The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email and landing page to...

With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many mysteries, your cyber...

While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to crucial information...

Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25 has teeth and isn’t...

As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily risen to over 60% of...

Cyber security awareness is an everyday job, and it’s easy to fall into a false sense of security once you have a solid plan in place. Every year, statistics are a reminder that hackers and scammers never sleep. New trends and attack types pop up daily, making it difficult to keep track. This list is a rundown of the most important statistics of the year, allowing you to get a good overview of...

Retail stores are one of the oldest ways humans exchange goods and services. As they evolve, one of the most significant shifts they have undergone is the dramatic increase in technology integration within their operations. From tools to check stock to staffing management and cash registers, retail stores rely heavily on technology for almost every aspect of their business. Unfortunately, all...

Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency has long required...

To prevent ransomware, companies need to focus on giving their employees actionable security awareness training that educates, empowers, and motivates. For this to happen, employees must understand the facts around ransomware and the profound, long-term impact it can have on the company. Once a ransomware attack is successfully executed, there are very few options for the affected company apart...

New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers more control over their...

In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients. The Kaseya ransomware outbreak is one of the latest high-profile ransomware attacks targeting...

How to Protect Against Ryuk Ransomware As countries worldwide struggle to come to grips with the Covid-19 pandemic, attackers have attempted to capitalize by launching a wave of ransomware attacks on hospitals across the U.S. and Canada. These attacks have taken place in locations ranging from New York, Nebraska, Ohio, Missouri, and Michigan, to Montreal, by using Ryuk ransomware. But what is...

Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources are used responsibly...

As a follow up to the Business Continuity Management program article , here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a response plan to deal...

The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the information’s security...

Ransomware is one the many scams that Internet users dread. Once this type of malicious program is installed, it asks the user for “ransom” to unlock the computer, using various pretexts and pretending to be a local police authority. In one case, a user clicked on a malicious link and was bombarded with pornographic pop-ups. The user attempted to restart his computer, when he received a message...