GreyCastle Security's Top Cybersecurity Blogs from 2018

The New Year is coming – and it’s bringing new cybersecurity risks with it.

Are you ready for them?

The introduction of new threat vectors and growth in crippling attacks such as ransomware seemed to be the trend in 2018. As the threat level escalates and the impacts of a cybersecurity incident increase, more than ever you need the skills, preparation, and knowledge in place to respond to an incident quickly and efficiently. Knowing what to do can mean the difference between a total loss and successful outcome.

GreyCastle Security has gathered together the best blogs written by our experts over the past year to share their insights into some of the challenges and opportunities you might face in developing cybersecurity programs.

Here are our top cybersecurity blogs from 2018…

How to Cybersecure the Business – Step 1 – (Data) Asset Inventory
Is your business protected against cyber threats? Ultimately, the goal is to secure your business enough so that you don’t have any significant financial or operational impact and to only spend what is necessary to do so. Yes, this can be like walking a tightrope while blindfolded. So, where do we get started and how do we lower our risk of falling, or at least minimize the impact when we do fall?Click here to read more

Cybersecurity in 2019: Trends to Watch & Resolutions to Keep
Another year, another breach. Another whizzbang technology. Another success story. 2018 was the year that cybersecurity went mainstream. As headline after headline this year illustrated, cybercrime is now a routine part of everyday life. So, how did 2018 change the cybersecurity landscape?Click here to read more

Building A Risk-Based Cybersecurity Approach
The cybersecurity industry continues to grow rapidly. If there’s one constant in the growth of this industry, it’s the push for the best, fastest solution, AKA the silver bullet piece of technology that will allow companies to “set and forget” cybersecurity. In this rush to solve problems, organizations continue to add complex technology-based solutions at an alarmingly fast clip. The problem with this approach? It doesn’t work.Click here to read more

Cyber Preppers: 5 Things to Know When Creating a Cybersecurity Bugout Bag
A wise man once said, “The best time to prepare for an emergency is before it happens.” In the “real world,” this means having an escape plan and the tools you need to execute it. Often referred to as survivalism or “prepping,” these real-world action plans frequently have one thing in common: a bugout bag. In cybersecurity it means developing an incident response plan before you’re hit and having the capability to use it.Click here to read more

“Change” Isn’t a Four-Letter Word: Creating a Culture of Security
You will become the target of a cyberattack. How can you protect your business? Start by establishing a cybersecurity program on a solid foundation and fostering a culture of security within your organization. It’s an understatement to say that this will take some work, however, it is vital to protecting your assets.Click here to read more

Incident Response and Disaster Recovery Planning: Preparing for the Worst
What do you think about when you hear the word “disaster”? Hurricanes? Floods? Earthquakes? Fires? In reality, a disaster doesn’t have to be so dramatic. When it comes to your business, disaster can mean something as simple as a power outage, broken pipes or, in today’s digital world, an employee that clicked on the wrong link. With the proliferation of new attack vectors and immediately crippling attacks such as ransomware, you can’t take any chances. Being prepared isn’t just for big organizations and critical infrastructure. While the threat level is escalated and the impacts are ever increasing, the steps to prepare are well-known and doable. Your business is critical to you, so why would you treat it any differently?Click here to read more

The Evolution of Evolution: What an Exploding Population Means for Cybersecurity
While Nation State and Organized Crime attacks get most of the media attention, we are quickly migrating toward a more personal and Darwinistic attack. An attack against the American way of life. These attacks don’t need to be super technical or difficult and, quite honestly, can be hired out for pennies on the dollar.Click here to read more

Cybersecurity Awareness: The Building Blocks of a Successful Program
What is your biggest security risk? (Hint: it’s also your greatest asset.) People. Security isn’t a technology problem and it’s not an IT issue. At the end of the day, your people are actually the biggest risk to the security of your organization. Technical systems are important, but if you don’t address the human element within your organization and take the necessary steps to promote cybersecurity awareness among your workforce, you’re in for one heck of a headache.Click here to read more

It’s When, Not If: Why You Need an Incident Response Plan
Information security incidents are reactive, not proactive. Just like performing CPR, first aid, or responding to your house on fire, having the skills, preparation, and knowledge in place before you need it can mean the difference between a total loss and a successful outcome. During security incidents, clients who have planned and prepared for the inevitable lose less money, are back online in less time, and generally, report incidents less than those who haven’t prepared.Click here to read more

Cybercriminals Don’t Go on Spring Break
Pencils down: it’s spring break. Your students, faculty, and staff are likely hitting the beach and taking some well-deserved time off from the rigors of academia. Cybercriminals, on the other hand, still have their noses to the grindstone. They’re working hard to infiltrate your campus. Are you working hard to stop them? While your students might say “What happened on spring break stays on spring break,” that won’t (and can’t) be your motto if your campus and its information are targeted by cybercriminals.Click here to read more

Threat Misdirection: What the Titanic Can Teach Us About Cybersecurity
When you think about cybersecurity, think about what really happened. After the Titanic sank, people wanted to know three things: why did it happen, who could they blame, and could it have been prevented? You’ll probably ask yourself those same questions when you face a cyberattack. Those seeking answers to the Titanic tragedy found a few things to blame: substandard rivets, not enough lifeboats, weakness in the hull, and other vulnerabilities. And you’ll probably find some answers to your own questions: a stolen laptop, bad passwords, weak access controls, etc. But don’t focus on the rivets, the iceberg, or the captain. Look at the water.Click here to read more

Happy Festivus! Five Cybersecurity Grievances We Need to Air
If you’re not familiar, Festivus is the holiday celebrated by the Costanza family from the NBC sitcom “Seinfeld.” This non-commercial, secular holiday is celebrated on December 23rd and includes a dinner with a vaguely meatloaf-shaped main course, an aluminum Festivus pole (without tinsel!), Feats of Strength, and the Airing of Grievances. For this blog, we’ll be participating in the Airing of Grievances, with cybersecurity being our focus. We asked our employees, “What the heck are people always getting wrong when it comes to cybersecurity?” and a group of GreyCastle Knights has come together to share their pet peeves and air their grievances related to cybersecurity programs.Click here to read more

What’s Next?

Once you’ve read through these blog posts, head over to our library of On-Demand Webinars for more expert tips and cybersecurity insights.