Information technology blog, cybersecurity blog

If you’re a supplier or manufacturer that relies on business with the Department of Defense (DoD) and the contracts they offer, you will need to ensure that your IT infrastructure can pass a third party certification for cybersecurity readiness over the coming months. This certification is referred to as CMMC or the Cybersecurity Maturity Model Certification. It is an initiative designed to help protect the data being shared within the Defense Industrial Base of the United States and the contract information necessary to produce the parts, systems, and components needed for our national defense.

Cybersecurity gets a lot of attention today. With remote work more prevalent than ever, there’s a renewed focus on securing our digital and virtual workspaces, data, and more from seemingly far-away threats like the cyber mafia. However, the physical access to your data center, data closet, or wherever you lock away the beating heart of your organization is just as important. But many businesses, especially those that have compliance requirements related to their physical security, are often not in line with best practices in their defenses.

Last fall, I had the amazing experience of being interviewed by Chion Wolf—a familiar voice and personality to anyone who listens to WNPR—for the Connecticut Voice Podcast. The podcast highlights LGBT individuals from different areas of expertise across Connecticut and I was honored to be included. Our conversation touched on everything from coming out to helicopters, to cybersecurity—including my favorite interview question I’ve ever been asked comparing working in IT to being a pilot. Pride Month seemed like a good time to share some highlights from this interview, so below are two moments that stood out to me as well as the full audio recording.

Cyberattacks are on the rise. It’s just a plain fact. Numerous studies, reports, and surveys have pointed to the findings that not only are cyberattacks on the rise but specifically ones designed around social engineering such as phishing attacks. Worse still – these attacks have seen an even bigger jump in frequency since remote work requirements have also increased. Cybercriminals see the amount of company devices outside the typical protections of their traditional offices being an opportunity to harvest data, lock up those devices, and make a quick buck (by the thousands). That’s why I wanted to talk to you about Umbrella (formally OpenDNS).

You might remember a time when some folks believed that having one thing alone meant that their business devices or networks were secure. “We have a firewall, we’re fine!” “All of our PCs have antivirus, so we’re good!” In modern times any single, standalone security product (antivirus, firewall, etc.) isn’t enough to protect your business, your users, and your data. However, these things do make for effective layers when securing your business with a defense in depth security strategy. Defense in depth is a security approach that we at Kelser subscribe to wholeheartedly for ourselves and our clients. A strategy that should be applied whether you’re protecting your office or your home environment when working remotely. In this article, we’ll walk through what defense in depth is, how it can protect your business, and the most essential layers that you should consider for any environment.

Video chat meetings are now part of daily operations for so many businesses. When the coronavirus quarantine period started, video conferencing was a bit of a fun novelty. Colleagues who had never tried Zoom were now using it multiple times a day. Sadly, it didn’t take hackers long to realize they could exploit the popularity of video chat platforms to commit cybercrimes. Zoom in particular has experienced so many security issues that many organizations, including school districts in NYC, have banned it. While there are certainly more secure platforms, I use Zoom every day. Since the COVID-19 pandemic began, Kelser has advised our clients on how to use Zoom and set it up for them. Recently, I was a guest on FOX 61 Morning News to discuss cybersecurity best practices for Zoom.

It seems like overnight most of us joined the remote workforce. Even for companies that already have the infrastructure in place to handle a situation like this, it has made for the ultimate stress test. For other businesses, it’s been a wake-up call as many now find themselves building the proverbial boat as they’re floating down the river. As we continue into the new temporary reality of long-term remote work and social distancing, I’ve been thinking a lot about the security considerations of working from home versus working in the office.

During tax season, personal information is being exchanged at a much higher rate than any other time of year. Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them. There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right. For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on FOX61 Morning news to offer tips to viewers to avoid tax season scams.