Risk Management articles

Much to the chagrin of security professionals, cybersecurity best practices are often seen as a nuisance by employees outside of the security and IT teams. The consensus is that security slows down processes, and limits autonomy and training is one more thing to check off the list. But employees are ultimately your biggest vulnerability, so in order to move the needle and actually improve your security posture, you need participation from all teams. IT needs to patch software, employees must […]

Managing cybersecurity vendors wasn’t the daunting task it is these days. Not too long ago, organizations were bound by a perimeter, and it was simpler to piece together a set of capabilities to stay safe and secure. Businesses of all sizes followed a surefire formula that kept most of them safe. With the introduction of the cloud and the push for digital transformation, everything changed. The perimeter has largely evaporated — companies rarely own their servers and entire teams are […]

In a recent Right Hand Security, Front Lines event, SolCyber Chief Technology Officer David Emerson interviewed cybersecurity expert and friend of SolCyber, Scot Hutton, on how cyber leaders can more effectively communicate with boards to make positive changes that will increase a company’s security posture. Below are key takeaways from their conversation. You can also watch the full interview on YouTube. Much to the dismay of security professionals, implementing secure strategies doesn’t always fall under their purview. Cyber professionals can […]

Ransomware is quickly becoming the number one threat for nearly all organizations. Over the last few years, ransomware attacks have skyrocketed with COVID fueling the number of incidents levied on various organizations. In 2020, ransomware attacks rose 485% and payouts also hit a record high, reaching an average of $312,000 in 2020. This trend isn’t stopping in 2021, either. The banking industry alone saw a 1318% increase in ransomware attacks in the beginning of 2021. This evidence alone should demonstrate […]

For those of you who are just joining us, I’m retired Marine and security expert Scot Hutton and I’ve been invited by my friends at SolCyber to write a blog series on security that matters. So far, I’ve covered why ransomware has forever changed the security landscape for small and mid-sized businesses (SMEs) and explained why now is the time for SMEs to invest in cybersecurity. In this post, I’ll cover security frameworks and why in many cases, they don’t […]

‘Hi Scott, nice talking with you. We’ve got AV, some firewalls and spam filters for email…isn’t that enough?  I think we are pretty secure”  This is probably the most consistent interaction I have with customers in the mid-market. But what is ‘enough’ security? It’s a question I get asked almost every day because it’s becoming increasingly difficult to answer. Part of that is due to the changing nature of the threats organizations face, but it’s also because our security mindset […]

Up until recently, it was thought that companies only needed a detailed security program if they were handling sensitive data. If you weren’t collecting customers’ credit card information, data related to their personal health or wealth, or other private data, you were likely safe from the most persistent cyberattacks, specifically ransomware attacks. With ransomware, an attacker can lock up your business’ data or systems and demand your business pay a sizable ransom to decrypt and unlock said data. The larger […]

The MSSP market is crowded, and it’s not easy for a CISO to find the right provider for their organization. There are many factors to consider and making a mistake can be expensive, squander precious time, and may inadequately protect your organization. Here are some considerations for navigating this landscape and identifying the right MSSP for your company. Firstly, what is a CISO’s priority? Partnering with an MSSP is one of the most impactful decisions you can make for your […]

Nothing is more enjoyable than standing on the side of a helicopter while flying fast and aggressively. To this day, the work I accomplished during my time in the Marines is some of the most rewarding in my career. It takes discipline and calculated risk to jump into a helicopter whirling around thousands of parts made by the lowest bidder. You stay focused, understand the risk and, if possible, enjoy the heck out of the ride. Moving into the cybersecurity […]

Why you need the minimum effective dose of security When it comes to cybersecurity, companies large and small are up against the same adversaries. While the most advanced hackers would once target only large companies, hackers have started to use the same advanced techniques as part of larger campaigns. In many cases, attacks on SMBs are just as profitable, so that’s what they do. This, naturally, becomes problematic because small and mid-sized businesses (SMBs) don’t have the same cybersecurity budgets […]

Looking back 20 years, the security industry was vastly different. With so few entry points, organizations needed a two-tier firewall and an intrusion protection system to secure the perimeter of their network. Small and mid-sized enterprises (SMEs) could outsource their IT needs to a managed service provider (MSP), and they would receive an alert anytime an issue was detected. Managing security was a breeze. Then came the cloud, smart phones and IoT devices and the threat landscape expanded—enormously. The move […]

Welcome to SolCyber. We’re an MSSP that does things a little differently. The threat landscape has changed dramatically in the last several years. And call us crazy, but we believe new and modern threats require a new and modern approach to protection. And this approach needs to work for everyone. However, the current solutions provided by many MSPs and MSSPs, often leave small and mid-sized businesses vulnerable. So does an MSSP that believes cybersecurity should make you resilient but shouldn’t […]