Posts in Cybersecurity
Common Cyber Attacks– and How to Prevent Them 

As your organization implements controls to defend your data against malicious cyber attacks, it is important to remember that not all attacks are the same. They use different methods to achieve different goals, and each type of attack requires different prevention strategies. Here are the most common types of cyber attacks and how you can prevent them.

Read More
SECURITY ALERT: Stop Sending W-2s to Hackers!

in 2018, hundreds of Virginia businesses were victims of W-2 phishing attacks. A phishing attack is a socially engineered attempt to obtain sensitive information from an individual or company. As we enter 2019 tax season, it is critical that your company is vigilant against this type of cyber attack. These tips will help your employees spot– and avoid–phishing attacks.

Read More
Defending Data Against Advanced Persistent Threats (APTs)

MSPs typically have direct and unrestricted  access to their clients' networks, and therefore their clients' sensitive information. By targeting MSPs, Advanced Persistent Threats (APTs) only need to breach one network in order to access a wide variety of sensitive data. Thankfully, there are steps that businesses can take to defend their data against these advanced threats.

Read More
Minimizing Damage Following a Cyber Incident

When your organization is faced with a cyber incident or breach, it can be difficult to know how to respond. Unfortunately, many businesses make knee-jerk reactions that can actually make the problem worse. While it is important to address the issue quickly, it is just as important to address it effectively. If your company is experiencing a cyber incident, keep these steps in mind to help minimize potential damages.

Read More
5 Ways Managed Detection + Response (MDR) Out-performs MSSPs

Traditional MSSPs offer ineffective solutions that rely on signature-based detection and perimeter defenses. Because they only monitor for known attacks, these solutions leave your network vulnerable to advanced malware, zero-day exploits and insider threats. Managed Detection and Response (MDR) offers businesses a subscription-based security model that actually defends against today's advanced cyber threats. Unlike passive security monitoring services offered by Managed Security Service Providers (MSSPs), Managed Detection and Response doesn't wait for attacks to occur- it leverages advanced analytics to actively hunt for unknown threats before they infiltrate your network.

Read More
Data Classification: A Key Component to Effective Cyber Risk Management

It is impossible to protect what you do not know you have. Without an awareness of which information assets present the greatest risks, companies cannot make informed decisions about their cybersecurity practices or policies. By limiting access to sensitive information, and putting more cybersecurity focus on the data which has the potential to do the most harm, businesses greatly mitigate their cybersecurity risks.

Read More
Cybersecurity ROI For Small and Mid-Sized Businesses

How do you calculate the return on investment of your cybersecurity program? Businesses must look at money saved, not money earned to calculate the ROI of their cybersecurity. Not investing in adequate data defense can cost companies millions- downtime, public reaction, loss of intellectual property, share values, and fines must all be considered in risk profiles when assessing how much money your company should spend on cybersecurity.

Read More
10 Questions to Ask During a Cybersecurity Vendor Assessment

Developing a cybersecurity program is difficult. It is important to carefully consider what data you need to protect, the best methods to protect it, and which vendors to partner with. It is important for organizations to ask the right questions when conducting vendor assessments and to develop a clear division of responsibility from the get-go. These ten questions will help you determine whether or not a vendor is a good fit, and also what role they will play in your overall security strategy.

Read More
MSP vs MDR: Which Solution is Best for Your Organization?

MDR combines people, technology and automation to give your organization the most advanced data defenses available.  Network sensors proactively identify potential threats and eliminate false-positives, allowing expert analysts to focus only on the threats that matter. This approach saves you time and money while accurately detecting advanced threats that bypass MSPs and other security tools.

Read More
Cyber Spying: How Corporate Espionage Threatens Businesses

Intellectual property theft costs American businesses more than $600 billion per year, yet many companies fail to protect themselves from corporate espionage. Research, prototype plans, and employee and client data are all valuable on the Dark Web, and their loss can be catastrophic for most businesses. Is your data safe? These steps will help keep your company's most valuable assets secure.

Read More
Virtual CISO Gives Fortune-10 Support to Smaller Businesses

As cyberattacks increase, many businesses are bolstering their security efforts by adding designated information security departments and hiring expert CISOs. Small and mid-sized companies that do not want or cannot afford an information security department are often left to fend for themselves. A virtual CISO provides expert security intelligence as a consulting service, letting businesses focus on what they do best.

Read More
Ransomware: The Largest Cybersecurity Threat to Virginia Businesses

Ransomware is a specific type of malware designed to encrypt the files of the victim. The malware then prevents the victim from accessing their files until a sum of money, or "ransom" is paid. Ransomware is a growing problem and understanding how it works is key to reducing the risks associated.

Read More
New Cybersecurity Firm in Charlottesville, Virginia

Bluestone Analytics is a boutique security consulting firm focused on protecting the sensitive data of organizations both large and small. Drawing from a diverse set of backgrounds, the Bluestone Analytics team combines experience in Special Operations counterintelligence, advanced cybersecurity engineering, and international startup experience to create our unique approach.

Read More