CISA’s Zero Trust Maturity Model – A Framework for Transitioning to Zero Trust
Significant cyber attacks in 2021, like Colonial Pipeline and JBS Meats, and a continued increase of cyber attacks in 2022 has prompted the U.S. federal government to respond, leading to the recently released memo from the Office of Management and Budget (OMB), requiring federal agencies to implement zero trust (ZT) technology by fiscal year 2024. […]
The Importance of Implementing a Zero Trust Security Model
In 2021 there were 1,862 data breaches, according to the Identity Theft Resource Center’s 2021 Data Breach Report, and the number of cyberattacks continue to grow. The average cost of a data breach for organizations is $4.24 million and with the detection time for a breach averaging 287 days, this poses a significant risk that […]
Explaining the Cybersecurity Alphabet Soup
To meet the increasing cybersecurity demands today, many organizations are looking for easier ways to meet multiple frameworks such as NIST 800-171, CMMC 2.0, HIPAA, and more, to provide a baseline of security. Based on trends in the marketplace, our cybersecurity experts expect that, soon, all organizations will be required to complete one or more […]
A Reminder for Regular Vulnerability Scanning
In the wake of Apache’s Log4j vulnerability in December, several cybersecurity vendors announced free vulnerability scanning services. Vulnerability scanning can help businesses identify vulnerabilities within their systems–an important step towards detecting and preventing potential cybersecurity threats. We encourage our customers to take advantage of free vulnerability scanning services while they are available, but also consider […]
Addressing the Cybersecurity Burnout Effect
What is the Cybersecurity Burnout Effect? A recent study by 1Password illuminated a trend that may already seem apparent within your organization: there is a clear connection between employee burnout and the experience of cybersecurity threats. When employees are disengaged, they are less likely to follow employee security protocols, therefore bringing greater cybersecurity risk to […]
2022 Cybersecurity Predictions By Aurora President, Philip de Souza
Another year at Aurora in the books! In 2021 we made some big leaps. During the first quarter, we joined the Plurilock Family in Plurilock’s first acquisition. Our team has gained new resources, new security solutions to champion, and new partnerships. Aurora’s team won new contracts, received several ISO certifications, and continued to solve our […]
Resources for Log4j Vulnerability
If you are not already aware, on December 9, 2021, a zero-day vulnerability on Apache Log4j, nicknamed “Log4Shell” was reported. It has been characterized as “the single biggest, and most critical vulnerability of the last decade.” Many people may have not heard of the Log4j software until the attack was first uncovered, however it is […]
EDR, XDR, and MDR: Improve Your Detection & Response
Going Beyond EDR You probably are already familiar with Endpoint Detection & Response (EDR). It is a valuable solution for detecting and responding to threats inside managed endpoints. This is a great way to minimize the threats of cyberattacks like malware and ransomware. EDR, however, can have its limitations. By only detecting and responding around […]
The ABCs of Cybersecurity
With the fear of being the next victim of a cybersecurity breach, organizations may be tempted to purchase any “next best thing” solution before first meeting basic cybersecurity requirements. Quieting out the noise, we are often reminded by peers in the cybersecurity industry to go “back to the basics.” While we endorse many security solutions […]
How to Implement Zero Trust?
Zero Trust is a cybersecurity framework that aims to eliminate trust from an organization’s network to help prevent attacks. Zero trust was first introduced in 1994, so you probably already know that its basic principle is to “never trust, always verify.” It is designed to protect organizations by segmenting networks, preventing lateral movements, simplifying access […]
