime, Information Security