Contact

DataEndure | Managed Cybersecurity. It's about time.

Under Attack?

Security & Compliance

Home > Archives for: Security & Compliance

Why is Email Security Important?

| By Kirstin Burke

Why is email security important?

When it comes to threat detection and response, statistics from 2022 and into 2023 emphasize the growing challenge organizations—and the cybersecurity industry—have in terms of “people-proofing” attack vectors. Cybercriminals capitalize on stolen credentials, privilege misuse, and human error, and they apply well-orchestrated social engineering tactics on their victims. 93% of successful cyberattacks start with a phishing email. Indeed, business email compromise (BEC) and pretexting has doubled in just one year…. Read More

Achieving a Successful Digital Transformation

| By Bryan Chun

ones and zeros with a magnifying glass zoomed in on the word "migration"

Recently, I had the opportunity to assist a major construction firm with their digital transformation. Like many organizations, COVID drove the need to support a remote workforce. However, additional factors were at play, including IT staffing shortages and aging infrastructure that was nearing end of support. Given the distributed nature of the company’s ROBO (remote office, branch office) and SOHO (small office, home office) locations, their IT staff faced challenges… Read More

ChatGPT is an infant that’s been given the internet

| By Shahin Pirooz

ChatGPT is an infant that's been given the internet

The “godfather of AI” just quit Google so he could speak freely about the dangers of generative AI products. The concern is the speed and acceleration without guardrails. Historically, we’ve had some really smart people in the hacker space that were doing things on the dark side. But now, we’ve just enabled many other bad actors who aren’t as savvy to do nefarious things. Zero Trust is 30 years old…. Read More

No easy button for cybersecurity

| By Kirstin Burke

There's no easy button for cybersecurity.

There is no “easy button” when it comes to protecting your data. While an endpoint-focused security solution is critical to protect the individual devices in your environment, such as computers, mobile phones, and tablets – it’s a very limited tactic. Combatting today’s threat actors requires a distributed defense in depth approach, not just a distributed endpoint security solution. As you assess your security tools – make sure you know what… Read More

Is it time to rethink your network?

| By Ross Rehart, MSc.

rethink network security

Corporate networks haven’t changed all that much over the years. They’re often considered a utility to be left untouched if traffic flows as expected. Most IT leaders and network administrators have the mindset “if it ain’t broke, don’t fix it.” This has been the case virtually since the inception of computer networks. Most networks today are still designed or run in traditional architectures, such as overlapping star topologies (via VLANs)… Read More

Bank crisis is opportunity for scammers

| By Shahin Pirooz

scam alert caution sign surrounded by dollar bills

With all the news and confusion around Silicon Valley Bank, Signature Bank and Silvergate Bank, it’s critical to have a heightened awareness of any financial communication you may receive. Bad actors thrive in crisis and use many social engineering tactics to take advantage and profit. There will be scenarios where scammers will use email to impersonate someone in authority (your financial institution) in order to trick the recipient into disclosing… Read More

Cyber-risk questions Boards should be asking

| By Kirstin Burke

New SEC rules: cyber-risk questions boards should be asking

If you are a corporate officer, cybersecurity plays a critical role in protecting your company’s financial, operational, and reputational interests. Boards have a legal obligation to protect the assets of the company–which includes digital assets–so it’s essential to have a clear understanding of the cyber risks an organization faces to make informed decisions on how best to manage and mitigate those risks. Legal and regulatory requirements There are many laws… Read More

Virtual Private Networks aren’t so Private

| By Ross Rehart, MSc.

Virtual Private Networks (VPNs) came about in 1996 when Microsoft released the point-to-point tunneling protocol (PPTP) to secure connections between the user device and the internet resource(s) the user was connecting to. As the use of the internet grew, businesses began using VPNs to securely transmit data between sites. Eventually, the use of VPNs became ubiquitous, and are commonplace across businesses and homes today. Private VPN companies are thriving as… Read More

2022 Year In Review

| By Kirstin Burke

Blog - 2022 Year in Review

Over the past year, DataEndure’s TECH talks have covered a wide range of topics related to cybersecurity–from emerging industry trends, the economy, best practices, and more. Looking back at viewership across all our broadcasts, three features stood out distinctively from the rest–and not surprisingly, they are interrelated. With polymorphic malware responsible for many initial intrusions, it is understandable why viewers wanted more education on why their current antivirus/endpoint detection tools… Read More

I Get by with a Little Help from my Friends

| By Kirstin Burke

December Tech Tip. Photo of people near wooden table. Colleagues holding hands in unity.

For those of you who were around in the late 90s, the Managed Service Provider (MSP) concept was in its infancy. While the concept was simple–create and act as a centralized IT environment and offer it to multiple companies to leverage on a consumption basis–trusting the model, and therefore adoption, took time. Fast forward to today, and MSPs have become second nature.   MSPs are in a unique situation, able… Read More

NEW BLOG:Why Digital Resilience Demands a Unified Approach
+ +