The Vancord Blog

The center of cybersecurity conversations has revolved around Artificial intelligence (AI) and machine learning. Maybe the better question should be, "Do you need AI in your security products?" 

This week, we discuss the basics of AI, how it can work with cybersecurity, and is it a silver bullet solution. Join Jason as he speaks with Vancord Senior Security Engineers Matt Fusaro and Steve Maresca.

Phishing scams are back with a vengeance. With their redux comes a new set of tricks designed to make your life difficult. On this episode of CyberSound, Jason chats about the latest threat actor tactics making the rounds with Randy Pargman, vice president of threat hunting and counterintelligence services at Binary Defense, and Matt Fusaro, senior security engineer with Vancord.

Business continuity during a cybersecurity incident is more than just having a plan in place. It is about leadership—acting as a "human firewall" that can communicate internally and externally effectively. On episode 15 of CyberSound, Jason and Paul sit down with Fred Cass, Associate CIO of Trinity College, to discuss what leadership looks like during incident response. 

Aligning to a specific cybersecurity standard or blueprint for your ruling guide for compliance provides value and credibility to your organization. Meeting and exceeding regulatory requirements is a conduit to improving your business. Join Jason Pufahl and Steve Maresca in a conversation with Carrie Bonin, a Cybersecurity consultant, in our latest episode about security standards and compliance requirements. 

Here is a chilling statistic: 40% of elementary school kids have already chatted with a stranger online! Episode 13 of our CyberSound podcast, created in the alignment with October CyberSecurity Month, features guest expert Patrick Craven, Director of (ISC)2, non-profit center for CyberSafety, in a discussion about how to keep children and families safe online.

Recorded in alignment with October CyberSecurity Month. Whether you’ve obtained your skills through a college degree program, through earned certifications, or you are entirely self-taught, CyberSecurity is an outstanding career choice for people who are curious. And now is a great time to start your career path or continue your career trajectory in this highly specialized field. Tune in now to podcast hosts Jason Pufahl and Steve Maresca, along with special guest Michael Grande President of TBNG Inc., as they discuss options you may not have known existed. 

Recorded in alignment with October CyberSecurity Month. Called the scourge of the internet, phishing is a nefarious attempt to steal your sensitive data. In this episode, CyberSound podcast hosts Jason Pufahl and Steve Maresca define phishing techniques and provide some critical-thinking suggestions to help you evaluate the validity of suspicious messages. Listen in as they help you protect yourself from attackers getting your credentials.

Whether you work on a Mac or a PC, cybersecurity is a primary concern for all, especially with so many of us working remotely where company security measures may not be as effective. Listen in for some common misconceptions that might surprise you.

This episode was created in alignment with October Cyber Security Month. In part one of this two part series, podcasters Jason Pufahl and Steve Maresca talk candidly about security essentials for every business. Jason and Steve share a critical laundry list of elements that, based on their collective experience in Incident Response, cause about 90% of the issues that result in data compromise.

Ever wonder how cyberattacks became so prevalent? The fascinating evolution from early worms and ransomware to hacktivism and geo-political espionage is covered in our latest episode. It sounds like a Hollywood spy thriller, but it’s very real!

Cyber security can be a complicated mix of products. What do you actually need to be effectively proactive and avoid having to be reactive following a cyber attack? In this episode of CyberSound, we explain what will bring the most value to your security plan.

A Panel Discussion around the installation of NIST800-171
Compliances at the University & College Level

The price of protecting your business from cyber attacks is more than the cost of doing business. Think of it as the price of winning business. A strong security system will not only help you retain your current clients, it will entice new business.

Each episode of The Main Frame cross-examines recent cyberattacks detailing how they happened and outlining preventative measures. In this session, we take a look at some of the specific threats around supply chain attacks. Our hosts offer some insights and advice into what these attacks entail, and most importantly, what companies can do to avoid attacks and/or mitigate the effects should an attack or breach occur.

What happens after an organization has fallen victim to a cyberattack? In this podcast we carefully examine the benefits, value, and necessity of cyber liability insurance, including what may deny your claim.

With digital transformation creating vast amounts of data, the need for greater security and privacy arises. What are the differences between security and privacy? What laws and regulations do you need to follow, both locally and globally? What are the consequences for non-compliance? We answer all these questions, and more.

While hackers are constantly developing new methods to compromise confidential data and systems, one method remains tried and true; ransomware. In this session we define how ransomware operates, the impacts on business, and how to make sure you stay resilient. 

Is your organization prepared? Cyberattacks on small and medium businesses (SMBs) are becoming more impactful and frequent thanks to bad actors around the globe, and that’s not all. Business interrupting data incidents are rising via insider attacks, corporate espionage, volatile weather events, and more.

We all know the word cybersecurity. While most people could define it, few implement it. In this session we chat about the basics of cybersecurity, how to implement it, and the cost of not doing so.

In January 2020, the Department of Defense (DoD) announced a new compliance framework called the Cybersecurity Maturity Model Certification (CMMC). Designed to protect Controlled Unclassified Information (CUI) from falling into the wrong hands, CMMC applies to all 300,000 businesses across the DoD supply chain. Every contractor and subcontractor must be CMMC-certified by 2026, or they will be barred from bidding on any DoD contract. That said, many Requests for Proposal (RFPs) already require bidders to meet CMMC Level 1 - Basic Certification. As a result, many prime contractors are already requesting CMMC compliance of their secondary suppliers.

Resilience by definition is “the capacity to recover quickly from difficulties.” When it comes to cybersecurity, building your organization’s incident resiliency starts with understanding your environment and assessing potential vulnerabilities so that you are always one step ahead of imminent threats. 

If you’re doing business with the Department of Defense, you’ve likely heard about the upcoming CMMC certification requirement and wondered, “Will my organization require certification?”. The short answer is yes, with a few caveats. Below, we outline three things to know. 

Cybersecurity isn’t something that only Fortune 500 companies and government organizations should be concerned about. Businesses of any size, and in all industries, must make cybersecurity preparedness and response planning a top priority.

On average, universities lose $245 per capita from cybercrime. More sophisticated hacking techniques, combined with an increased number of universities moving to the virtual classroom, have led to more hacking opportunities for cybercriminals. The result? More responsibility has been placed on the shoulders of higher-ed CIOs.

More than two trillion dollars were lost to cybercrime in 2019. Protecting your small business from attack is paramount as businesses accelerate their digital transformations.

The COVID-19 pandemic has opened our eyes to ways that we as a society need to protect ourselves better. But we don’t only need to protect ourselves from germs and viruses--we also need to protect our cyber wellbeing.

Background: 

For many organizations, data is the most sought-after currency. And for hackers and cybercriminals, an organization’s data is an absolute goldmine. As more universities and online schools move to the virtual classroom, data protection and disaster recovery plans are critical. In a given year, 30% of organizations lose revenue because of inadequate data protection and recovery plans. The growing trend of cloud computing in disaster recovery is one effective method for protecting your university’s crucial data. In this article, we’ll discuss the importance of offsite backup for defending against cyberattacks.

Here at Vancord, we frequently respond to incidents where normal business operations have ground to a halt because of a ransomware attack. Ransomware attacks have been on the rise over the years, and it’s easy to see why. Hackers stand to make a pretty penny locking up critical systems or data. The average ransomware attack costs a business $713,000.

Remote learning is convenient, and for many students, ideal. Protecting a university’s networks from hackers is a critical endeavor. Cybersecurity attacks on schools are unfortunately commonplace. In 2019, school cyber attacks tripled from the previous year. The pandemic has pushed more universities to the virtual classroom in 2020. Hackers have a lot of low-hanging fruit to pick and data to exploit. Knowledge is power. Knowing the top higher education cyber attacks used on schools is the first step toward protecting your organization from cyber threats.

Start With Vulnerability Management

When it comes to mitigating higher education cyber attacks, results are generally inconsistent. Comparing general funding for an R1 university against funding for an R3 university will leave your jaw on the floor. An R1 usually has more than $40 million in grant funding spent on research per year, while an R2 has more than $5 million. These classifications are only for schools that have twenty or more doctorate students graduate per year.

Due to the COVID-19 pandemic, your university or college has most likely had to shift to virtual operations. Running an institution of higher learning online has its advantages and disadvantages. It reduces “brick and mortar” costs like utilities, keeps employees and students safe, and allows classes to continue even while people are self-quarantining.

Crumbling infrastructure. Gaps in curriculum. Antiquated devices. Lack of funding. These are just a few of the obstacles facing K–12 schools looking to integrate technology into their 21^st century curriculum.  US schools are data-rich targets for cybercriminals, consistently found in the top 10 industries to be continually impacted by data breaches, phishing attacks and ransomware infections.

Data Privacy Reforms

New Haven Biz, a regional publisher of business news, caught up with Michael Grande, President of TBNG, Inc. to discuss technology and cybersecurity.  In January of 2019, TBNG, Inc. became the parent company of two business units: TBNG Consulting and Vancord.

How concerned are your customers about protecting their data privacy? The answer: very. Safeguarding customer data is imperative to ensuring that sensitive data is never compromised and that trust with customers is not lost due to cyber fraud events. While some industries mandate security protocols, others do not. When customer data is compromised, it is the reputation of the business that will suffer.