Cygilant Blog

Are These 3 Cybersecurity Risks Keeping You Up at Night?

Posted by Shawn O'Brien on Jul 25, 2016


Companies stand to lose a lot if they are hacked. They risk lawsuits, loss of brand equity, theft of intellectual property, and more. Among other dangers, there are three especially common cybersecurity threats that may bring this nightmare to life for any organization and can haunt those charged with protecting the company if they don't have the resources to do so. Those threats are ransomware, insiders, and vulnerability hacks—and here's what IT teams can take to defend against them.

What the Panama Papers Can Teach Us About Internal Threats

Posted by Kevin Landt on Apr 20, 2016


Editorial coverage based on the Panama Papers, a leaked cache of 11.5 million confidential documents from the law firm Mossack Fonseca, have captured attention around the globe in April 2016, and led to political protests and controversy. From these articles, there are three important lessons we can learn about cybersecurity. But first, a recap of the incident:

The Threat Landscape in 2016: 3 Reasons to Revise Your Cybersecurity Plan

Posted by Kevin Landt on Apr 4, 2016


The threat landscape is constantly becoming more sophisticated. That means any cybersecurity strategy not up to date with security tools and research will leave an organization open to attacks. According to a 2016 IBM report, only 17% of the participating organizations are fully “cybersecured”—which means 83% are inadequately defended.


To be prepared, companies need to implement cybersecurity strategies that address today's threats. The following three examples of emerging attacks show why all but the most well-guarded companies' current cybersecurity strategies need an update.

Warning Signs: How to Educate Your Employees About Common Online Scams

Posted by Kevin Landt on Feb 18, 2016


Many data breaches begin with an employee falling for a phishing attack, a deceptive email that tricks readers into clicking a link that leads to malware or some other security threat. A single mistake by an employee might ultimately lead to millions of personal records getting stolen as a result of a hack. Since the consequences are severe, companies need to educate their employees about common online scams and how to avoid them.

Fraud Tactics

Recognizing common phishing tactics will help employees identify warning signs when they check their email. Phishing attackers seek to provide readers with a false sense of security, luring them into giving up passwords, financial data, or other sensitive information. The fraudulent email often asks readers to provide personal information or “verify” such information.


The 3 Most Common Cybersecurity Mistakes Made by Employees

Posted by Security Steve on Feb 1, 2016


Employees are the lifeblood of an organization, and if they neglect good cybersecurity practices, the company's overall cyber defenses are weakened. Here are three common cybersecurity mistakes employees make—and the best ways to address them.

1. Falling for Phishing

Phishing may be a common scam, but employees are still falling for it. Between late 2013 and August 2015, the FBI found that more than 7,000 U.S. companies were victimized by business email scams—with total losses exceeding $740 million. A single well-written phishing email can confuse employees into clicking a fraudulent link that installs malware on company machines, or can trick accountants into wiring money into false banks accounts purportedly owned by company executives traveling overseas.

How to Prevent Internal Security Hacks With Simple Internal Cybersecurity Controls

Posted by Shawn O'Brien on Jan 29, 2016


Led by the Center for Internet Security (CIS), an international community of experts regularly publishes a list of recommended security controls (CIS Critical Security Controls) that outline specific actions organizations can take to improve their cyber defenses. Implementing the controls protects organizations from internal and external cyber threats.


According to a 2013 Clearswift survey, 58% of all security incidents can be attributed to insiders. Below is a look at how two of the controls guard effectively against the paradigmatic internal threat: the insider who has turned against his or her own organization.

Internal vs. External Security Threats: Why Internal Is Worse Than You Expected (and What You Can Do About It)

Posted by Vijay Basani on Sep 3, 2015

The drama of data security seems to feature outside threats as the most prominent. From Eastern European criminal gangs to nation-state actors to Anonymous, you’d think hackers were the number one cause of data loss. They’re not.

Better Policies Can Prevent Insider Breaches

Posted by Vijay Basani on Jun 4, 2014

In the wake of the Edward Snowden case, many companies began to take caution and re-evaluate what they wanted to share with employees. Privileged users who have access to valuable company data have always posed a threat to companies but in the wake of the Snowden case and the never ending threat of attacks this year has seen, companies are now beginning to recognize that insider threats can be even more damaging than an outside attack.

Managing Insider Threat Still a Priority in Information Security

Posted by Security Steve on Feb 3, 2014

With all the data breaches coming out via the media as of late (think Target and the latest breach involving an Ohio-based industrial products company), organizations are hunkering down and evaluating any possible holes in their data security programs. Obviously, as a company who is very concerned with data security, we celebrate this analysis at EIQ Networks. We even have a fleet of free tools that can assist companies in putting together the most robust, iron-clad security profile possible. From discovering both devices on your network to monitoring logs and credentials, you should definitely check out this toolbox of IT security gold.

Privileged Access DENIED

Posted by Vijay Basani on Aug 21, 2013

Another example of privileged access being abused recently made headlines – this time with the FBI’s National Crime Information Center (NCIC) database. According to the story, a New York Police Detective logged onto the NCIC database and looked up personal information on fellow colleagues that had nothing to do with his duties as a law enforcement officer.

Most Recent Posts

Subscribe to Email Updates