In the fall of 2017, the State of Connecticut announced a cybersecurity action plan. In order to learn more about this--and the state of cybersecurity in Connecticut in general--we reached out to Arthur House, Chief Cybersecurity Risk Officer for the State of Connecticut. He was gracious enough to fill us in on a wide variety of topics from how Connecticut’s towns and cities are battling hackers, to why countries like Ukraine are looking to CT for guidance on cybersecurity.

It seems like you can’t open a web browser, scroll through your LinkedIn timeline, or turn on the TV today without hearing about the latest data breach or threat to your cybersecurity. With high-profile breaches like Equifax and global ransomware outbreaks like Bad Rabbit, we’re in a very different world than just a few years ago. Perhaps you find that cyber threats and cybersecurity in general is annoying, overwhelming, or even frustrating but it’s imperative that cybersecurity protection become part of your business strategy. It doesn’t have to be as complicated or costly as you might think.

Given the current cyber threat landscape, we think it’s a good time to talk about what to actually do about cybersecurity. After all, though you likely hear about a new data breach or critical vulnerability every other week, awareness without action isn’t much use! Before we dive in, however, let’s talk about some thought patterns we often see that prevent companies from taking effective action on cybersecurity.

Last week the third major ransomware outbreak in 2017 was spreading through Eastern Europe and even starting to creep further across the globe. So far striking Russia and Ukraine the most, Bad Rabbit has disrupted industries ranging from media outlets to banks. Some reports even have the attack showing up right here in the U.S. Similar to the Petya/NotPetya ransomware outbreak earlier this year (so similar in fact that Bad Rabbit reportedly shares 2/3 of its code with variants of Petya), this ransomware encrypts a system, requests a ransom (the current rate is about $285 in bitcoin) to decrypt the victim’s files, and then attempts to spread itself across the network. With ransomware and cyberattacks commonplace in today’s world, what takeaways can come out of the Bad Rabbit outbreak to help prevent these types of attacks from derailing your organization?

IndustryWeek, one of the largest trade publications in the country serving the manufacturing sector, published a detailed article about the new NIST 800-171 cybersecurity guidelines, the bulk of which is an extensive Q&A with Kelser VP of Professional Services Matt Kozloski.

Equifax made some serious mishaps lately, both technically and incident response. What’s really disturbing: while this is the largest, this is not an isolated incident. We won’t cover the details here, since there are plenty of sources where you can find information about the breach, its consequences, and what has happened after that. What we will cover is some thoughts around what we can all learn from the events leading up to, during, and after the breach. At Kelser, we don’t want any company to fall victim to the same incident and aftermath that Equifax did. We match our recommendations to our clients’ business objectives, establishing a comprehensive and multi-layered strategy to manage risk before, during and after a cybersecurity incident.

Following the massive Equifax data breach, Kelser VP of Professional Services Matt Kozloski returned to WNPR's Where We Live to discuss the hack alongside Commissioner of the Connecticut Department of Consumer Protection Michelle H. Seagull.

Welcome to the present, a time in which no industry is uninfluenced by technological advancement. The healthcare sector has moved forward with million dollar investments that revolutionized the way we treat patients. But it’s also been transformed by technology that’s changed how providers and facilities create and manage electronic health records. Technological advancements also bring new risks. Take the adoption of IoT-enabled medical equipment, for example. While these devices offer valuable functionality, they introduce new cybersecurity challenges. With these factors and the scores of personal information they handle, hospitals and healthcare practices bear greater risks of cybersecurity breaches.