Welcome to Cyber Security Awareness Month

Date October 1, 2019
Article Authors

October is Cyber Security Awareness Month, in accordance with the 16th consecutive year of the Department of Homeland Security’s (DHS) annual campaign. The goal of the initiative is to raise awareness about the importance of cyber security.

Did You Know? (From the 2019 Verizon Data Breach Investigations Report)

  • C-level executives are 12 times more likely to be targeted by social engineering campaigns.
  • Ransomware attacks are still going strong and remain a valid threat to all industries.
  • Mobile users are more susceptible to phishing attacks, likely due to their user interfaces, among other factors.
  • In 2019, 43% of cyber breaches involved small businesses.

Action Item Reminders:

  • Implement cyber security awareness training and associated programs to measure effectiveness.
  • Implement network vulnerability scans to identify security holes that a hacker could potentially exploit.
  • Back up your data and verify the completeness and accuracy of individual backups.
  • Implement vendor-supplied updates on both your hardware and software on a timely basis.

As always, HBK Risk Advisory Services is glad to offer recommendations on your cyber security program and practices. Contact Bill Heaven at 330-758-8613; or via email at wheaven@hbkcpa.com. HBK is here to answer your questions and discuss your concerns.

Speak to one of our professionals about your organizational needs

"*" indicates required fields

HBK uses the contact information you provide to send you information about our products and services. You may unsubscribe from these communications any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.



Is Your Anti-Virus Software Functioning as Intended?

Date June 4, 2019
Article Authors

Most people know basic information about anti-virus software and that it is crucial for cybersecurity. However, it’s often mistakenly believed that anti-virus software is the only cybersecurity defense component required to protect your computer system.

Anti-virus does play a very important role within a multi-layered cybersecurity strategy. However, we are providing this overview to underscore and verify that this component is merely one part of protecting your computer environment.

From a 50,000-foot view, anti-virus software operates in the following manner: it checks a table of known virus definitions with all the files stored on a computer system, in order to flag a potential virus. The flagging of viruses is achieved either through signature-based or heuristic-based analysis.

A file signature is a unique identifying number located in the file’s header that identifies the type of file and data contained within that file. Heuristics refers to an algorithm that is used to find previously unknown viruses (i.e. those not yet listed on the virus definition table).

There are two main anti-virus operational modes currently in use to check files on a computer system:

  1. Full System Scan. This mode also includes a “quick scan” or a check of files within which the file signature has changed since the previous Full System Scan, which runs on an automatic schedule or is manually enacted.
  2. Background Processing. This is the process that occurs (as its name indicates) and functions in the background on your computer by checking every file as it is opened. It is often referred to as “Real-Time Protection”.

There are many anti-virus options available to consumers, including both free and paid products. Virus detection rates vary among these choices and can fluctuate over time. Therefore, do not expect there to be only one solution that is consistently proven as the ultimate anti-virus product available. A consistent “Number One” has not yet materialized.

There are numerous anti-virus comparison sites searchable on the web. Also, it’s important to remember that if your anti-virus definition files are not updated regularly, or if the anti-virus function is disabled by users of your computer system, you may not be receiving the protection you assume.

Action Items:

  1. If you do not already use anti-virus software, research options within your price range and choose a solution that fits your needs.
  2. Implement the anti-virus software system on your network.
  3. Periodically ensure that your anti-virus software is running as intended. This means the virus definition table will be updated frequently and that it will be consistently used on all computers within your network.
  4. HBK Risk Advisory Services can assist you with your data backup or Cybersecurity questions and needs. Please contact Bill Heaven at WHeaven@hbkcpa.com

Speak to one of our professionals about your organizational needs

"*" indicates required fields

HBK uses the contact information you provide to send you information about our products and services. You may unsubscribe from these communications any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.



Data Backup: Do You Have a Reliable Process in Place?

Date April 26, 2019
Article Authors

Most people know they should regularly backup their data. However, they often completely ignore this advice or, sometimes establish a data backup process without first verifying that the process works.

As our reliance on computers (and data) continues to increase, events such as an equipment failure, malware, a virus, ransomware, a user error or a disaster can result in significant data loss. The impact of a such a data loss could be devastating.

How long could your business remain profitable after a permanent loss of data?

According to a recent BBB survey of small businesses, only 35% of companies could remain profitable for more than three months following a data loss –and more than half would be unprofitable in less than a month.

There are two main backup categories: Onsite and Remote. Each contains multiple backup options. Within the main categories, the types of data backups are: full, incremental and differential. They are defined as:

  • Full Backup – A complete copy of all available data.
  • Incremental Backup – A copy of only the data that has changed since the last backup of any type.
  • Differential Backup – A copy of only the data that has changed since the last full backup.

Properly leveraging these backup strategies and solutions is critical to reducing exposure to potential data loss and disrupted operations. Additionally, periodic test your backups should be run to ensure that they are working properly and backing up data in its entirety.

Action Items:

  1. Research and choose the data backup category and type that you plan to use.
  2. Establish a data backup schedule (Backup Regularly).
  3. Periodically test your backup (Perform a Test Restore).

HBK Risk Advisory Services can assist you with your data backup or Cybersecurity questions and needs. Please contact Bill Heaven at BHeaven@hbkcpa.com

Speak to one of our professionals about your organizational needs

"*" indicates required fields

HBK uses the contact information you provide to send you information about our products and services. You may unsubscribe from these communications any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.