When I’m not researching and writing about cybersecurity, I have a normal day job working in the development department for a nonprofit organization where, just yesterday, I found three cybersecurity alerts in my Outlook email. “You must change your password…”; “We had a phishing incident…”; “Our IT company has initiated MFA…”. It was a lovely way to begin my morning. I was puzzled that someone in our mid-sized company was tricked into clicking a malicious email link. How could this happen? Doesn’t everyone realize what phishing emails look like? The improper English; fake links, the sense of urgency? Apparently, not… H umans are still the weakest link in any data care plan. I sometimes feel that costly cybersecurity tools are more about protecting companies from their own employees than external threats. Businesses should elevate employee education, awareness, and periodic trainings to strengthen data care and minimize human error. I have some inexpensive ideas I often share with busi...
I was having a meeting with a cybersecurity representative and we were discussing helpful data care tools for small business owners. We talked about options for firewall protection, EDR and MDR, and cloud-storage--the usual stuff. I told him many small businesses look for budget-friendly options, and sometimes the cost of data care can be prohibitive to the little guy. The rep then suggested "Vulnerability Management", and with a curious look on my face, h e explained: " Vulnerability Management is a proactive approach to identifying, assessing, and addressing potential security weaknesses in your IT environment. It's the continuous process of discovering, prioritizing, and mitigating vulnerabilities to enhance your overall cybersecurity. " I then suggested he never use that explanation again, especially when talking to a business owner. Tech-jargon lures no one. We business people who aren't tech-savvy instead love analogies. So, after digging into the...