When it comes to protecting your businesses infrastructure, it is safe to assume that you have some form of cyber protection activated. But email communications represent the biggest threat of all, because it takes advantage of the end user, in one form or the other. It generally only requires one misstep from a member of a network to unleash a catastrophic chain of events within that network.
OneLogin, a company that provides single sign-on capabilities to safely store passwords of over 23 million users including 2,000 businesses, has suffered a compromise that included the ability to decrypt customer data. In a recent blog, the company revealed that an attack occurred May 31st at 2 am and was identified by a staff member around 9 am. Through that attack, sensitive information such...
Hospital networks can unfortunately become a goldmine for attackers that use ransomware worms as their weapon. If deployed, lives may be endangered, hospitals usually must pay the ransom, or pay to get files retrieved and its reputation could be damaged. Because these attacks are increasing due to lucrative benefits, teaching and reminding hospital staff to use valuable cyber hygiene is...
If your customers are like most organizations, 75% of their employees recycle or use a variation of the same password across most of the systems and websites they access – both on and off their employer’s network. And this practice is becoming increasingly dangerous.
Today, Digital Citizens Alliance published a report that focuses on how exposed Universities and Colleges' populations are on the dark web. Specifically, they looked at the levels of compromised credentials associated with .edu’s on the dark web. ID agent provided data to support the report.
Stolen email credentials are an often exploited vulnerability for government and corporate networks. In fact, Verizon announced in a recent study that 91% of phishing attacks specifically targeted email credentials.
Are you concerned about hackers stealing your organization’s email credentials and accessing your organizations PII or confidential information? If you’re not, you should be.
If you think you’re immune from hackers, consider this USA Today headline from March 25, 2016: 1.5M Customers of Verizon Anti-Hacking Unit Hacked. We bring this headline to your attention not to cast aspersions on Verizon, but to illustrate that no organization is immune from hackers.
Protecting employees from cyber threats and identity theft is increasingly becoming a corporate responsibility.
Every year, HR and Benefits Managers are faced with the task of simultaneously communicating cost increases and benefit reductions while finding ways to improve employee morale. At the same time, those focused on your corporate security are busy fighting the endless war game of...
WASHINGTON, D.C., May 5, 2016 – Winvale, the leading provider of strategic and technology solutions for government, was named Tech Company of the Year by the Chesapeake Regional Tech Council (CRTC) at the organization’s annual awards celebration on April 28, 2016. Winvale was honored for its achievements in strategic business planning, vision and contributions to the Washington, D.C.,...
In its recent 2016 Data Breach Investigations Report, Verizon Enterprise confirmed many industry trends that we see at ID Agent every day. The most glaring blind spot for organizations is how stolen credentials are the primary means by which hackers exploit their vital systems.
As providers of comprehensive cybersecurity solutions, we’re often asked how an organization can better ensure that their employees are being safe online. There are numerous ways to prevent a data breach, from the implementation of a threat intelligence tool to network security protocols that screen your supply chain.
In today’s world, it’s not uncommon for organization’s to have some type of system in place to protect themselves from a potential data breach. Many use secure password protocols, two factor authentication logins and even invest in cyber education for their employees to minimize the possibility of insider breaches.
Do you think the IRS is protecting your personal information from cyber thieves? Apparently the Government Accountability Office (GAO) doesn’t think so. In a March 2016 report titled, “IRS Needs to Further Improve Controls Over Financial Taxpayer Data”, the GAO found that 28 vulnerabilities that the IRS claimed to have resolved have still not been fixed.
Keeping your healthcare organization cyber secure is no easy feat. In fact, almost every organization is vulnerable to a cyber attack, no matter what the industry. Just look at the headlines featuring major breaches to entities like the Federal Bureau of Investigation and the Department of Homeland Security alongside medical institutions like MedStar.
A little known fact about corporate identity theft is that a large percentage of data breaches originate inside the organization’s walls. A recent report by Intel estimates that 43% of data breaches are the result of insider threats. Half of the insider breaches came from employee negligence and half came from malicious actions.
The digitization of medical care has become a double-edged sword. Healthcare providers like Kaiser Permanente have used medical records to improve the health of their members.
In 2015, the National Committee for Quality Assurance found that Kaiser Permanente ranked first in 21 different healthcare quality measures, more than any other health plan in the country. Kaiser’s quality of care is...
Verizon’s recent announcement of a data breach in their Enterprise Solutions unit is just the most recent of a staggeringly high number of organizational data breaches in the U.S.
Among all of the security features a company needs in order to truly protect itself, it’s easy to forget about the most important aspect of an organization that needs to stay out of harm’s way – its people. Employees are becoming increasingly more vulnerable to cyber threats, just as your company is as a whole.
Identity theft continues to grow at an alarming rate. Statistics show that 3% of the U.S. population experienced credit card fraud at least once in 2014. Not to mention that, “an estimated 17.6 million persons were victims of one or more incidents of identity theft,” in the same year, as reported by the U.S. Department of Justice. This is up by a significant amount from the 16.6 million...
The IRS recently issued an alert, warning Human Resources or Payroll professionals to be on the lookout for an email scheme designed to steal employee data from W-2 forms. The scam has already claimed some high profile victims, such as Snapchat, and is especially threatening as employees are in the midst of tax season.
Protecting sensitive customer data on your networks isn’t just the right thing to do - it may now be a legally sanctioned practice. Recently the Federal Trade Commission (FTC) was granted broad authority to penalize companies that had inadequate cybersecurity practices in place to protect their customers’ information from data breaches.
Cyber risk is no longer a potential threat to put on the back burner for later review. The reality is that cyber risk is a threat right now. Many organizations are taking precautions to protect themselves and their people. However, despite the plethora of major companies and brands experiencing the repercussions of not instilling pre-breach precautions, the question remains: is it necessary...
The internet has changed the way businesses operate around the world. Having access to a tool of this caliber is essential to the way corporations function today, but it also has its downfalls. In this case, we’re referring to the incredibly dangerous threat most business owners are either unaware of or hardly ever think about - cybercrimes like Business Email Compromises (BEC).
Since 2003, the FBI has tracked more than $740 million dollars lost to business email compromise (BEC) fraud in the United States. Who’s the main target? None other than the C-Suite. Led by organized online criminal groups, BEC is one of the fastest growing types of financial fraud.
On December 30th, 2015, the IRS officially announced that employers are not required to include the value of pre-breach identity protection services in employee gross income. This adds to a previous announcement where the IRS stated in August 2015, with announcement 2015-22, that post-breach identity protection benefits would have preferential tax treatment.