Cyber and Physical Security Strategies: Personal, Executive, Staff
Onyx prepares useful best practice recommendations that can ensure a heightened level of awareness, and lower your individual, family, business executives, and/or household staff’s overall level of risk.
A home consultation can educate family members and household staff on the technical details of our tailored strategies. Strategy may include ways to securely use mobile phones and apps, cloud backup, antivirus, VPNs, authentication, password manager tools, and Internet of Things devices, and social media. Our recommended strategies provide effective countermeasures to reduce risks including those discovered in our assessments.
Cloud Backup strategies
Cyber experts have been stunned by the amount and effectiveness of ransomware in 2017 and do not see the surge in ransomware slowing down anytime soon. Ransomware attacks will become more prominent and efficient as criminals advance their capabilities. This makes backing up your important and sensitive information even more urgent.
Beginning to backing up your important (or sensitive) photos, videos, business and financial documents, contracts and any other file you would not want in criminals’ hands and/or you would be distraught without.
If you think you are too smart to fall victim to these attacks, remember they are getting more and more sophisticated as attacks evolve. For example, in the 2017 WannaCry attack hackers used leaded NSA hacking tools to launch ransomware attacks.
Security software strategies
But don’t give up completely on security software — you’ll still need it more than ever in
2018. Despite recent concerns about compromised and malicious antivirus software, it continues to be useful, especially if you are using any Windows products. Designers of antivirus tools are scrambling to catch up to advanced threats. While the right tool may provide you with initial safeguards, it is likely only a matter of time before they are broken. This is why you must backup your files on the cloud or on external devices.
Software Update/Upgrade strategies
Onyx strategies also emphasis the importance of software updates. If you are not updating your software, the rest of your efforts are useless.
Many of the ransomware attacks of 2017 are perfect examples of the importance of updates, as they could have been prevented with simply patching of system’s software. Timely updates of EVERY personal and business device are crucial to remain secure.
Onyx strategies also include user friendly authentication solutions to help secure your accounts. Next, learn how to adopt some of the increasingly easy-to-use tools for locking down your accounts, like authentication apps and Yubikeys.
Two-factor authentication works by adding another step to your login process. So even if an attacker obtains your password he will be unable to access your account. While this additional step may seem tedious to some, Onyx will provide solutions that fit to each of our clients’ lifestyles and give them the peace of mind after the next Equifax, Yahoo, or Uber breach occurs.
Password Manager strategies
Onyx’s strategies usually include tailored password managers for our clients. Password manager tools allow our clients to keep hard to crack, unique passwords for all their accounts without having to remember or dangerously keep them written down. Password managers’ holding of multiple unique passwords eliminates the fear of having one of your passwords stolen to be used by hackers to access your other accounts. They also prompt the use of long and complex passwords that are extremely difficult to brute-force crack.
Secure Wi-Fi strategies
Do not use unsecure Wi-Fi! Onyx strategies for individuals provide multiple solutions to secure clients’ Wi-Fi connections from shopping online to signing an e-contracts from home, at a coffee shop, or traveling. Our strategies defend against hackers who create fake networks with similar names to that of a business, airport, or hotel to attack unsuspecting customers. Without safeguards these criminals can intercept data like your account logins, sensitive business data and credit card numbers.
Even if a Wi-Fi network is legit there is no guarantee it is secure. For example, criminals known as “trunkslammers” routinely prowl affluent neighborhoods looking for discoverable routers to hack into. If a hacker can access your WI-FI router, they can also control any devise of system attached to that router including security systems and cameras, IoT devices, smart cars and more.
Smart Home Strategies
The explosion of Internet of Things devices from home thermostats, baby monitors, internet enabled televisions, cars, major home appliances is creating an ever-expanding interconnected web that are prime targets for cyber criminals. This machine-to-machine communication is creating a new level of risk — by providing hackers with new vulnerabilities to exploit. Attackers can access this personal information and use it for or hold it for ransom. Many of these IoT devices have little to no security features instead appealing to customers desire for ease and convenience. Products such as Google Home, Alexa, Siri present even riskier vulnerabilities with their data collection if controlled by hackers. Smart TVs and video game consoles present vulnerabilities as attackers are able to control cameras on these systems. Hackers learned of these vulnerabilities from the CIA’s use to exploit their targets before their operation “Weeping Angel” was leaked.
Social Media Strategies
Social media is becoming the most dangerous personal security vulnerability. Not only to individuals’ protection of information but to their physical security.
Social media apps have become extremely susceptible to hacking. Individuals posting their activities and location from mobile devices wherever they go. Sometimes not even knowing they are revealing this data through mobile apps connected to GPS enabled location services. Criminals can also attach malware that they use to track your movements without your knowledge.
Children are particularly susceptible to revealing personal information on public websites. Children’s’ running dialogues on social media sites such as Facebook, Snapchat and Instagram, allow criminals to monitor their activity including knowing when the family was home or what hotel room they are staying in, making them a target for theft, kidnapping or assault.
These are just a sampling of the many solutions Onyx provides in its strategies. Our advocacies’ attacks are evolving rapidly and technology is attempting to keep up. At Onyx we are product agnostic so are able to suggest the most cutting edge technology to defeat these threats.
Cyber and Physical Security Strategies: Businesses
Onyx produces unique strategies and transformation programs to protect companies’ sensitive data and assets.
We work with both technical and non-technical players in shaping a security strategy. Technical teams ensure that the plan aligns with the needs of IT and business operations. Non-technical employees help produce strategies that employees will actually undertake and convince staffs of the importance of cybersecurity policies along with monitoring employee cyber policy.
Even if businesses understand the importance of having a strong cybersecurity strategy and believe they have one in place, the constantly changing threat landscape makes it difficult for businesses and their internal IT staffs to determine the best path forward. Onyx works with Boards and C-suites to emphasize the importance of a comprehensive business strategy that is aligned with the cybersecurity strategy and how to produce an efficient and cost-effective solution.
Since Onyx is truly product agnostic, we can recommend the best cyber services and updated security technology. These services and technology will be tailored to match your needs and limit your expenditures on useless or out of date products. Onyx excels at developing a holistic IT design for cybersecurity, including determining the client’s readiness for implementation of technology and services selection and sourcing.
Compliance Consulting Strategy
Onyx is an industry leader in building governance and compliance programs. Compliance standards and penalties for noncompliance are continuing to evolve and expand, becoming costlier for businesses to comply with or pay fines. For example, the average HIPAA fine is almost $2 million.
Onyx works with its clients to meet HIPAA, PCI, GDPR, GLBA, FISMA, NIST, ISO 27002, DoD/IC Standards and other security compliance mandates more efficiently and effectively. Additionally, Onyx also provides ongoing compliance monitoring.
Many companies fully understand the regulatory demands and their potentially ruinous consequences, but executives must understand that compliance alone is not sufficient. While companies may look to spend on compliance requirements first, those seeking to maximize their cybersecurity will look to Onyx for comprehensive offerings to ensure protection.
Business Intelligence and Risk Assessments
Onyx’s experts, including those from the most elite intelligence agencies, provide companies with tailored Risk Assessments so that they can make more informed business decisions.
- Business Intelligence (including Country, Political, and Security Risk Assessments)
- Forensic Accounting
- Internal Investigations
- Litigation Support
- Compliance Services (Anti-money laundering and bribery)
- Travel Security Assessments (for executives and high target individuals travel)
Cyber Insurance Consulting
As concern increases over hacker attacks, individuals and organizations are increasingly looking for new or extended cyber insurance coverage. Companies are taking a closer look at cyber insurance as a means of cutting their losses from an assortment of damaging risks. However, cyber insurance is still an emerging market, with significant variation in coverages and premiums. Onyx helps our clients navigate this convoluted and ever-changing marketplace to purchase coverages that fit their unique situations. Cyber insurance policies can be murky and only cover certain size businesses or industries. Insurers are even struggling to define exactly what constitutes a cyber-attack, how IoT devices outside of an organization might play into policy coverage, and other complex issues. The idea of transferring risk to a third party is attractive, but not all insurers are equal and/or right for you. Onyx makes sure our clients find that right insurer and policy.
Working with companies, Onyx produces cost-benefit analysis to determine if it makes more sense to focus some efforts on risk transfer (insurance) along with traditional cybersecurity efforts. For example, cyber insurance can be very beneficial to SMEs, which often don’t have an expert IT security staff. Additionally, for SMEs it can often be less expensive to transfer risk than to mitigate it.