All posts by Kelly Brindle

Types of Cyber Attacks


What is Malware or Malicious Software?

It is any software that harms or misuses your electronic devices that connect to the Internet, the purpose is to delete files, monitor activity, or as simple as slowing down your system.




Tips To Protect Data

Threats to your data have increased due to Covid-19 and unconventional tactics. We’ve put together tips to help protect your data.

1 Multi-Factor Authentication (aka Two-Form Authentication)
Multi-factor authentication is based on providing multiple authentication methods, such as something you are, something you know and something you have. By having a multi-check process, you are reducing your risk of being phished.
2 Password Manager
Password managers store your login information for all the websites you use and help you log into them automatically. They encrypt your password database with a master password – the master password is the only one you have to remember.
3 Patching Devices
Applying patches to your devices is very important. Vendors (Apple, Microsoft, Google) fix vulnerabilities in their software updates/patches. If you do not patch/update your device, malware can sneak in and infect your device.
4 Encrypt Your Data
In case your laptop or mobile device is lost or stolen, encrypting your hard drive and email provides an additional layer of protection against thieves.
5 Confirm Email Sender
Hackers can spoof the display name of a person you know or trust in email. Be sure to look at the email address to confirm the true sender. Any email discussing personal or sensitive data needs a phone call to the sender to verify.
6 Limit Personal Information
Social media is great to connect with long-lost friends, family and potential clients. However, hackers look for common items people share – pet names, maiden names, your favorite places – to hack in. Minimize how much information you share on your platforms.
7 Turn Off Bluetooth
Bluetooth is easy for hackers to communicate with your phone and steal data from the phone if Bluetooth is enabled. Disable Bluetooth when you are not using it.
8 Links To Phishing Scams
Fake e-mails are sent that appear to be coming from your bank, asking you to verify your bank account has not been tampered with. Delete the email and do not click the link provided.


What is Information Security and Cybersecurity?

All businesses use information – for example, employee information, tax information,
proprietary information, or customer information. Information is vital to the operation of a
business. If that information is compromised in some way, the business may not be able to
function. Protecting the information an organization creates, uses, or stores is called
“Information Security.”

Information Security is formally defined as “The protection of information and information
systems from unauthorized access, use, disclosure, disruption, modification, or destruction in
order to provide confidentiality, integrity, and availability”

Information security encompasses people, processes, and technologies. It concentrates on how to

Confidentiality – protecting information from unauthorized access and disclosure. For
example, what would happen to your company if customer information such as
usernames, passwords, or credit card information was stolen?

Integrity – protecting information from unauthorized modification.
For example, what if your payroll information or a proposed product design was

Availability – preventing disruption in how you access information.
For example, what if you couldn’t log in to your bank account or access your customer’s
information, or your customers couldn’t access you?

As more and more information becomes digitized – digitally stored, processed, and
communicated – cybersecurity has become a key component of information security.
Cybersecurity means protecting electronic devices and electronically stored information.
Cybersecurity is formally defined as “Prevention of damage to, protection of, and restoration of
computers, electronic communications systems, electronic communications services, wire
communication, and electronic communication, including information contained therein, to
ensure its availability, integrity, authentication, confidentiality, and nonrepudiation”
As part of information security, cybersecurity works in conjunction with a variety of other
security measures, some of which are shown in Figure 1. As a whole, these information security
components provide defense against a wide range of potential threats to your business’s
information. Although much of this publication involves electronic devices and solutions, it is
not limited to cybersecurity and typically refers to “information security” as a whole.

What is an MSSP?

Managed security service providers (MSSPs) are IT service providers that specialize in offering cybersecurity monitoring and management to small and medium businesses. These services can include virus and spam blocking, intrusion detection, firewalls and virtual private network (VPN) management.



The most popular scenario for social engineering attacks is when the hacker impersonates or tries to trick them into compromising security.  Hacker impersonates another employee in the organization.

Hacker impersonates administrator

Hacker calls and impersonates the network administrator, tries to trick the user into compromising security by asking the user to do things such as changing their password or giving away account information.  The hacker also may ask the user questions about the general setup of the system.

Hacker impersonates user

Calls the network administrator pretending to be a frustrated user.  In this scenario the hacker will pretend they do not remember their password or how to get onto the system. An unaware administrator may help the hacker (acting as a frustrated user) gain access to the system by resetting a password and guiding them through the process of gaining access.

Hacker impersonates management

If the hacker knows the name of personnel on the management team, the hacker may call employees within the company and impersonate management. The hacker will ask the unsuspecting employee to perform actions that will essentially compromise the security of the system or the environment so that the hacker can gain access later.