The Vancord Blog

Episode Seventeen: Demystifying AI in Security

The center of cybersecurity conversations has revolved around Artificial intelligence (AI) and machine learning. Maybe the better question should be, "Do you need AI in your security products?" 

This week, we discuss the basics of AI, how it can work with cybersecurity, and is it a silver bullet solution. Join Jason as he speaks with Vancord Senior Security Engineers Matt Fusaro and Steve Maresca.

Read More

Episode Sixteen: Phishing Redux — Can we trust anything?

Phishing scams are back with a vengeance. With their redux comes a new set of tricks designed to make your life difficult. On this episode of CyberSound, Jason chats about the latest threat actor tactics making the rounds with Randy Pargman, vice president of threat hunting and counterintelligence services at Binary Defense, and Matt Fusaro, senior security engineer with Vancord.

Read More

Episode Fifteen: Leadership in Incident Response

Business continuity during a cybersecurity incident is more than just having a plan in place. It is about leadership—acting as a "human firewall" that can communicate internally and externally effectively. On episode 15 of CyberSound, Jason and Paul sit down with Fred Cass, Associate CIO of Trinity College, to discuss what leadership looks like during incident response. 

Read More

Episode Fourteen: Value of Security Standards

Aligning to a specific cybersecurity standard or blueprint for your ruling guide for compliance provides value and credibility to your organization. Meeting and exceeding regulatory requirements is a conduit to improving your business. Join Jason Pufahl and Steve Maresca in a conversation with Carrie Bonin, a Cybersecurity consultant, in our latest episode about security standards and compliance requirements. 

Read More

Episode Thirteen: Cyber Safety First

Here is a chilling statistic: 40% of elementary school kids have already chatted with a stranger online! Episode 13 of our CyberSound podcast, created in the alignment with October CyberSecurity Month, features guest expert Patrick Craven, Director of (ISC)2, non-profit center for CyberSafety, in a discussion about how to keep children and families safe online.

Read More

Episode Twelve: Careers in CyberSecurity

Recorded in alignment with October CyberSecurity Month. Whether you’ve obtained your skills through a college degree program, through earned certifications, or you are entirely self-taught, CyberSecurity is an outstanding career choice for people who are curious. And now is a great time to start your career path or continue your career trajectory in this highly specialized field. Tune in now to podcast hosts Jason Pufahl and Steve Maresca, along with special guest Michael Grande President of TBNG Inc., as they discuss options you may not have known existed. 

Read More

Episode Eleven: Fight the Phish

Recorded in alignment with October CyberSecurity Month. Called the scourge of the internet, phishing is a nefarious attempt to steal your sensitive data. In this episode, CyberSound podcast hosts Jason Pufahl and Steve Maresca define phishing techniques and provide some critical-thinking suggestions to help you evaluate the validity of suspicious messages. Listen in as they help you protect yourself from attackers getting your credentials.

Read More

Episode Ten: Basic Security Must-Haves: Personal Edition

Whether you work on a Mac or a PC, cybersecurity is a primary concern for all, especially with so many of us working remotely where company security measures may not be as effective. Listen in for some common misconceptions that might surprise you.

Read More

Episode Nine: Basic Security Must-Haves: Business Edition

This episode was created in alignment with October Cyber Security Month. In part one of this two part series, podcasters Jason Pufahl and Steve Maresca talk candidly about security essentials for every business. Jason and Steve share a critical laundry list of elements that, based on their collective experience in Incident Response, cause about 90% of the issues that result in data compromise.

Read More

Episode Eight: The Evolution of the Cyberattack: Then vs Now

Ever wonder how cyberattacks became so prevalent? The fascinating evolution from early worms and ransomware to hacktivism and geo-political espionage is covered in our latest episode. It sounds like a Hollywood spy thriller, but it’s very real!

Read More

Episode Seven: Security Products - Silver Bullets vs Snake Oil

Cyber security can be a complicated mix of products. What do you actually need to be effectively proactive and avoid having to be reactive following a cyber attack? In this episode of CyberSound, we explain what will bring the most value to your security plan.

Read More

Meeting NIST800-171 Compliances in Higher Education

A Panel Discussion around the installation of NIST800-171
Compliances at the University & College Level

 

Read More

Episode Six: The Cost of Security: Changing The Way We Think

The price of protecting your business from cyber attacks is more than the cost of doing business. Think of it as the price of winning business. A strong security system will not only help you retain your current clients, it will entice new business.

Read More

Episode Five: The Main Frame: Supply Chain Attacks

Each episode of The Main Frame cross-examines recent cyberattacks detailing how they happened and outlining preventative measures. In this session, we take a look at some of the specific threats around supply chain attacks. Our hosts offer some insights and advice into what these attacks entail, and most importantly, what companies can do to avoid attacks and/or mitigate the effects should an attack or breach occur.

Read More

Episode Four: Cyber Liability Insurance: What is it, and Do I Need it?

What happens after an organization has fallen victim to a cyberattack? In this podcast we carefully examine the benefits, value, and necessity of cyber liability insurance, including what may deny your claim.

Read More

Episode Three: Data Privacy: Do I Need to Comply?

With digital transformation creating vast amounts of data, the need for greater security and privacy arises. What are the differences between security and privacy? What laws and regulations do you need to follow, both locally and globally? What are the consequences for non-compliance? We answer all these questions, and more.

Read More

Episode Two: Ransomware Explained

While hackers are constantly developing new methods to compromise confidential data and systems, one method remains tried and true; ransomware. In this session we define how ransomware operates, the impacts on business, and how to make sure you stay resilient. 

Read More

Planning Ahead: Incident Readiness vs. Business Continuity

Is your organization prepared? Cyberattacks on small and medium businesses (SMBs) are becoming more impactful and frequent thanks to bad actors around the globe, and that’s not all. Business interrupting data incidents are rising via insider attacks, corporate espionage, volatile weather events, and more.

Read More

Episode One: The Cybersecurity Fundamentals

We all know the word cybersecurity. While most people could define it, few implement it. In this session we chat about the basics of cybersecurity, how to implement it, and the cost of not doing so.

Read More

5 Questions to Ask When You Are Choosing an RPO for CMMC Compliance

In January 2020, the Department of Defense (DoD) announced a new compliance framework called the Cybersecurity Maturity Model Certification (CMMC). Designed to protect Controlled Unclassified Information (CUI) from falling into the wrong hands, CMMC applies to all 300,000 businesses across the DoD supply chain. Every contractor and subcontractor must be CMMC-certified by 2026, or they will be barred from bidding on any DoD contract. That said, many Requests for Proposal (RFPs) already require bidders to meet CMMC Level 1 - Basic Certification. As a result, many prime contractors are already requesting CMMC compliance of their secondary suppliers.

Read More

Are You Incident Ready?

Resilience by definition is “the capacity to recover quickly from difficulties.” When it comes to cybersecurity, building your organization’s incident resiliency starts with understanding your environment and assessing potential vulnerabilities so that you are always one step ahead of imminent threats. 

Read More

Who Needs CMMC Certification? 3 Things to Know

If you’re doing business with the Department of Defense, you’ve likely heard about the upcoming CMMC certification requirement and wondered, “Will my organization require certification?”. The short answer is yes, with a few caveats. Below, we outline three things to know. 

Read More

Top 3 Cybersecurity Preparedness and Response Tips for Your Business

Cybersecurity isn’t something that only Fortune 500 companies and government organizations should be concerned about. Businesses of any size, and in all industries, must make cybersecurity preparedness and response planning a top priority.

Read More

The Top 3 Questions Every Higher-Ed CIO Should Be Asking

On average, universities lose $245 per capita from cybercrime. More sophisticated hacking techniques, combined with an increased number of universities moving to the virtual classroom, have led to more hacking opportunities for cybercriminals. The result? More responsibility has been placed on the shoulders of higher-ed CIOs.

Read More

The Most Common Cybersecurity Threats Your Small Business Faces

More than two trillion dollars were lost to cybercrime in 2019. Protecting your small business from attack is paramount as businesses accelerate their digital transformations.

Read More

How to Prevent a Higher Education Cyber Security Attack During COVID-19

The COVID-19 pandemic has opened our eyes to ways that we as a society need to protect ourselves better. But we don’t only need to protect ourselves from germs and viruses--we also need to protect our cyber wellbeing.

Read More

THE COMMITTEE FOR PUBLIC COUNSEL SERVICES CASE STUDY

Background: 

Read More

The Growing Trend of Cloud Computing: Data Protection and Disaster Recovery

For many organizations, data is the most sought-after currency. And for hackers and cybercriminals, an organization’s data is an absolute goldmine. As more universities and online schools move to the virtual classroom, data protection and disaster recovery plans are critical. In a given year, 30% of organizations lose revenue because of inadequate data protection and recovery plans. The growing trend of cloud computing in disaster recovery is one effective method for protecting your university’s crucial data. In this article, we’ll discuss the importance of offsite backup for defending against cyberattacks.

Read More

Ransomware Attack: Changing Out the Locks

Here at Vancord, we frequently respond to incidents where normal business operations have ground to a halt because of a ransomware attack. Ransomware attacks have been on the rise over the years, and it’s easy to see why. Hackers stand to make a pretty penny locking up critical systems or data. The average ransomware attack costs a business $713,000.

 

Read More

The Top 3 Cybersecurity Threats Facing Higher Education

Remote learning is convenient, and for many students, ideal. Protecting a university’s networks from hackers is a critical endeavor. Cybersecurity attacks on schools are unfortunately commonplace. In 2019, school cyber attacks tripled from the previous year. The pandemic has pushed more universities to the virtual classroom in 2020. Hackers have a lot of low-hanging fruit to pick and data to exploit. Knowledge is power. Knowing the top higher education cyber attacks used on schools is the first step toward protecting your organization from cyber threats.

Read More

5 Essential Tips For Higher Education Cyber Security Management

Start With Vulnerability Management

When it comes to mitigating higher education cyber attacks, results are generally inconsistent. Comparing general funding for an R1 university against funding for an R3 university will leave your jaw on the floor. An R1 usually has more than $40 million in grant funding spent on research per year, while an R2 has more than $5 million. These classifications are only for schools that have twenty or more doctorate students graduate per year.

Read More

The Biggest Security Risks Affecting Higher Education Virtual Operations

Due to the COVID-19 pandemic, your university or college has most likely had to shift to virtual operations. Running an institution of higher learning online has its advantages and disadvantages. It reduces “brick and mortar” costs like utilities, keeps employees and students safe, and allows classes to continue even while people are self-quarantining.

Read More

K-12 Schools: How to Build a Culture of Data Privacy

Crumbling infrastructure. Gaps in curriculum. Antiquated devices. Lack of funding. These are just a few of the obstacles facing K–12 schools looking to integrate technology into their 21st century curriculum.  US schools are data-rich targets for cybercriminals, consistently found in the top 10 industries to be continually impacted by data breaches, phishing attacks and ransomware infections.

Read More

Data Privacy Day 2020: Data Privacy in Higher Education

Data Privacy Reforms

Read More

New Haven Biz talks with Michael Grande about cybersecurity

New Haven Biz, a regional publisher of business news, caught up with Michael Grande, President of TBNG, Inc. to discuss technology and cybersecurity.  In January of 2019, TBNG, Inc. became the parent company of two business units: TBNG Consulting and Vancord.

Read More

10 Steps to Help Protect Customer Data

How concerned are your customers about protecting their data privacy? The answer: very. Safeguarding customer data is imperative to ensuring that sensitive data is never compromised and that trust with customers is not lost due to cyber fraud events. While some industries mandate security protocols, others do not. When customer data is compromised, it is the reputation of the business that will suffer.

Read More