Cybersecurity — one word that can inspire many different tactical approaches depending on its definition. If you feel overwhelmed by the idea of defining cybersecurity and developing a plan for its inclusion within your environment, then you’re not alone. Many organizations have started down the path of addressing exposure points, defining red and blue teams,…

I recently spent time speaking with IT leaders at CDW’s Protect SummIT in Philadelphia and heard a common theme: Organizations across the U.S. are incredibly concerned about the threat posed by social engineering attacks. All too often, leaders I speak with tell me that their organizations had recently fallen victim to phishing attacks that requested…

What’s the current state of multifactor authentication in your organization? If you’re like many of my customers, you might think that MFA is old hat — a problem solved years ago that now just requires a little routine maintenance. If that sounds familiar, it’s probably time for you to re-evaluate the role that MFA plays…

Earlier this year, the CFO of a company I work with opened an urgent email from his boss, the CEO, who we’ll call Sally. The CEO was out on the golf course and forwarded a vendor inquiry to the CFO, who we’ll call Harry. In the message, the vendor asked Sally when it would receive…

As the technical lead for the incident response (IR) team at CDW, I see quite a few attacks that occur against organizations, with the most prevalent including phishing (most often leading to credential theft), advanced malware and ransomware. Ransomware is typically the most destructive for organizations that have not prepared or planned for this type…

Healthcare data is an especially attractive target for cybercriminals. Information that can be readily changed, such as a credit card number, is not as valuable as data such as Social Security numbers, birthdates, current and past addresses or next of kin, which are often found in medical records. Because this data is permanent, it can…