Cybersecurity Insights & Trends

What makes managed service providers valuable makes them a high-value security target for breaches. Take these steps to mitigate the risks your MSP poses and help protect your interests.

Tap into the Infrastructure Investment and Jobs Act grants by creating a cybersecurity plan.

Launched in mid-2021, NIST is leading two labeling programs on cybersecurity capabilities of IoT consumer devices and software development practices.

Cyber threats to supply chain security have increased. Steps to de-risk your supply chain security.

Employee error causes nearly 40% of data breaches in healthcare. Understand the nature of the causes of PHI loss due to internal actors.

Four ways a compliance audit can inform your strategy as a new CISO.

Healthcare cybersecurity trends are demonstrating that cybercriminals are changing tactics and healthcare organizations must adapt to heightened and evolving threats.

Half of data breaches in healthcare are due to ransomware and that trends is accelerating since the pandemic.

Are you a newly-hired Chief Information Security Officer or Director of Security? We offer tips and strategies to maximize your impact in your first 100 days as CISO.

Maximize Your Cybersecurity Budget: Four areas where you’re spending too much and four where you’re spending too little on cybersecurity.

While O365’s popularity makes it a benchmark in business, there are cybersecurity concerns that every organization should address. Here are 6 tips to maximize O365 security features.

CISOs and CSOs stay an average of 18-26 months. Why is CISO turnover so high and how to ensure you have security leadership coverage and business continuity in times of transition.

We compare and contrast three service models – MSSP, SIEM, and MDR – that offer options for improving threat detection, remediation and response.

As IT and Security plan for transitioning back to the office or a home-office hybrid working environment, we rundown the various areas to consider and prioritize.

We summarize 4 major vulnerabilities that were leveraged to breach Microsoft Exchange Server, highlighting the need to stay diligent with vulnerability management, even cloud services.

Is it time to fire your cybersecurity provider? Here are the top reasons we hear why clients choose a new cyber vendor and symptoms of a successful client-vendor relationship.

Case Study: HMHS selected CyLumena to evaluate their application Vulnerability Management program, identify process gaps and recommend areas for improvement in execution and outcomes.

A Security Assessment and an IT Audit are very similar. Knowing which one you need depends on your cybersecurity or risk management objective and how you will use the findings.

Don’t Take Vendor and Customer Cybersecurity Risk for Granted. Their cybersecurity weakness is your data breach risk.

Case Study: How we helped Big Brothers Pittsburgh modernize and migrate to Microsoft 0365 and Cloud operations in admidst of “work from home” requirements.

How well do your employees understand cybersecurity? NIST updates their NICE framework to build better cybersecurity education.

Sepio & CyLumena Webinar Recap: “Pharma’s Challenge to Understanding Threat Vectors” plus current cybersecurity risk to pharma, life science & biotech.

Vistage CEO Confidence Index shows SMBs are recovering and planning growth for 2021. What role does cybersecurity play in business continuity and growth goals?

If your organization works with Personal Health Information (PHI), it doesn’t matter what industry you’re in. Decrease PHI privacy and security violation risk by understanding your data and potential compliance requirements.

Ransomware is a hot topic for a good reason. In 2019, there were around 61M ransomware cases. Recently, Gartner reported that the average ransom cost to recover their data rose to $84K without accounting for the 5-10x cost for downtime and recovery efforts. A sneak attack that grinds your business and operations to a halt would be costly on multiple levels.

This whitepaper walks through the four phases of Business Impact Analysis and gives concrete steps, guidance, and tips from our work conducting successful BIAs for our clients.

By 2025, all DoD suppliers need CMMC certification. However, contractors need to achieve Level 3 or above to secure many government bids & contracts now. We provide CMMC overview and readiness.

Do you know the phases of a cyber attack? To defeat hackers, you must understand how they strategize and execute cyber crime. We outline the five phases of a cyber attack.

If you have an automation or strategy using bots, you need to ensure they’re secure. We outline RPA security best practices for your Digital Worker Profile.

What more can you do to enhance third-party risk management? We highlight why risks are increasing and 4 ideas to standardize and strengthen your vendor security.

On July 15th, Twitter experienced a hack of high-profile accounts. While focused on celebrities, there are lessons to learn for every account holder. We share what is known and what to do.

We offer three core functions of an effective patch management strategy, providing critical assessment and maintenance for managing cybersecurity vulnerabilities with each software release.

CyLumena and Insperity, an HR solutions company, came together to deal with two critical topics organizations are facing during the pandemic – increased cybersecurity risks and challenges engaging employees in a work-from-home environment.

CyLumena explores six client cases to share tips on when to choose a Virtual CISO or CISO as a Service.

Cybersecurity gets a bad rap when many develop a blind and singular focus on cybersecurity as compliance with government regulations. Unfortunately, this has ingrained a “checklist” mentality that works against an organization’s security program’s primary objective: reducing risks.

As hundreds of thousands, maybe millions, of people work from home for the near- or long-term, ensuring that your employees take key cybersecurity protection measures is critical.

Gartner recently hosted a webinar on ransomware and the increasing threat to mid-sized organizations, as well as steps to take to improve vulnerability management and best practices for a ransomware response.

As organization reach critical mass with the adoption of cloud and containers, tools like cloud workload protection platforms and posture management approaching mainstream adoption.

What you and your employees can do to protect corporate data and personal privacy. Don’t give away vital information in your corporate posts that hackers can use.

Don’t Take Vendor and Customer Cybersecurity Risk for Granted. Their cybersecurity weakness is your data breach risk.

Cybercrime is more prevalent in 2020 than ever. Over four billion records were stolen in the first half of 2019, and, according to a Bromium study, over $1.5 trillion in illicit profits were acquired, laundered, spent, and invested by cybercriminals in 2018.

Six Steps to Start a Cybersecurity Program for Middle-Market. Did you know that 88% of cyber insurance claims are from companies under $2B in revenue?  

Big corporations attract the most press when they are hacked, but mid-sized organizations are increasingly becoming an attractive target for data breaches because of their size and potential for easier infiltration.

Roughly one million Americans travel every day for work. When you consider that a laptop is stolen every 53 seconds and 86 percent of organizations have had an employee’s laptop stolen, keeping the computer safe and secure when traveling is a significant issue.

Stories of cybersercurity failures can reveal your data breach risks. Lessons learned from data breaches at Sony, Panera, Under Armour, Target, and Marriott.

CyLumena created CyberLean for mid-sized enterprises to have the right level of data security protection and quantify the value of their cybersecurity.

California now has the most stringent data protection law in effect of any state. And, the California Consumer Privacy Act 2018 (CCPA) goes beyond the General Data Protection Regulation (GDPR) instituted by the European Commission in 2018.

California now has the most stringent data protection law in effect of any state. And, the California Consumer Privacy Act 2018 (CCPA) goes beyond the General Data Protection Regulation (GDPR) instituted by the European Commission in 2018.

The 2020 presidential election is raising the question of why voting for U.S. elections isn’t held online…yet. “I can shop online. Why can’t I vote online?” “Why isn’t there an app that allows me to vote in my local congressional elections or even vote for president?” Voters will express their frustration with the time it takes to take off work or leave their family to drive, wait in line, and use seemingly, antiquated machines to cast their votes.

Decisions should be articulated and anchored in business value terms like risk reduction or avoidance, productivity, cost, or other improvement indicators. Not in terms of emotional rhetoric of hyperbole intended to manipulate decisions or facilitate illicit responses. Four realizations to help ensure cybersecurity solutions are the best fit for your needs.

In 2020, one of the most prominent digital banking trends we’ll see involve tech giants that want to learn more about your financial and shopping habits by getting into your wallet…literally. Companies like Google, Apple, and a host of start-ups are launching basic digital banking services known as neo-banks.

“Smart,” Internet-connected devices are becoming ubiquitous. However, Internet of Things (IoT) risks are a major concern as cybersecurity for these devices hasn’t kept pace with their adoption.

In the last ten years, Internet use by seniors has increased by 92 percent. Today, 73 percent of seniors (who make up 14 percent of the US population) use the Internet.

Netflix launched a new documentary this summer. The Great Hack highlighted “the way data tracking, harvesting, and targeting take the strands of information we generate and ties them around us,” according to Wired magazine. It also highlighted the need for parents to focus on child identity theft protection.

According to Forbes, two-thirds of CEOs are taking the reins now that 59 percent of them control the cybersecurity budget. For them, having a cybersecurity checklist in place can help steer their decisions in the right direction.

Introducing the Newest Cyber Security Firm Headquartered in Pittsburgh, PAWe are pleased to introduce Pittsburgh’s newest cyber security…

Internet of Things (IoT) devices are exploding in popularity, but they present serious cyber security challenges for large enterprises…

6 Cybersecurity Trends You Need to Know. Cybersecurity “trend” information is everywhere. The value of staying on top of what’s trending…

Enterprise risks and regulations are increasing exponentially. According to several industry experts, an upsurge in enforcement and fines…

In January, a Frost & Sullivan study revealed that 60 percent of retailers had put their digital transformation programs on hold due to fear…