Navigating the intricate landscape of Artificial Intelligence (AI) can be daunting– but it doesn’t have to be. On this episode of CyberSound, the team provides valuable insights into generative AI, explores its strengths, weaknesses, and how it has garnered widespread attention in the professional services landscape, and discusses practical business applications across various industries.

Connecticut has been a leader in addressing data privacy issues and Artificial Intelligence (AI) regulation through policies that protect residents and foster innovation.

Often, CIOs and CISOs are faced with the challenge of needing to prove the value of implementing cybersecurity controls to secure an organization. Today, we discuss the tools available for both IT strategy and cybersecurity risk management that enable executives to drive strategic change for their business.

Endpoint protection is a popular space in the market for businesses right now, whether it be to meet cyber liability insurance requirements or to boost an organization’s comprehensive approach against threats.

This summer, numerous businesses around Connecticut have fallen victim to cyber-attacks. These sophisticated and often expensive incidents remind organizations that they need good processes and controls in place to stay protected.

Technology plays a role in improving security posture, but a well-informed and educated workforce is superior to keeping an organization protected. Security awareness training is crucial to ensuring your team is empowered, productive, and safe – and it doesn’t have to be boring!

Threat Hunting and Incident Response are two tactful measures that help an organization’s cybersecurity journey. But what is the difference between them?

Higher education institutions have become top targets for student fraudulent activity and scamming. As these threat actors continue to advance, it is more important than ever for universities to have the right tool sets in place to detect and filter out fake student applications.

Progress Software’s file-transfer tool MOVEit recently experienced a massive exploitation. What does this mean for the users of the software and the service providers with clientele under this tool?

We, as digital citizens of the United States, have cyber duties to fulfill to ensure the protection of our data and devices.

Artificial Intelligence (AI) advancements are shaping the digital world at a revolutionary pace. From ChatGPT and image generators to solving ransomware attacks and providing curated learning, AI has demonstrated many positive usages. However, there are motivators to slow this process down, with concerns surrounding the potential threats artificial intelligence may pose.

Just this year, North Dakota passed House Bill No.1398, becoming the first state in the country to require cybersecurity education in K-12 schools.

Numerous states have placed a formal ban on the use of the popular social media platform TikTok, leaving users to question its safety surrounding data and asset privacy.

Last month, the Vancord team attended the NorthEast Regional Computing Program (NERCOMP) Conference, which annually brings together individuals in IT and higher education. From ransomware concerns to heightening security awareness and meeting compliance deadlines, many productive conversations took place.

A data breach has occurred in your organization– what now? Who do I legally have to notify? What types of data require notification? There are many influencing factors in state data breach laws that organizations must consider regarding discloser requirements.

As cyber threats increase, so does the importance of keeping your critical infrastructure systems secure. Inventorying your operational technology (OT), being aware of the risk, and implementing cybersecurity best practices are ways to maintain and assess these devices.

The Connecticut Data Privacy Act (or “CTDPA”) is going into effect on July 1, 2023, making Connecticut the fifth state to pass a comprehensive data privacy law that protects consumers. How will this new law impact your organization, and are there any obligations you should know?

Over the past few years, supply chain issues have significantly impacted the IT industry. From extensive lead times to unfulfillable hardware needs, it is more important than ever to understand the risk, ensure you have a supply chain strategy in place and plan early and often.

Microsoft is continuously developing its stack of security capabilities and staying innovative in the cloud space.

OpenAI’s ChatGPT is an emerging phenomenon in the cybersecurity space. However, as Artificial Intelligence technology advances, so does the potential for misuse. From generating phishing emails to disrupting the academic environment for youth, ChatGPT can have different impacts, and it is critical to practice appropriate usage.

The ever-changing cyber world poses risks for children. It is critical to ensure they are using technology appropriately. As a parent, how do I address these concerns with my child, and are there any preventative measures I can take?

With the emerging cybersecurity threat landscape, it’s increasingly important to have a Security Operations Center (SOC) that can recognize and respond to attacks in an efficient manner. Understanding what attackers are thinking and how they plan to use malware ensures that as these new threats emerge, a defense against them is also being built.

Managing and funding the operations of internet infrastructure in schools can be a difficult task. The Universal Service Program for Schools and Libraries, better known as E-Rate, exists to help make it easier for these entities to get the equipment and services they need at an affordable price.

As we near the end of 2022, the team at Vancord looks back on their security predictions, shares optimism about the future of the cybersecurity and information technology industries, and encourages you to focus on the fundamentals for the upcoming year.

In recent years, purchasing methods of consumers have drastically changed. Relative to the security space, the introduction of Electronic Wallets (eWallets) and the need for convenience and safety has become crucial.

On October 11, 2022, the Biden-Harris Administration released a Fact Sheet revealing the increased efforts of the White House to improve the Nation’s cyber defenses. But how exactly are they promising to lead Americans toward a more cyber-safe future?

Password protection management is a fundamental practice you and your organization should utilize to keep your credentials safe.

Keep yourself safe from cyberattacks this Halloween season.

Information security is an intellectually stimulating and somewhat challenging industry to be in, but at the heart of it is the collectivity of the environment. When there is an emerging or urgent situation, there is a need to come together and solve the problem.

Happy Cybersecurity Awareness Month! Each year, the Cybersecurity and Infrastructure Security Agency (CISA) announces a theme for October; this year it’s “See Yourself in Cyber”.

Zero trust is an important security framework that ensures users, assets, and resources are protected from all angles. The rise of remote work has made this even more prevalent. It’s the responsibility of organizations to employ a variety of these measures in a workplace and build stronger operational systems.

Understanding the behavior of attackers can increase reactivity, improve your overall security stance, and give you a leg up in detecting malicious activity.

Black Hills Information Security created an incident response procedure card game titled “Backdoors & Breaches” (B&B). Today, the Vancord team takes a stab at playing it.

Working in the security space can come with unexpected challenges and events. The team at Vancord has learned how to properly handle incident response by understanding the high sense of urgency people feel in these situations.

What kind of data is attainable to the general public? There is information that you may deem private, like salaries, voter affiliation, and property assessor records. Fortunately, there are options for recourse and limiting the visibility of this data.

There are valuable resources available to help protect your organization against insider threats, one of the larger ones being the annual Ponemon Cost of Insider Threats Global Report.

Understanding the business market is the first step in providing successful cybersecurity services to clients. Having valued partners to collaborate with amplifies this.

It’s been one year since the release of our first ever episode of CyberSound! Tune in as Jason, Steve, and Matt revisit snippets of episodes this past year and share laughs and valuable lessons learned throughout the creation of this podcast.

IT and cybersecurity are two fundamental pieces of an organization’s internet protection. But how can these respective departments work together to bring a more strategic approach to projects?

There are changing expectations in higher education for protecting student financial records. This is an opportunity for your institution to get ahead in information security as the Gramm-Leach-Bliley Act (GLBA) requirements begin to go into effect this year.

The Department of Defense (DoD) holds security standards for organizations that handle controlled, unclassified information– particularly NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC). These standards are set to ensure protection in your business and to avoid any potential data breaches or financial impacts.

Today, the economic landscape is directly impacting the cybersecurity industry, which has resulted in unrest. With the current state of the job and stock markets, it is crucial to be aware of these challenges to adapt accordingly.

Reducing physical security risk requires great flexibility in meeting the specified needs of clients. This understanding allows experts to analyze the severity of a situation and mitigate it appropriately.

The modern-day internet hacker holds a strong illusion to the public eye. These are not random, lone actors— they are usually serious, organized attackers with a profit-based motive. These motives are important to understand for instilling the right cybersecurity defense mechanisms in your organization.

Are you a beginner in IT looking for simple steps to be proactive about cybersecurity? Or want a refresher on the basics of preventative maintenance online?

Open-source software (OSS) allows web developers to study, modify, and customize software to fit their needs. Historically, many organizations have felt a lack of security in these projects; however, major tech giants like Microsoft and Amazon are making significant investments today. What does this mean for the future of software developers? What is the difference between proprietary and open-source software? And what should you consider when evaluating the needs of your organization?

With the rise of remote work and the option to work from anywhere, employees can access company data more easily than before, making identity and access management a critical security issue for businesses to consider.

We all know that practice makes perfect, and the same holds true when it comes to incident response in the case of a cybersecurity attack. Linn discusses the value of acting out an incident— better known as a tabletop exercise, and what is needed to implement these exercises as standard practice for businesses.

Today’s kids are inevitably growing up online in the age of virtual learning, iPads, and the internet at our fingertips, and parents need to stay vigilant. Tune in for some tips and insight into navigating cyber-safe practices and conversations with your kids.

If you haven’t heard the news, Vancord and TBNG are now unified as Vancord—and together, we’re securing a more connected future.

In other news, recent reports highlight challenges with the Common Vulnerability Exposure (CVE) model, especially as more companies switch to cloud computing. What are the challenges? Tune in to stay informed.

When a cyber attack occurs, organizations typically react with panic and confusion about what to do next. Cyber attacks can severely damage a data system, but businesses can be proactive to, not only try to prevent an attack, but know how to immediately respond to a cyber attack.

Recently, Google announced their 5.2 billion dollar acquisition of the cyber security firm Mandiant. Also, SISA made news by imposing stricter cyber security requirements that could affect several major industries nationwide.

As the war continues in Eastern Europe, questions regarding the idea and possibility of cyber warfare have risen to the surface. What is cyber warfare? Or what role will cyberattacks play in the future of how countries approach defending their nation?

Network segmentation is a common practice organizations use daily to isolate and track traffic on their computer network. However, network segmentation is often taken for granted in cybersecurity discussions, or some people haven’t explored why it’s important. Network segmentation is a valuable component to any companies cybersecurity policy and procedures, so understanding the basics about what it is is essential.

The evolution of cybersecurity correlates to both the security demands of organizations and technological changes in the world. In recent years, the growth of cloud based software and a growing remote workforce, has increased the need for solutions like what Gartner has coined Secure Access Service Edge, or SASE.

Cybersecurity is not a luxury service, only for large companies with big budgets. Regardless of the size of a company, security services have become vital to determine the health of an organization’s infrastructure. However, many people still undervalue or don’t understand how to utilize security strategic services.

Today, cyberattacks happen more frequently and with greater sophistication than ever before. Organizations around the world search for the right tools, policies, and procedures to avoid the consequences of system vulnerabilities and malware.

This is a special episode of Cybersound featuring the Founder of security IaaS LimaCharlie, Maxime Lamothe-Brassard. He is a proven computer scientist and information security specialist, formerly with CrowdStrike and Google X’s Chronicle Security.

Is your business prepared for an emergency, a crisis, or even a pandemic? How would you know? Risk assessments are essential to do annually, at the very least. Risks show up in the worst places and at the worst times. Natural or physical, accidental or environmental, technological or unexplainable–risks must be assessed, scoped, and mitigated.

There used to be a day when you could trust everything you saw on your mobile device, but that day passed long ago. Today, many spoofs are used to get your information through your phone or tablet. Push notifications to text messages, QR codes to mobile payments–threat attackers use them all. That’s why you need to be vigilant about what you click, allow, and send over your phone.

Data resides in the “deep,” but in the “dark” is where Vancord wants to shed some light. Listen for information and gain education on what you need to know about the Dark Web so you can stay protected. As they say, “You can’t defend what you don’t know.” You need to know what’s out there, and you can keep your data protected.

Did you know Incognito Mode doesn’t really mean you’re invisible to a web browser? Your behaviors could still be tracked and your clicks could still be collected. However, that doesn’t mean you can’t feel safe while browsing privately.

Costs are higher everywhere, but in the insurance world, it seems no one was prepared for the impact of ransomware. That means prices are being passed down to the customer and no one is happy about that. Is your business prepared for your next renewal? What can you do to recoup the losses and retain some profits? Don’t miss this chat and stay prepared in 2022.

Businesses have adopted specific cybersecurity standards for their protection. And some are even being incentivized to do it. Today’s special guest on Cybersound is Sherwin Yoder, a partner at the Carmody Law Firm in Connecticut, who is responsible for its privacy and security practices.

Today, Jason Pufahl, Steve Maresca, and Matt Fusaro discuss what they believe the major technology and security benchmarks will be for the year ahead.

Managing service providers and general technology support staff evolved to a hybrid workplace in 2021. Many companies had to adapt to new working environments, which appears to be the new normal. Now, tech support has to manage these remote workstations. Sounds easy, but from encrypting cloud software to protecting the staff from ransomware, today’s IT manager has more to consider to optimize the business for efficiency and productivity.

With the threat landscape continuously shifting, keeping security top of mind when it comes to the implementation of managed services is more important than ever.

If your organization has not been a victim of ransomware, be thankful but remain aware. When you least expect it, someone could click on the wrong link or download the wrong file, and your entire company will be held hostage to the highest bidder.

You’ll have to excuse the guys on this episode. They’re announcing that Santa Claus is now a client of Vancord. And since “the big man” is buying all those electronic devices, he is naturally concerned about your online identity.

Welcome to Cyber Incident Monday. Shopping is now a 24/7 occurrence with people shopping online, on their phones, or in stores. Data breaches always spike during the holidays, which is why consumers must be vigilant about protecting their information. There are potential pitfalls about shopping and putting your PII (Personal Identifiable Information) everywhere, but what are they?

Indeed has shared that 52% of all workers are feeling burned out. This creates stress, fatigue, frustration, and mental health issues. How can prevent the burn out? Prepare for the time off! It’s simple to say and difficult to do.

As our cars become more intelligent and more connected, it is essential to consider the security risks of their connectivity. While automotive hacking isn’t new, do we need to worry as autonomous cars become more popular on the market?

The center of cybersecurity conversations has revolved around Artificial intelligence (AI) and machine learning. Maybe the better question should be, “Do you need AI in your security products?”

Phishing scams are back with a vengeance. With their redux comes a new set of tricks designed to make your life difficult.

Business continuity during a cybersecurity incident is more than just having a plan in place. It is about leadership—acting as a “human firewall” that can communicate internally and externally effectively.

Aligning to a specific cybersecurity standard or blueprint for your ruling guide for compliance provides value and credibility to your organization. Meeting and exceeding regulatory requirements is a conduit to improving your business.

Here is a chilling statistic: 40% of elementary school kids have already chatted with a stranger online!

Recorded in alignment with October CyberSecurity Month. Whether you’ve obtained your skills through a college degree program, through earned certifications, or you are entirely self-taught, CyberSecurity is an outstanding career choice for people who are curious.

Recorded in alignment with October CyberSecurity Month. Called the scourge of the internet, phishing is a nefarious attempt to steal your sensitive data.

Whether you work on a Mac or a PC, cybersecurity is a primary concern for all, especially with so many of us working remotely where company security measures may not be as effective.