WELCOME TO THE NOVEMBER 2024 NEWSLETTER
Cyber Scoop is KeyStone Solutions monthly newsletter about the latest trends, topics, and articles relating to cybersecurity. As a Managed Service Security Provider (MSSP), KeyStone’s expert team helps small to medium sized businesses with IT services including virtual Chief Information Security Officer (vCISO), cybersecurity, help desk support, Governance, Risk, and Compliance (GRC), cloud solutions, and KeyStone’s signature service, IT Team as a Service (ITTaaS) which is an all-encompass solution.
From The Desk of the CISO
Prohibiting The Use of Business Credentials for Personal Sites or Applications
By Rob Ashcraft, CISO at KeyStone Solutions
This is a topic I have encountered on several occasions working with our customers on improvements to their cybersecurity policy. Employees sometimes use their email address and passwords from work for personal logins like Amazon, Walgreens, personal banking, etc. Prohibiting the use of business credentials for personal sites or applications is a crucial policy for maintaining organizational security and integrity. Business credentials, such as email addresses and passwords, are often linked to sensitive company information and systems. When employees use these credentials on personal sites or applications, they inadvertently increase the risk of data breaches. Personal sites may not have the same level of security as corporate systems, making them easier targets for cyberattacks. If these credentials are compromised, it could lead to unauthorized access to the company’s network, potentially resulting in significant data loss or financial damage.
From Cybercrime to Terrorism, FBI Director Says America Faces Many Elevated Threats ‘All at Once’
Commentary by KeyStone’s Rob Ashcraft
In a Security Week article, FBI Director Christopher Wray highlighted the increasing complexity and severity of threats facing the United States, ranging from cybercrime to terrorism. He emphasized that these threats are not only growing in number but also in sophistication, requiring a coordinated and comprehensive response from both government and private sectors. Wray pointed out that cyber threat actors are leveraging advanced technologies and exploiting vulnerabilities in government and business information systems, making it imperative for organizations to enhance their defensive capabilities and resilience.
My Key Takeaways:
- The U.S. faces a diverse array of elevated threats, including cybercrime and terrorism.
- Threat actors are using advanced technologies to exploit vulnerabilities in critical infrastructure.
- A coordinated response from both government and private sectors is essential to address these threats.
- Organizations, big or small, should continually enhance defensive capabilities and measure to boost resilience.
- The complexity and sophistication of these threats require continuous vigilance and adaptation.
Click on the link below to read the article in Security Week.