What’s with Operational Technology?

Posted by Dan Sanderson on Oct 19, 2021 9:06:10 AM

Operational Technology (OT) has become a very common talking point around the Cyber Advisors office. For starters, let’s define OT.

OT is industrial level control systems that are typically outside of the IT realm. Some examples of OT are Energy Grids, video recording systems, security badges/fobs, elevators, fire sprinkler systems, and gas pipelines. Many of these systems are IoT based. Some are much more industrial based such as PLC controls for turning a switch on and off.

Read More

Topics: security, Fortinet, cybersecurity, Operational Technology, OT

Automated Protection for Vulnerable Exchange Servers

Posted by Kate Drankoff on Sep 29, 2021 12:06:42 PM

The new Exchange Server component, aptly named Microsoft Exchange Emergency Mitigation (EM) service, builds on Microsoft's Exchange On-premises Mitigation Tool (EOMT) released in March to help customers minimize the attack surface exposed by the ProxyLogon bugs.

Read More

Topics: security

vCenter Server File Upload Vulnerability

Posted by Kate Drankoff on Sep 29, 2021 9:00:28 AM

A vulnerability has been identified in the VMware vCenter Server product that could allow a threat actor to execute malicious code. The vulnerability exists in the Analytics service and can be attacked by an unauthenticated user via port 443. There are both patches and temporary workarounds available by VMware. This vulnerability can be exploited regardless of current configuration settings.

This vulnerability exists in:

  • VMware vCenter 6.7x/7.0x
  • VMware Cloud Foundation 3.x/4.x, which bundles vCenter
Read More

Topics: security

Service Desk Spotlight: Mike Schmidt

Posted by Kate Drankoff on Sep 28, 2021 9:09:27 AM

There is an incredible crew on the Cyber Advisors Service Desk and we are excited for you to get to know them more. Several times a month there will be individual Service Desk spotlights to highlight the people behind the computer.

This week we're featuring Mike Schmidt! Mike joined the Cyber Advisors team in March, 2020 just weeks before the pandemic began. Mike's passion for technology took off when he built his first computer at 12 years old. Known in his family for being the "family tech guy," Mike turned his passion into a career and has stood out for his dedication to clients.

Read More

Topics: Managed Services, Managed IT, MSP

Why Do We Need to Do So Many Chrome Updates!?!

Posted by Kate Drankoff on Sep 16, 2021 10:38:00 AM

On Monday, September 13th Google released security updates for the Chrome web browser to address a total of 11 security issues, two of which are zero-days actively being exploited in the wild. Chrome users are advised to update to the latest version (93.0.4577.82 or later) for Windows, Mac, and Linux by heading to Settings > Help > 'About Google Chrome' to mitigate the risk associated with the flaws. 

Read More

Topics: security, cybersecurity, Google Chrome

CMMC Frequently Asked Questions

Posted by Kate Drankoff on Aug 23, 2021 2:56:34 PM

The Department of Defense recently implemented the Cybersecurity Maturity Model Certification (CMMC) to regulate cybersecurity preparedness across the federal government’s defense industrial base (DIB). Cyber Advisors is an approved Registered Provider Organization (RPO) in the CMMC ecosystem and provides advice, consulting, and recommendations to clients to help you navigate the CMMC. Cyber Advisors helps prepare our customers for CMMC readiness but does not conduct Certified CMMC assessments ourselves. 

Read More

Topics: cybersecurity, Department of Defense, Cybersecurity Maturity Model Certification, CMMC, RPO

Preparing for a CMMC Assessment

Posted by Kate Drankoff on Aug 23, 2021 2:17:15 PM

It's hard to believe that it has been almost one year since the Department of Defense implemented the Cybersecurity Maturity Model Certification (CMMC) to regulate cybersecurity preparedness across the federal government’s defense industrial base (DIB) and implemented it's interim rule to NIST SP 800-171. This is intended as a bridge to get federal contractors out of the inefficiencies of the past and into the new maturity model. The window of time to full compliance is closing fast - If your organization does DoD work for a government contractor, Cyber Advisors is here to help. 

Cyber Advisors is an approved Registered Provider Organization (RPO). The RPOs and RPs in the CMMC ecosystem provide advice, consulting, and recommendations to clients to help you navigate the CMMC. Cyber Advisors helps prepare our customers for CMMC readiness but does not conduct Certified CMMC assessments ourselves. 

Read More

Topics: cybersecurity, Department of Defense, Cybersecurity Maturity Model Certification, CMMC, RPO

Service Desk Spotlight: Jeff Virkus

Posted by Kate Drankoff on Aug 10, 2021 9:04:32 AM

There is an incredible crew on the Cyber Advisors Service Desk and we are excited for you to get to know them more. Several times a month there will be individual Service Desk spotlights to highlight the people behind the computer.

 

This week we're featuring Jeff Virkus! Jeff has been on the Cyber Advisors team for almost 5 years and takes pride in not only helping clients, but also serving as a training veteran on the team.

Read More

Topics: Managed Services, Managed IT, MSP

Your CMMC Advisors

Posted by Kate Drankoff on Aug 4, 2021 1:54:47 PM

The Department of Defense recently implemented the Cybersecurity Maturity Model Certification (CMMC) to regulate cybersecurity preparedness across the federal government’s defense industrial base (DIB). If your organization does DoD work for a government contractor and didn't know the rules changed in 2020, it is time to get to work.

Although the timeline for CMMC certification will depend on the size of your organization and the requirements listed in the contract with your DoD contractor, if you are dealing with a Prime contractor you may have to achieve CMMC level 3 or higher more quickly than you'd like.

Read More

Topics: cybersecurity, Department of Defense, Cybersecurity Maturity Model Certification, CMMC, RPO

Getting Started on the Road to Security

Posted by Kate Drankoff on Jul 27, 2021 8:49:58 AM

Security threats are constant and it's hard to know where to start when it comes to protecting your organization. Taking the first step in the journey of security can be very overwhelming, but our team of security experts are here to help. No matter the size of the organization, we recommend starting with a Threat Assessment followed by a Business Impact Analysis.

Threat Assessment: The first step is engaging our team of security experts to perform a self-assessment survey to understand where your organization currently stands. Our team works with you to conduct a solid inventory of your business and understand key assets to operations. This process evaluates and verifies perceived threats and assesses their likelihood. After the initial assessment, our team reviews the severity of the threats and creates a plan to address the underlying vulnerabilities. Our team works with your organization to prioritize based on impact, cost and likelihood.

Business Impact Analysis: If you had all the money in the world, you could have a lot of security tools in your pocket and the resources to manage them - Unfortunately, in the real world, you have a limited budget and need to prioritize. This is where having a solid Business Impact Analysis (BIA) comes into play.

Read More

Topics: security, Threat Assessment, Business Impact Analysis

About this blog

Welcome to the Cyber Advisors Blog.  Please take a moment to read through our content.  If you would like more information on any of these topics, simply reach out to us via contact information below.  If you find our content valuable, please subscribe.  

 

 
 
Would you like to hear from us? Click Below!
Learn More

Subscribe Here!

Recent Posts

Posts by Tag

See all