<img src="https://secure.leadforensics.com/71120.png" style="display:none;">

Kalki Blog


CyberSecurity in the Middle Market

Posted by Vikas Bhatia on Oct 17, 2016 8:35:00 AM

This week marks Week 3 in the National Cyber Security Awareness Month (NCSAM).  With the focus on Recognizing and Combating Cybercrime we have decided to focus on the underserved population, the Midmarket.

The US Middle Market, a.k.a. midmarket, in the US accounts for 1/3 of all jobs and 1/3 of private sector GDP and according to the National Center for the Middle Market, "If the U.S. middle market were a country, its GDP would rank it as the third-largest economy in the world". 

Read More

Topics: Risk Management, Cyber security, midmarket

Scottrade Announces Massive Data Security Breach

Posted by Kyle Balicki on Oct 12, 2015 11:43:43 AM

Scottrade, a well known investment company has recently announced a massive data security breach which could possibly affect about 4.6 million customers of the company. Unfortunately, the announcement came years after the actual breach, with Scottrade only learning about the problem after federal law enforcement officials alerted the company to the incident. As recent data breaches have shown us, this is not uncommon: average time to detect incidents is as much as 188 days!

Read More

Topics: Breach, Cyber security

Who's responsible for a data security breach?

Posted by Stacy Willis on Sep 1, 2015 1:04:06 PM

As humans, we always need someone to blame. As businesses, someone needs to be held responsible when a data breach happens, but the question is who? Obviously we can point a finger at the "bad guy" who stole data, but that is never enough. The public demands answers about why the company was vulnerable to a breach in the first place and who within the company "screwed up" to let it happen.

Read More

Topics: Cyber security

Understanding Your Enemies: 2015 Trustwave Global Security Report Released

Posted by Kyle.Balicki on Aug 18, 2015 10:05:57 AM

You’ve heard the news and read the headlines, cyber-attacks are occurring more frequently as technology and people continue to advance. But do you really understand your enemies and the moves that they make? The 2015 Trustwave security report is here to provide you with that level of understanding. The report is based on hundreds of real-life data breach investigations from around the world and provides you with insight on the most commonly found vulnerabilities and exploits used in attacks, as well as where you should invest to better ensure that your information is safeguarded.

Read More

Topics: Cyber security

“CEO Fraud” on the Rise

Posted by StacyNease4Fbhds on Aug 10, 2015 11:14:24 AM

An attack known as CEO Fraud is seeing an uptick as a new favorite for attackers. These attacks are a very specific type of phishing attack where the email is very well crafted to look like it is coming from the CEO (or another high-level executive) from within your own company. The gist of these emails is typically along the lines of “I need to move some money around, can you provide me with the account numbers for X, Y, Z?” These attacks are often very well crafted and may even be well-planned enough to use language that is typical of your CEO in email communications, and they may be very difficult to distinguish from a real email from the CEO.

How prevalent is it?

The IC3 reports that in 2014 business email compromises accounted for more than $214 million in losses for victims. Just this week, Ubiquity Networks reported a loss of over $46 million from an attack of this type. And that’s just the tip of the iceberg. There are endless stories of scams like these wreaking havoc on businesses. The moral of the story: no matter how big or small, start preparing your business now.

How can you protect your business?

Get ahead of it! Send a company-wide communication to your team warning them of what to look out for. If people are prepared, it is much easier for them to recognize an attack (and not fall victim to it).

Educate your people. I know we sound like broken records over here, but education is key to protecting your people and your company. Invest in an education and awareness program sooner rather than later. Find out why we want you to create an education and awareness program rather than a training and awareness program.

Lay down policies and create methods for reporting possible attacks. Lay down what is and isn’t acceptable at your company (i.e. financial account numbers should not be shared via email) and communicate those to your employees. Now give your people clear procedures for reporting those fishy emails so your company can stay on top of what’s happening.

Read More

Topics: Education & Awareness, Phishing, Cyber security

United Airlines potentially targeted by Anthem and OPM hackers

Posted by StacyNease4Fbhds on Aug 6, 2015 12:55:27 PM

United Airlines recently announced they suffered a breach mid last year, potentially targeted by the same Chinese hackers who reportedly hit the Office of Personnel Management and the insurance company Anthem. They are allegedly aiming toward gathering data on millions of American government officials and private citizens.

Read More

Topics: Cyber security

Threat Detection: The Basics

Posted by Kyle.Balicki on Jul 22, 2015 9:29:52 AM

With technology advancing every day, cyber-attacks are becoming more and more advanced. It is important to locate where risks are in your business, and expose them before they expose you. One way to limit risk is to invest in threat detection software. Threat detection is software that protects your personal information by scanning your system and locating risks such as viruses.

Read More

Topics: Security technology, Cyber security

Cyber Security: Size Doesn't Matter

Posted by Kyle.Balicki on May 21, 2015 8:57:24 AM

Cyber security affects both large and small businesses alike. According to the 2015 Small Business & Cyber Security survey, 31% of small businesses in the United States have experienced a cyber-attack or attempted cyber-attack.

Read More

Topics: Breach, Cyber security

In the News: Latest Phishing Attack One of Many in Healthcare Industry

Posted by Kyle.Balicki on May 5, 2015 7:50:38 PM

Partners Healthcare System, a Boston-based integrated health delivery network which operates several hospitals, is the one of latest of many healthcare organizations hit by a data breach attributed to a phishing attack (What’s phishing? Check out our blog post to learn about it!). The organization now has to notify 3,300 individuals that their protected health information may have been compromised by a phishing attack late in 2014.

Read More

Topics: Phishing, Cyber security

In the News: IT Manager commits cyber attack against former Employer

Posted by StacyNease4Fbhds on May 4, 2015 9:28:33 AM

Insider attacks are among the most common type of attack that businesses face, but they certainly are the most costly. Malicious insider attacks cost an average of $182,025 in 2014, according to Ponemon institute.

Read More

Topics: Human Resources, Cyber security