The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic test designed to help institutions identify risks and gauge cybersecurity preparedness. The tool is primarily for financial and non-depository institutions, enabling organizations to make risk-driven security decisions informed by regular cybersecurity assessments and standardized risk measurement criteria.

With the worldwide popularity of Android and its open-source software, hackers have an increased incentive and opportunity to orchestrate attacks. A Google search for “Android malware” brings up headlines like these, all from the past few days or weeks: SecurityScorecard recently analyzed a specific threat known as the AhMyth RAT (remote access trojan), which made headlines for infiltrating a popular screen recording app on the Google Play Store.

A basic Google search for the term “cybersecurity” will turn up dozens of competing advertisements for companies promising to solve all your security woes and keep attackers at bay with their version of a “technology silver bullet” – the end all be all that you must, according to them, purchase right now. It’s not that technology isn’t essential to your security strategy; it’s vital!

As a kid, keeping a secret meant not telling anyone else information that a friend chose to share with you and trusted you to protect. In the digital era, protecting customer and employee sensitive data works similarly. Although establishing privacy controls and maintaining data protection are more difficult when managing complex IT environments, the principles underlying your data protection initiatives remain the same.

Regular, comprehensive audits keep organizations on track. Audits come in all shapes and sizes, too: internal and external audits; audits of finance, audits of data, audits of operations. As a business owner, whether for a large enterprise or a small business, you want to assure that your stakeholders can trust your business operations and that your finances are in order. Internal audits are a great way to reinforce that trust and credibility.

Cyberattacks on state and local governments are on the rise. In 2020, more than 100 government agencies, including municipalities, were targeted with ransomware – an increasingly popular attack vector. Recently, average down time from cyber attacks on these targets is 7.3 days and results in an average loss of $64,645. These incidents are costly and disruptive. Most state cybersecurity budgets are a paltry 0% to 3% of their overall IT budget on average.

In cybersecurity, being well-versed in the wide range of resources available for protecting and enhancing your digital environment is crucial. One of the most significant and effective tools is the Mitre ATT&CK Framework. Read on for an in-depth exploration of this critical cybersecurity framework and how you can apply it to your own organization.

This week, SecurityScorecard is participating in the US Chamber of Commerce’s Cyber Security Trade Mission to Israel. This has been a valuable experience to not only share our cybersecurity knowledge, but to learn more about Israel’s cybersecurity efforts, and those of other countries.