Posts

CYBERSECURITY AWARENESS MONTH 2021

/in , /by

CYBERSECURITY AWARENESS MONTH 2021

Now in its 18th year, Cybersecurity Awareness Month continues to raise awareness about the importance of cybersecurity across our Nation. Held every October, Cybersecurity Awareness Month is a collaborative effort between government and industry to ensure everyone in the Nation has the resources they need to be safer and more secure online.

DO YOUR PART. #BECYBERSMART.

WEEKLY MESSAGES

Every year, led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), Cybersecurity Awareness Month conveys a clear message of the importance of partnership between government and industry, from the White House to the individual.

The evergreen theme—Do Your Part. #BeCyberSmart.—encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity.

To help you and your organizations create an effective cybersecurity awareness campaign, CISA and NCSA have created four weekly themes to focus on during Cybersecurity Awareness Month:

  • Week 1: Be Cyber Smart
    The first week explores cybersecurity fundamentals: how simple actions can help secure your digital lives, improve the security of smart and internet-connected devices, and how other fundamentals can help reduce cyber risks.
  • Week 2: Fight the Phish!
    The second week will focus on how individuals can spot potential phishing attempts—which often lead to
  • Week 3: Explore. Experience. Share.
    In partnership with the National Initiative for Cybersecurity Education (NICE), the third week celebrates Cybersecurity Career Awareness Week. This week will illustrate how cybersecurity professionals play a vital role in global society and security and call attention to their contributions and innovations. This week also showcases how building a global cybersecurity workforce enhances each nation’s security and promotes economic prosperity.
  • Week 4: Cybersecurity First
    The final week will emphasize that cybersecurity should be a priority and not an afterthought and will examine how what we do today can affect the future of personal, consumer, and business cybersecurity. This week will also highlight how cybersecurity is a year-round effort and should be an individual’s or organization’s first considerations when they create or buy new devices and connected services.

Use the Cybersecurity Awareness Month hashtag #BeCyberSmart, to help promote cybersecurity awareness. Also, be sure to keep checking this website and follow us on social media to learn more about upcoming Cybersecurity Awareness Month efforts in October.

Improving the Nation’s Cybersecurity

/in /by

Improving the Nation’s Cybersecurity

The White House recently published a Cybersecurity Executive Order, highlighting the critical steps to provide a roadmap- to address the persistent and increasingly sophisticated threats to “American people’s security and privacy”.

A simplified Fact Sheet was also published summarizing the order to help: 

· Remove Barriers to Threat Information Sharing Between Government and the Private Sector

· Modernize and Implement Stronger Cybersecurity Standards in the Federal Government

· Improve Software Supply Chain Security

· Establish a Cybersecurity Safety Review Board

· Create a Standard Playbook for Responding to Cyber Incidents

· Improve Detection of Cybersecurity Incidents on Federal Government Networks

· Improve Investigative and Remediation Capabilities

Who will be affected?

  • Federal executive agencies (U.S. Department of Agriculture, U.S. Department of Commerce, U.S. Department of Defense, U.S. Department of Education, U.S. Department of Energy, U.S. Department of Health and Human Services, U.S. Department of Homeland Security, U.S. Department of Housing and Urban Development, etc.) will be expected to modernize their technology infrastructure and security practices.
  • Federal contractors, companies working with the federal government, and agencies, including but not limited to software vendors and providers, will be expected to include their cybersecurity security standards in new contracts. These organizations will also be required to share more information on cyber incidents regarding attacks on themselves or federal entities.
  • The private sector will likely see an increased focus on hardware and software supply chain security. This focus will include new requirements built around providing transparency for the government, as well as consumer, security of software, services, and physical equipment including historically unregulated devices such as the internet of things (IoT). 

What does all this mean?

The changes will be wide-reaching and affect organizations that would not have typically expected to be impacted by such requirements. The supply chain attacks that have been prevalent throughout 2021 have caused organizations to consider the implications of what a potential attack would have on their entire supply chain. Many organizations have started to require their partners and vendors to have a security program in place that will “meet or exceed the standards and requirements for cybersecurity” outlined by the Executive Order. Meaning, requirements such as having a formal security program in place with a heavy emphasis on measuring and improving the security posture have become a standard requirement in contracts and agreements across the industry. It is also anticipated that the compliance requirements, such as those around ensuring supply chain contract updates and compliance with those updates will most likely fall on your organization to verify and update as needed.  

There will also be new requirements for some organizations to implement new processes and toolsets to be compliant with the Executive Order. This may be due to direct relationships with federal organizations or required by partners, vendors, or contractors that work with the Federal agencies.

The following is a high-level summary of the Executive Order requirements

  • Development and adoption of an organization-wide Security policy
  • The need for updated contract language designed to ensure Confidentiality, Integrity, and Availability of data and systems. Inclusion of Detection, Prevention, and reporting of security events will be required language.
  • Open collaboration and communication between service providers and the federal government
  • Development of a security roadmap outlining the steps and milestones required to adopt a Zero Trust Architecture.
  • Cybersecurity training for all staff and contractors associated with your organization.
  • Developing a Cybersecurity Incident Response Plan and/or security incident playbooks for specific incident types
  • The deployment of new Administrative and Technical controls to help protect the organization’s Network, Information Technology, Operational Technology, and Internet of Things (IoT) devices.

This may include but is not limited to:

  • A security assessment or audit (security review of systems including vulnerability reporting, configuration review, etc.)
  • Multifactor Authentication
  • Encrypting data at rest and in motion
  • Detection of security vulnerabilities and incidents
  • Deployment of Endpoint Detection and Response capabilities that includes containment, remediation, and incident response

Computer Integration Technologies (CIT) & Darktrace

/in , , /by
darktrace and cit security solutions

Webinar recording on Changing Cyber: The Battle of Algorithms. Click here to view.

DarkTrace is Real Intelligence in the Cybersecurity Arms Race

/in , /by

Technological ecosystems for businesses are growing more rapidly than ever. The majority of our business communications, transactions, and data are all stored in various clouds or exchanged online. For all their usefulness, these evolving technologies and the business systems that rely on them have become increasingly difficult to manage. If they are not meticulously maintained, they can be risky and create vulnerabilities for you and your business.

A CRITICAL ALLY IN THE CYBERSECURITY ARMS RACE

Keeping your information safe from hackers is stretching security teams beyond their capabilities. A recent report gathered input from 200 Chief Information Security Officer’s describing how, for years, businesses and hackers have been locked in a cybersecurity arms race. The only thing that seems to have kept pace with technological advancement is the hackers’ impressively creative and persistent dark tactics to gather your sensitive information.

The cybersecurity arms race for businesses just got a critical ally with Darktrace, the leader in behavioral cyber platforms. Darktrace adds Artificial Intelligence and Machine Learning (AI and ML) protection to an already robust and cutting-edge portfolio of CIT leading a new era of fighting cybercrime.

MAKING COMPLICATED (LOOK) EASY

While the workings of AI and ML are incredibly complicated, the role of AI in cybersecurity is quite simple: AI aggressively deciphers a user’s behavior and uses patterns to detect with lightning speed any irregularities within those patterns. By tracking and analyzing all your data and different use patterns, Darktrace cyber AI can raise alerts to address problems before any damage can be done.

Offering Darktrace is just one of the ways we provide our clients with the very best in securing sensitive data and systems. Think of Darktrace and Securities Information and Event Management (SIEM) logging solutions as the two components of an airtight cybersecurity plan:

  • Darktrace is a behavioral leader in the recent innovations of Artificial Intelligence that pinpoints abnormal activity on a network and reports that information back to AlienVault.
  • SIEM logging solutions are all about compliance, securing your systems proactively to meet the technology of the day, and the hackers who threaten that technology.

CIT IS THE BEST CYBER DEFENSE FOR YOUR BUSINESS

Simply put CIT, now armed with Darktrace AI, is the best cyber defense for your business. Whether you need to answer a compliance audit, or your business needs iron-clad cybersecurity in a rapidly changing technological ecosystem, CIT has you covered. Our new products and services are making cybersecurity technology work for your business.

CIT is Minnesota’s Premier Cybersecurity Provider for Nursing Home Technology

/in /by
Assisted living network and technology support

CIT is Minnesota’s Premier Cybersecurity Provider for Nursing Home Technology

One of the most common mistakes anyone can make when shopping around for cybersecurity is approaching information technology with a one-size-fits-all perspective. That is especially true for securing your nursing home’s sensitive information. After all, if cybersecurity protects information, wouldn’t all cybersecurity be the same?

We are glad you’re taking a moment to read this blog before making a decision, because keeping a nursing facility’s information technology security is a specialized service, and one of CIT’s many specialties. Read on to learn more about how we can help solve the unique challenges of keeping our elderly loved one’s health and financial data safe from hackers.

You Keep Your Senior Residents Safe, But What About Their Personal Information?

As America ages, hackers know where to find the most vulnerable health and financial data — in senior living facilities like yours.

There are many reasons why seniors present an especially attractive target:

  • Hackers are keen on hunting for nest eggs, whether found in social security payments, pensions, retirement checks, or even good credit
  • Seniors, especially those on a fixed income, often do not closely monitor their financial data
  • Hackers can pose as family members to take advantage of specialized patients with Alzheimer’s or dementia
  • Seniors, who didn’t grow up with technology, often choose easy-to-hack passwords or unknowingly provide sensitive information to phishers
  • Financial and health records of the recently deceased can fetch an especially high price on the dark web
  • Senior homes and care settings are a hub of traffic (and possibly, a weak link) in the Health Information Exchange

If You Suspect Your Facility’s Electronic Health Records (EHR) Have Been Hacked

You would think some things in this world would be out of bounds. But hackers have no scruples in who they hack. Thankfully, you and your residents are not alone. There are some immediate steps you can take if you feel your facility or your resident’s financial or health records have been compromised.

The Department of Homeland Security has a handy guide to preventing and responding quickly to possible fraud, including everything from the immediate steps you should take if a resident’s phone has been stolen, to providing convenient, easy to use tip cards for anyone who needs simple, clear information at the ready.

An intrusion from a hacker can be traumatic and ruinous for anyone. But for those in their twilight years — who should be reaping the rewards of a lifetime of hard work — getting hacked can be especially devastating. Of course, the best cure is prevention and, as a caretaker, you have a special opportunity to hire the absolute best in cybersecurity and ensure the safety and happiness of your residents.

Improve the Quality of Your Patient Care with Proper Security

When you make the safety and security of your residents a priority, people (and prospective residents) notice—the devil is in the details, after all. High standards are contagious, and the premium you place on proper cybersecurity could extend to your staff, your resident’s care plans, and, ultimately, to your residents themselves.

A business that runs smoothly is happy. And that is especially true if your business is a retirement community. Providing proper cybersecurity is more than a good placebo, it is a way of life and commitment to standards that enrich the lives of the ones we love the most.

CIT Keeps Your Facility’s Information Technology Safe, Secure, and Compliant

You’re busy running several skilled nursing facilities — you don’t have time to be concerned about cybersecurity. That’s why you need CIT, Minnesota’s premier IT cybersecurity company, with over three decades of experience, and our industry-leading partners (with HIPAA, HITECH, and NIST standards across locations), helping local senior living providers stay ahead of today’s cyberthreats. Together we can keep our loved ones safe and secure and getting the most out of life.

Protect Your Business Against Hackers

/in /by

Protect Your Business Against Hackers

Locking up at the end of the workday makes sense—you want to protect your business. But what if locking your doors is not enough? How can you protect your business against hackers who can gain wide-open access to your back door?

Your financial data, intellectual property and network information are all just as valuable as the goods on your shelves, or the clients in your books. For the same reasons you lock up at the end of the workday, having the best IT security is common sense. Here are five steps you can take to protect your valuables, even when the front doors are locked:

  1. Know how hackers hack your business, and why
  2. Covering your assets—budgeting for data security
  3. What business owners need-to-know about IT regulations
  4. Getting your employees on board with cyber security
  5. Making data security part of your business strategy

Know how hackers hack your business, and why

Breaking the front lock is not the way hackers get into your business. They phish, sending emails with tantalizing bits of bait that people nibble on. With persistence, hackers can usually trick someone into biting, creating a backdoor to install viruses or malware on your network.

Recognize hackers by their suspicious correspondence. Anyone who suggests you download mysterious antivirus software is up to something phishy. That is especially true for anyone who requests sensitive information or passwords. If your business is experiencing suspicious network activity, or receiving ransomware notices, knowing where to find more information is your best step forward.

But if you’re like anyone else trying to run a business, you probably don’t have a team of security professionals to monitor for threats, or the incredible resources needed to recover from data breaches. That’s why you need the best data security, working around the clock to protect your data, so your private information never falls into the wrong hands.

Covering your assets—budgeting for data security

Hackers have developed so many creative and innovative tricks that 2019 is shaping up to be a banner year for fighting back. A record eighty-six percent of business plan to cover their assets by increasing their spending on cybersecurity.

The most proactive thing you can do to prioritize a budget for data security is to understand how the safeguards that have traditionally been considered extra, or proactive are now recognized as an essential component of a savvy IT budget.

When you are focusing on growing your business, it is important to allocate adequate funds for your unique resilience strategy—that is, the necessary safeguards to protect you and your team from an attack and, if an attack were to occur, how to minimize disruptions and quickly recover data afterwards. As your competitors are beefing up on cyber security, developing a budget that includes robust spending on data security, means a bigger return on investment as the long-term benefits to data security can add to your bottom line.

What business owners need to know about IT regulations

No matter what kind of data you encounter, it is your responsibility to ensure it is properly protected. But keeping compliant with GDPRSOX law and PCI data security standards can be incredibly difficult.

Not all information is the same. Securing a patient’s sensitive medical information is regulated much differently than securing biometrics data for our mobile cash apps. But proper compliance is good for business. Customers are far more likely to take their business to companies who can demonstrate proper data compliance. Some insurance companies even offer discounts to businesses who can prove they meet certain data security criteria.

Having proper IT support ensures your business is not only compliant, and can give you a profitable advantage.

Getting employees on board with data security

A business is only as strong as its weakest link. You don’t have to wait until National Cybersecurity Month to get your team on board with your business’ data security. You can get started today. Make it a holiday—Change Your Password Day, or Update Your Software Day. Here are some more steps you can take now to get everybody up to speed.

Take a top-down approach to cybersecurity, from the CEO to the mailroom, to help employees understand why cybersecurity matters, why being alert to phishing emails, and suspicious events can be the difference in saving your business, and their jobs.

Your employees are the eyes and ears of your business. Why is it, employees who notice something amis often don’t take action? They presume anything suspicious was probably noticed and reported by someone else. When you empower and encourage your employees to report suspicious activity, you are safeguarding your business from the most clever hackers wishing to gain access to your network.

Make data security part of your business strategy

Making sure you are not only compliant, but competitive with data security can be both tricky and immensely profitable for your business. That is why it is essential to ensure you have the very best in data protection.

Remember: the best IT is more than just securing your client’s and your sensitive information. It is about helping you to assess the real risks and the value in establishing company-wide standards to prevent data breaches and a plan for responding to an incident with data security.