We don't want to be fear mongers, and everyone's risk is different; however, this does show that there needs to be some basic protection in place.  Don't leave your windows and doors wide open.

New York Times is reporting that a Russian crime ring has amassed a ton of logon credentials.  Are you as tired of these reports as we are?

Many of us think that this has no impact on us.  For the most part, that's mildly accurate - we all pay in some way for these types of breaches.  However, imagine being the owner of one of the web sites (that are currently still vulnerable) and not having done your due diligence to secure private customer data.

If a company is found negligent in its handling of private information, you can count on major fines and penalties.  For example, would losing your ability to accept Visa or Mastercard impact your business?  Contact us today - we can help solidify your cybersecurity program, thus reducing your liability in the event of a data breach.

If you haven't heard about the Target cyber security breach lately, we'd like to welcome you back from your long vacation.  What we at Steady State Security have been debating for a couple of months now is, how did this occur?

We're finally seeing legitimate sources give us insight into how this was done:  The heating guys!?  As surprising as some may find this, not having a strict access control policy can leave networks open when dealing with third party access.

It should be eye opening to see an IT system loaded with all of the latest bells and whistles be easily infiltrated by apparently lax account standards.  It is being reported that Target gave an HVAC contractor remote access at some point last year and these credentials were ultimately stolen and used as the first phase of the attack.

Having a remote access policy that addresses contractor access is something to be taken very seriously.  Furthermore, proper segmentation techniques need to be in place to ensure access to critical systems is blocked.  Although current PCI requirements don't mandate segmentation - our bet is it's coming.  Your company doesn't want to be the next headline (at least not for this) - contact us today to get a free initial consultation.

According to a recent CNN report, 2 million password were stolen from Facebook, Gmail, and Twitter.  You can reduce the damage caused by a breach of this nature by developing a password policy that meets your business needs.  You may also want to look into limiting time on social networking sites to just lunch hours.  There are many options; however, the best option is the one that keeps your network policies in line with your corporate culture (to a degree).  We can help you tailor, and also sell your solutions to your staff.  We are just an email away!

Tougher cyber security regulation is coming, it's really just a matter of time.  Of course, this Act has to get through Congress (good luck on that one); however, what it does show is a growing trend toward tougher standards.  None of this is difficult when you have an experienced company partnering with you - that's what we are here for! 

Highlighting the importance of not only cyber security, but also the response to incidents, this article focuses on one of the larges cyber breaches of the year.  How you respond to the public when hit with a major security breach can have lasting effects on your business.  Are you prepared to deal with such an event?

LivingSocial executives discuss the lasting damage effects of a recent cyber security incident.  A well thought out cyber security program can help alleviate losses due to an incident.  Is your business ready to react to a cyber security incident?  How vulnerable are your systems to attack?  We can help you answer both of these questions.  Contact us today for a brief initial consultation.

Some fairly eye opening hacks were discovered in this year's DEF CON in Vegas.  The hacking humans section is a must read.   

The Kremlin is going back in time to discover one of the best ways to ensure your data will not be leaked:  Type writers. 

Of course, this is the extreme; however, as you will find out in one of Steady State Security's consulting visits, there can be some validity to pulling the most important data your company owns off line.

How do you respond to cyber security incidents?  This article is discussing the trend of utilizing small organizations as a pivot point into larger corporations.  The overall goal of your cyber security plan should be to limit your footprint to the smallest point possible. 

This article also highlights the growing need for a proper incident response plan.  As more legislation begins to come forward, it is our prediction that companies are going to be held more liable when events are swept under the rug.

Nice article highlighting the need to be flexible and ever-evolving in the new IT landscape. 

Interesting article from Harvard Business Review regarding cyber security concerns in the private sector.  Steady State Security has a long history in the government sector, and these findings are nothing new; however, it sheds light into how the commercial IT world should be well aware of these threats.