How to Stop Whaling Attacks From Sinking Your Biotech Firm

Posted by Steven Vigeant on 10/11/16 8:30 AM

You don’t need to be a hardened sea dog to know the bigger the fish, the harder to catch — but the bigger the payoff. Cybercriminals understand this concept, too. And as their phishing  techniques become increasingly polished, they’re turning their harpoons on the leviathans of the business world: the C-suite.

When cybersecurity experts talk about whaling, they could mean one of two types of attack:

  • A spear phishing attack directed against senior executives, with the goal of accessing customer data, bank account numbers, passwords, or any other valuable information. (As described in this recent Kaspersky article.)
  • A spear phishing attack in which the attackers digitally impersonate a senior executive, in the hopes of tricking lower-level employees into making a wire transfer or revealing sensitive information. (As described by Mimecast here.)
Read More

Topics: Data Security

4 Ways to Avoid a Spear Phishing Attack Against Your Biotech

Posted by Steven Vigeant on 9/20/16 8:30 AM

A trustful nature is, under most circumstances, not a bad character trait to have. But to cybercriminals, a little too much trust — combined with a generous dose of curiosity and inattention — is just the crack they need to worm their way into your biotech firm’s data.

Recently, I wrote about phishing , one of the most widespread and effective techniques used by hackers today to steal data, infect networks, and disrupt business. In its most basic form, phishing casts a wide net in the hopes of reeling in a few gullible individuals among thousands.

But hackers have a much more precise — and potentially devastating — weapon in their arsenal: spear phishing.

Read More

Topics: Biotech, Data Security

How Hackers Use Email to Access Biotech Information

Posted by Steven Vigeant on 8/17/16 6:22 AM

Despite all the advances in cybersecurity in recent years — iron-clad antivirus, impenetrable encryption, spookily effective spam filters — hackers are still breaking into even the most secure organizations by taking advantage of their weakest position: the human element.

According to some estimates, up to 91 percent of data security attacks begin with a false email intended to dupe the receiver into giving up login credentials or installing malicious software. This technique, a favorite of hackers worldwide, is called phishing.

Read More

Topics: Biotechnology Startup, Data Security

Small to Mid-Sized Biotech Company? Watch Out For These New Cyber Attacks

Posted by Steven Vigeant on 2/26/15 11:33 AM

If you read the news these days there always seems to be a new article about a data breach, virus or hacking threat. They are usually about large companies (remember Anthem’s identity theft breach where tens of millions of SSNs were stolen?) but multinational corporations aren’t the only ones being targeted.  Even small to mid-sized companies get hit - we have seen an increasing number of targeted attacks at some of our very own biotech clients. There are two threats in particular I want to share:

Read More

Topics: Biotechnology Startup, Biotech, Data Security

You're Doing it Wrong: IT Support is Not a Business Expense

Posted by Steven Vigeant on 6/26/14 9:04 AM

If you think about your business’s technical infrastructure the same way you think about your office furniture or your business lunches, you’re doing it wrong. You will miss out on valuable opportunities and open yourself up to significant risks. You shouldn’t view IT as business expense; view it as an investment.

The truth is that the decisions you make about IT can pay huge dividends down the road, but only if you approach it carefully and strategically. Instead of thinking of IT as just another check to write, think of it as an essential component of your future success.


Read More

Topics: IT Outsourcing, Backup and Disaster Recovery, IT Support, Data Security

Why Your Small Business's New Year's Resolutions Need to Involve IT

Posted by Steven Vigeant on 2/12/14 5:17 PM

So it's February already, how are your New Year's resolutions coming?  No, I'm not talking about how much weight you've lost or how many days you've managed to floss in a row (but congratulations) - I'm talking about the resolutions and goals you've set for your small business for the upcoming year.  More than half of small businesses make new years resolutionsThe start of a new year is a natural time to look back over the previous one and plan for the next one. Did your last year go as well as you had hoped? What can you do to avoid the problems you faced in 2013 and maximize your opportunities in 2014?

Whether it be to contact customers more often, blog more frequently, focus more on social media, or launch a pending marketing campaign, small business owners have a lot on their minds. But somehow IT planning isn't ever on the radar.  You rely on technology for your company to function, so why aren't you giving it the attention it deserves? There are easy and low-cost ways you can improve your whole IT infrastructure for the upcoming year, and it's never too late to get started.

Read More

Topics: Backup and Disaster Recovery, Data Security, IT partners

Are You Relying on Your Spam Filter to Protect Against Viruses?

Posted by Steven Vigeant on 12/24/13 1:01 PM

Email has become such a ubiquitous technology that it is easy to become complacent about the security threats it creates. There is a very real risk that you or one of your employees could infect your entire IT infrastructure with a catastrophic virus delivered through email. As sophisticated hackers have gotten better and better at disguising spam and other malicious messages, it is a challenge for even IT professionals to use email safely.

Read More

Topics: Data Security, Email

Are Your Employees Sabotaging Your Data Security?

Posted by Steven Vigeant on 12/5/13 3:45 PM

When people think about data security, they typically think of outside threats. Computer hackers, virus developers, and malicious minds around the world are legitimate concerns. But the greatest threat to your company's sensitive information may actually be hitting a little closer to home (literally).

Read More

Topics: Data Security

Why Everyone Should Be Aware of Massachusetts Privacy Law Compliance

Posted by Steven Vigeant on 11/21/13 5:15 PM

In the wake of numerous high profile cases of identity theft and sensitive data loss, many states have begun requiring businesses to meet certain standards for maintaining privacy. These laws mandate that any business that stores personal information (social security numbers, bank account info, etc.) in electronic form must take steps to protect it. Massachusetts has been one of the more proactive states in this regard.

Read More

Topics: Data Security

Stop Saying You're 'Too Busy' to Write an Information Security Policy

Posted by Steven Vigeant on 11/15/13 9:53 AM

Seemingly every day there are stories on the news about data security issues. These range from individuals having their identity stolen, to major corporations loosing massive amounts of customer information. In spite of all these situations, it is easy to be nonchalant about information security.

Read More

Topics: Data Security