SECURITY ALERT: Stop Sending W-2s to Hackers!

in 2018, hundreds of Virginia businesses were victims of W-2 phishing attacks. A phishing attack is a socially engineered attempt to obtain sensitive information from an individual or company. As we enter 2019 tax season, it is critical that your company is vigilant against this type of cyber attack. These tips will help your employees spot– and avoid–phishing attacks.

Read More
Defending Data Against Advanced Persistent Threats (APTs)

MSPs typically have direct and unrestricted  access to their clients' networks, and therefore their clients' sensitive information. By targeting MSPs, Advanced Persistent Threats (APTs) only need to breach one network in order to access a wide variety of sensitive data. Thankfully, there are steps that businesses can take to defend their data against these advanced threats.

Read More
How to Maintain Digital Privacy

Though it is almost impossible to remain completely anonymous online, there are steps you can take to reduce your digital trail. We've outlined the main ways companies obtain and use your personal information, as well as simple steps you can take to reduce the amount of targeted ads you receive.  

Read More
Analysis: The Supermicro Backdoor

The chip, no bigger than a grain of rice, created backdoor access into Supermicro devices, giving China the ability to remotely contact impacted electronics. If China’s hardware manipulation efforts involved more companies than just Supermicro, the impact could be massive. China currently manufactures 75% of the world’s mobile phones and 90% of the world’s PCs. 

Read More
The Facebook Breach: What it means for users, third-parties, and the tech giant itself

The security lapse makes Facebook at risk of facing a $1.63 billion fine from the European Union’s General Data Protection Regulation (GDPR), a standard which aims to protect data privacy of UK citizens and hold organizations accountable for failing to protect user data. If the fine is issued, Facebook would be one the first organizations to face a fine from the GDPR

Read More
Corporate Counterintelligence

At Bluestone Analytics, we leverage US counterintelligence methodologies to help businesses improve their security, defend against insider threats, prevent Intellectual Property theft, and reduce their risk exposure on the dark web.

Read More
Lisa BantonComment
Minimizing Damage Following a Cyber Incident

When your organization is faced with a cyber incident or breach, it can be difficult to know how to respond. Unfortunately, many businesses make knee-jerk reactions that can actually make the problem worse. While it is important to address the issue quickly, it is just as important to address it effectively. If your company is experiencing a cyber incident, keep these steps in mind to help minimize potential damages.

Read More
Cyber Threat Report: North Korea

Businesses hoping for a reprieve from North Korean malware attacks will likely be disappointed. Despite what many consider to be diplomatic progress, North Korean state-sponsored cyber attacks continue and will likely remain a significant threat to American businesses, consumers, and military for the foreseeable future as North Korea looks to improve its global economic and political standing.

Read More
5 Ways Managed Detection + Response (MDR) Out-performs MSSPs

Traditional MSSPs offer ineffective solutions that rely on signature-based detection and perimeter defenses. Because they only monitor for known attacks, these solutions leave your network vulnerable to advanced malware, zero-day exploits and insider threats. Managed Detection and Response (MDR) offers businesses a subscription-based security model that actually defends against today's advanced cyber threats. Unlike passive security monitoring services offered by Managed Security Service Providers (MSSPs), Managed Detection and Response doesn't wait for attacks to occur- it leverages advanced analytics to actively hunt for unknown threats before they infiltrate your network.

Read More
The GDPR- Steps to Take Now

All companies processing the personal data of anyone residing in the European Union, regardless of the company’s location, must comply with the new GDPR regulations or face massive fines. Implementing the GDPR requirements may seem daunting, but the sooner your organization starts to dig in, the better off you will be. These steps toward compliance will get you on the right track.

Read More
Charlottesville Tech Scene Growth Leads to Cybersecurity Boom

Each year, the Tom Tom Founders Festival brings together artists, intellectuals, entrepreneurs, and other creatives for a celebration of innovation. In the spirit of celebrating founders, I spoke with the CEOs of these Charlottesville cybersecurity companies to see what they think the next big cybersecurity trends will be, and why they chose Charlottesville as their launchpad.

Read More
Data Classification: A Key Component to Effective Cyber Risk Management

It is impossible to protect what you do not know you have. Without an awareness of which information assets present the greatest risks, companies cannot make informed decisions about their cybersecurity practices or policies. By limiting access to sensitive information, and putting more cybersecurity focus on the data which has the potential to do the most harm, businesses greatly mitigate their cybersecurity risks.

Read More
Cybersecurity ROI For Small and Mid-Sized Businesses

How do you calculate the return on investment of your cybersecurity program? Businesses must look at money saved, not money earned to calculate the ROI of their cybersecurity. Not investing in adequate data defense can cost companies millions- downtime, public reaction, loss of intellectual property, share values, and fines must all be considered in risk profiles when assessing how much money your company should spend on cybersecurity.

Read More