People are the weakest link
This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’
It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. Even worse, their settings were on ‘public’ not ‘private’
It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.
US Soldiers Accidentally Leaked Nuclear Weapons Secrets: Report (gizmodo.com)
Shadow IT
Shadow IT is one of the largest threats to data privacy in organisations today.
It’s not necessarily because these sites are going to be hacked, although that’s always possible, but just because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify it! That’s why you need new tools that are cloud focused. If you’re still using the same old security tools that you used to use prior to the cloud, then you are not keeping up and we need to talk!
Bad news email attachments
Some emails are more than just bad news No one likes bad news! But sometimes it can’t be helped. Sometimes it sneaks up on you. One of the most common ransomware attacks is through a compromised attachment in an email. It’s easy to say “only open stuff you expect” but...
When you willingly share data, how do you stop it leaking?
Data Leak Protection (DLP) is the name of several policies in Office 365, setting up what data can, and can't be, shared and with whom. Imagine being able to automatically identify private information like passport numbers, Health IDs or bank account details and make...
Newsflash – US Nuclear secrets leaked online through Shadow IT
This sounds like a nightmare that could never happen. US soldiers have been putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’ . It is alleged that US Soldiers...
“LOCK ‘EM UP AND THROW AWAY THE KEYS”
Password Vaults and You With more and more websites necessary for our everyday activities, it’s getting harder and harder to manage passwords. By now, you will know not to write passwords on post-it notes and paste them on your screen. It's not uncommon for...
Google Releases Security Updates
Chrome security fixes Google has released Chrome version 91.0.4472.101 for Windows, Mac, and Linux. This update includes 14 security fixes. Out of the 14 fixes, 1 is considered to be critical in nature. If you are supported by KARE Core Fundamentals or Premium KARE...
You probably have a cyber-insurance problem, but don’t know it
Good practice last year isn’t good enough anymore. Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims. With the number of claims skyrocketing insurers are increasingly asking, "What did you do to...
Why you need to know all the cloud services that your organisation uses
If you don't where it is, you can't protect it. Do you know where ALL your organisation's data is - not physically, but on which web and cloud services? Here's the problem. If you don't where it is, then you can't protect it. The secondary problem is finding out,...
Should it be illegal to pay ransomware in NZ?
The Trillion dollar industry At the time of writing, the Waikato DHB cyber-attack is ongoing. The government is refusing to pay the ransom as a point of principle, and it looks like every possible tool at their disposal is being used to try to recover the situation....
Stepping up your cybersecurity in 2021 – Watch the recording of our Webinar
Do I really need more cyber-security protection? What’s new in 2021?We’ve been warning about cyber-security risks for years and telling everyone that it’s getting more and more adverse. The protections that seemed excessive a year ago are now inadequate! What’s the...
Zero-Trust IT Security
'Zero-Trust' is a tough headline. Zero-trust in a world where we trust people all the time is an unpleasant concept. We trust that when we order a package online, that the vendor will take our order and not just our money, that our product will be passed to a courier...