RR Donnelly

https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/
Exploit: Ransomware

RR Donnelly: Marketing & Communications Firm
Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Business: A recent rash of ransomware attacks against media and communications organizations should have everyone in that sector on notice.

 

---

 

Strategic Benefits Advisors, Inc

https://www.jdsupra.com/legalnews/data-breach-alert-strategic-benefits-8267696/

Exploit: Hacking

Strategic Benefits Advisors: Human Resources Consulting Firm
Customers Impacted: Unknown

How It Could Affect Your Business: Hackers have been especially interested in breaching companies that maintain large stores of data for other companies lately.

 

---

 

City of Tenino, Washington

https://www.govtech.com/security/washington-city-loses-280-309-to-successful-phishing-scam
Exploit: Phishing/BEC

City of Tenino, Washington: Municipality
Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Business: BEC is the most expensive cybercrime according to the FBI, 64X more expensive than ransomware – and it usually starts with phishing.

 

---

 

Switzerland – The International Red Cross

https://www.npr.org/2022/01/20/1074405423/red-cross-cyberattack
Exploit: Third Party/Supply Chain

The International Red Cross: Humanitarian Aid Organization
Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.

 

---

 

Italy – Montcler

https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/
Exploit: Ransomware

Montcler: Luxury Fashion & Outerwear
Individual Impact: No information about exposed customer personal or financial data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: retailers have been steadily climbing the cybercriminal’s target hit list, especially luxury brands and specialty retailers.

 

---

 

New Zealand- Kings Plant Barn

https://www.nzherald.co.nz/business/kings-plant-barn-the-latest-retailer-hit-by-click-and-collect-data-breach/HJ45OFWAJ7NGGICU4THWBEZYOI/
Exploit: Third Party/Supply Chain

Kings Plant Barn: Garden Retailer
Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: In an increasingly interconnected world, SMBs need to be prepared for the security risks that they may face from a service provider’s security incident.

 

---

 

Singapore – Crypto.com

https://www.vice.com/en/article/epxb8m/crypto-protocol-publicly-announces-flaw-users-relentlessly-owned-by-hackers
Exploit: Hacking

Crypto.com: Cryptocurrency Trading Platform
Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: 483

How it Could Affect Your Business: The financial industry has been besieged by cybercriminals and nothing si taking more of a beating than cryptocurrency and DeFi.

 
 

---

 
 

Indonesia – Bank Indonesia

https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/
Exploit: Ransomware

Bank Indonesia: Financial Institution
Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.

 

---

How to Prioritize Your Technology Gaps

 
Today's technology-based businesses must deal with multiple issues, including cyberthreats, head-to-head competition and regulatory compliance. Hence, keeping your technology infrastructure up to date is critical, and a technology audit is the best place to start.

 
A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup. A thorough technology audit can assist you in answering the following key questions:

 

• Is your current IT infrastructure vulnerable or lacking in any areas?
• Are there any unnecessary tools or processes that do not align with your goals and vision?
• Are you in compliance with applicable regulations, prepared to defend against security threats and capable of restoring business capabilities in the event of a system outage or data breach?
• What steps can you take to address the discovered vulnerabilities?

 
If you don't have an IT background, the results of a technology audit can be perplexing. You might be overwhelmed by the number of items that need to be refreshed or replaced, and you might be unsure where to begin. Prioritization and the stoplight approach are particularly useful in this situation. Having a managed service provider (MSP) on your side will allow you to seamlessly audit and remediate IT issues.

 

The stoplight approach

 
The stoplight method is a simple way of categorizing gaps or vulnerabilities into red, yellow and green groupings based on their severity.

 

RED: Address the highest risks and vulnerabilities first

 
Always have a clear idea of what to prioritize in order to prevent and deal with mishaps. Since most organizations cannot address all problems at once, it is critical to focus the most attention and resources on the most pressing issues first.

 
Any technological refresh should prioritize addressing the most severe infrastructure vulnerabilities. For example, if your company is dealing with a ransomware attack, updating or upgrading Microsoft 365 is a lower priority.

 
High-priority vulnerabilities that must be classified as RED include:

• Backups that do not work
• Unauthorized network users, including ex-employees and third parties
• Login attempts and successful logins by users identified as former employees or third parties
• Unsecured remote connectivity
• A lack of documented operating procedures

 

Yellow: Then focus on gaps that are not urgent

 
There will be gaps that must be kept under watch but can wait until the most crucial issues get resolved. Although these medium-priority gaps may be acceptable in the short term, consider them when planning and budgeting for future technology updates.

 
The following vulnerabilities fall into the YELLOW category and are of medium severity:

• Insufficient multifactor authentication
• Automated patching system failure
• Outdated antivirus software
• Failure to enable account lockout for some computers

Green: If your budget allows, address these non-critical suggestions

 
These are the lowest-priority vulnerabilities. Implement measures to close them gradually after fixing the high- and medium-priority issues first.

 
The following are some of the gaps that fall into the GREEN category:

• Accounts with passwords set to "never expire"
• Computers with operating systems that are nearing the end of their extended support period
• Persistent issues with on-premises syncing
• More administrative access than is required to perform essential duties

 

Importance of prioritizing gaps

 
You won't have to deal with a situation where money is spent unnecessarily on a less critical issue if you prioritize gaps and close them systematically based on severity. Simply put, prioritization is advantageous for budgets.

 
Furthermore, you can maintain uptime by prioritizing gaps before refreshing your IT infrastructure because not all components will be down at the same time. This also prevents productivity and customer service from being jeopardized.

 
Not sure where to begin? A managed service provider (MSP) like us can help you prioritize technology gaps so you can get the most out of your technology investment while also ensuring uptime and productivity. Contact us for a free consultation.

How to Prioritize Your Technology Gaps

  Today's technology-based businesses must deal with multiple issues, including cyberthreats, head-to-head competition and regulatory compliance. Hence, keeping your technology infrastructure up to date is critical, and a technology audit is the best place to start.

  A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup. A thorough technology audit can assist you in answering the following key questions:

 

• Is your current IT infrastructure vulnerable or lacking in any areas?
• Are there any unnecessary tools or processes that do not align with your goals and vision?
• Are you in compliance with applicable regulations, prepared to defend against security threats and capable of restoring business capabilities in the event of a system outage or data breach?
• What steps can you take to address the discovered vulnerabilities?

  If you don't have an IT background, the results of a technology audit can be perplexing. You might be overwhelmed by the number of items that need to be refreshed or replaced, and you might be unsure where to begin. Prioritization and the stoplight approach are particularly useful in this situation. Having a managed service provider (MSP) on your side will allow you to seamlessly audit and remediate IT issues.

 

The stoplight approach

  The stoplight method is a simple way of categorizing gaps or vulnerabilities into red, yellow and green groupings based on their severity.

 

RED: Address the highest risks and vulnerabilities first

  Always have a clear idea of what to prioritize in order to prevent and deal with mishaps. Since most organizations cannot address all problems at once, it is critical to focus the most attention and resources on the most pressing issues first.

  Any technological refresh should prioritize addressing the most severe infrastructure vulnerabilities. For example, if your company is dealing with a ransomware attack, updating or upgrading Microsoft 365 is a lower priority.

  High-priority vulnerabilities that must be classified as RED include:

• Backups that do not work
• Unauthorized network users, including ex-employees and third parties
• Login attempts and successful logins by users identified as former employees or third parties
• Unsecured remote connectivity
• A lack of documented operating procedures

 

Yellow: Then focus on gaps that are not urgent

  There will be gaps that must be kept under watch but can wait until the most crucial issues get resolved. Although these medium-priority gaps may be acceptable in the short term, consider them when planning and budgeting for future technology updates.

  The following vulnerabilities fall into the YELLOW category and are of medium severity:

• Insufficient multifactor authentication
• Automated patching system failure
• Outdated antivirus software
• Failure to enable account lockout for some computers

Green: If your budget allows, address these non-critical suggestions

  These are the lowest-priority vulnerabilities. Implement measures to close them gradually after fixing the high- and medium-priority issues first.

  The following are some of the gaps that fall into the GREEN category:

• Accounts with passwords set to "never expire"
• Computers with operating systems that are nearing the end of their extended support period
• Persistent issues with on-premises syncing
• More administrative access than is required to perform essential duties

 

Importance of prioritizing gaps

  You won't have to deal with a situation where money is spent unnecessarily on a less critical issue if you prioritize gaps and close them systematically based on severity. Simply put, prioritization is advantageous for budgets.

  Furthermore, you can maintain uptime by prioritizing gaps before refreshing your IT infrastructure because not all components will be down at the same time. This also prevents productivity and customer service from being jeopardized.

  Not sure where to begin? A managed service provider (MSP) like us can help you prioritize technology gaps so you can get the most out of your technology investment while also ensuring uptime and productivity. Contact us for a free consultation.

Top 4 Tech Trend Predictions for 2022

 
Over the last few decades, technology has been a driving force in business transformation and doesn't show any signs of slowing down. The fact that direct digital transformation investments are projected to total $7 trillion between 2020 and 2023 demonstrates this.¹ If you want your firm to succeed, you must have the appropriate technologies to help you keep up with the changing business world.

 
In the present scenario, your technology must enable you to overcome three recent pandemic-induced issues:

 

• Supply chain disruptions

In 2021, supply chain interruptions cost businesses throughout the world an average of $184 million.²
 

• The great resignation

In September 2021, 4.4 million people resigned from their jobs in the United States alone, setting a new record.³
 

• A rise in ransomware attacks

Ransomware affected 68.5% of businesses in 2021.⁴
 
Businesses must keep up with the demands of the evolving technology landscape if they wish to achieve their goals and remain competitive despite the changes brought about by the pandemic.

 
Track the latest technological trends to know if you are moving in the right direction. Having a managed service provider (MSP) on your side allows your business to stay up to date without you having to do much heavy lifting.

 

Top 4 tech trend predictions for 2022⁵

 

1. Third-party risks will increase

In 2022, third parties will be involved in 60% of security incidents. This means that firms that fail to invest in the risk management trifecta of people, processes and technology may face cyberattacks.

 
Proactive businesses will include risk assessment, supply chain mapping, real-time risk intelligence and business continuity management in their IT stack (rather than a single application like Excel).

 
 

2. One-third of companies will fail at implementing “work from anywhere”

To successfully and securely empower remote workers, organizations need to deliver:

• A precisely designed digital workplace that allows for seamless working from anywhere
• A leadership team capable of leading a virtual team
• An organization with high levels of digital literacy across all departments
• A thorough mastery of work-from-anywhere concepts

 
However, a third of the companies still lag in these areas.

 

3. Cloud-native takes center stage in enterprise cloud

Cloud customers will change their business strategy to be completely cloud-native rather than using the cloud for only a portion of their portfolio.

 
Also, cloud-native adoption is predicted to reach 50% of enterprise organizations by 2022, spanning all major technology domains such as big data, artificial intelligence and the Internet of Things.

 

4. Tech execs leap from digital to human-centered technology transformations

In 2022, technology executives will concentrate on fixing long-term problems. The best will embrace a customer-centric approach to technology, allowing their organization to quickly reconfigure business structures and capabilities to meet future customer and employee needs with adaptability, innovation and resilience.

 

Collaborate for success

 
If you want to get your technology infrastructure ready for a successful year, you'll need the help of a dependable managed service provider (MSP).

 
Feel free to send us an email or give us a call to set up a free consultation. Our expertise and skillsets may be precisely what your company needs to help remote workers thrive.

 


 
 
 
 
Sources:

1. Statista (worldwide-digital-transformation-market-size)
2. Statista (cost-supply-chain-disruption-country)
3. Job Openings and Labor Turnover Survey, 2021
4. Statista (businesses-ransomware-attack-rate)
5. Predictions 2022, Forrester

 
 

Top 4 Tech Trend Predictions for 2022

  Over the last few decades, technology has been a driving force in business transformation and doesn't show any signs of slowing down. The fact that direct digital transformation investments are projected to total $7 trillion between 2020 and 2023 demonstrates this.¹ If you want your firm to succeed, you must have the appropriate technologies to help you keep up with the changing business world.

  In the present scenario, your technology must enable you to overcome three recent pandemic-induced issues:

 

• Supply chain disruptions

In 2021, supply chain interruptions cost businesses throughout the world an average of $184 million.²  

• The great resignation

In September 2021, 4.4 million people resigned from their jobs in the United States alone, setting a new record.³  

• A rise in ransomware attacks

Ransomware affected 68.5% of businesses in 2021.⁴   Businesses must keep up with the demands of the evolving technology landscape if they wish to achieve their goals and remain competitive despite the changes brought about by the pandemic.

  Track the latest technological trends to know if you are moving in the right direction. Having a managed service provider (MSP) on your side allows your business to stay up to date without you having to do much heavy lifting.

 

Top 4 tech trend predictions for 2022⁵

 

1. Third-party risks will increase

In 2022, third parties will be involved in 60% of security incidents. This means that firms that fail to invest in the risk management trifecta of people, processes and technology may face cyberattacks.

  Proactive businesses will include risk assessment, supply chain mapping, real-time risk intelligence and business continuity management in their IT stack (rather than a single application like Excel).

   

2. One-third of companies will fail at implementing “work from anywhere”

To successfully and securely empower remote workers, organizations need to deliver:

• A precisely designed digital workplace that allows for seamless working from anywhere
• A leadership team capable of leading a virtual team
• An organization with high levels of digital literacy across all departments
• A thorough mastery of work-from-anywhere concepts

  However, a third of the companies still lag in these areas.

 

3. Cloud-native takes center stage in enterprise cloud

Cloud customers will change their business strategy to be completely cloud-native rather than using the cloud for only a portion of their portfolio.

  Also, cloud-native adoption is predicted to reach 50% of enterprise organizations by 2022, spanning all major technology domains such as big data, artificial intelligence and the Internet of Things.

 

4. Tech execs leap from digital to human-centered technology transformations

In 2022, technology executives will concentrate on fixing long-term problems. The best will embrace a customer-centric approach to technology, allowing their organization to quickly reconfigure business structures and capabilities to meet future customer and employee needs with adaptability, innovation and resilience.

 

Collaborate for success

  If you want to get your technology infrastructure ready for a successful year, you'll need the help of a dependable managed service provider (MSP).

  Feel free to send us an email or give us a call to set up a free consultation. Our expertise and skillsets may be precisely what your company needs to help remote workers thrive.

 

---

        Sources:

1. Statista (worldwide-digital-transformation-market-size)
2. Statista (cost-supply-chain-disruption-country)
3. Job Openings and Labor Turnover Survey, 2021
4. Statista (businesses-ransomware-attack-rate)
5. Predictions 2022, Forrester