Archives for August 2019

Working With a Capable Business Strategy Consultant

Running a business can be a pretty overwhelming and demanding task for any entrepreneur. It doesn’t matter how razor-sharp your focus is. It doesn’t matter just how much experience you have, either. It can always help to get advice from outside parties that know precisely what they’re doing. If you’re at the helm of a small business of your own, you most likely want to get serious about advancement. That means that there’s a strong chance that you want to get advice from professionals who represent small business consulting firms. If you’re trying to make an intelligent small business consulting firm choice, then you should zero in on a handful of relevant skills right away.

1. Diligence

Diligence is essential for professionals who work as consultants for businesses. The most notable businesses in the world are the ones that have detail-oriented staff members. They’re the ones that have staff members who do not give up quickly as well. If you want to get sound advice, then you need to team up with consultants who are the epitome of diligence. You need to talk to people who don’t surrender easily. You need to speak to those who review all of their choices prudently and thoroughly.

2. Focus

The concept of focus is no joke in the business world. Businesses should always keep their eyes on the prize. Competition is beyond fierce in the business sector. That’s why professionals need to be able to learn from others who genuinely grasp the strength of focus. If you want to thrive, then you need to team up with a business consultant who knows how to concentrate for significant periods. You need to team up with a consultant who can give you advice that pertains to concentrating and zeroing in on tasks that are in front of you as well.

3. Responsiveness

The businesses that tend to go the furthest in society are the responsive ones. They have to be responsive via social media platforms like Facebook and Twitter. They have to be responsive any time customers call them with any questions, too. If you want to be able to learn from a business consultant, then he or she has to be responsive, understandable, and straightforward. Flaky and unreliable business consultants don’t go far. They aren’t able to drive points home for their clients, either. You need help from a consultant who goes the extra mile to get back to you efficiently.

4. Honesty

Businesses need to be honest and transparent. They need to be honest with their team members. They need to be just as accurate with their customer and client bases. If you want to learn from the best of them, then you need to get assistance from a business consultant who grasps the immense value of honesty and sincerity. It’s critical to learn from a professional who knows how to be straight through his or her interaction methods. You don’t want to waste energy on a consultant who beats around the bush all of the time.

5. Enthusiasm

Enthusiasm is an art form. Businesses that accomplish a lot tend to be staffed by professionals who have zeal in droves. If a company is staffed by people who basically couldn’t care less, that’s not a positive thing. If you want to get business consulting that’s effective; then you need to speak with a professional who has a lot of enthusiasm on his or her side. A zeal for business matters can be quite a dangerous thing.

Exploit: Phishing attack
Ameritas: Insurance company operating as a subsidiary of Ameritas Mutual Holding Company

Risk to Small Business: Severe: Several employees fell for a phishing scam and provided their credentials to hackers who used that information to access customer data. The insurance company disabled the affected accounts and issued a company-wide, mandatory password reset. The company’s quick actions certainly prevented the data breach from becoming more expansive, but even temporary access can allow hackers to inflict significant damage on a company’s data security. Because Ameritas failed to adequately prepare their employees for a phishing scam, they will now incur the significant cost of hiring an external security firm to shore up their data integrity, even as they face the less quantifiable reputational cost that always accompanies a data breach.

Individual Risk: Severe: Hackers accessed customers’ personally identifiable information, including names, addresses, email addresses, social security numbers, and policy numbers. Ameritas is offering one year of free credit and identity monitoring services, and anyone impacted by this data breach should enroll in these programs. At the same time, they should diligently monitor their accounts for unusual or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: The cost of a data breach is higher now than ever before, which makes a preventable data breach even more egregious. Consequently, awareness training should be a top priority for every company. The expense of credit and identity monitoring services, reputational damage, and IT upgrades far exceeds the awareness training that can prevent phishing scams from compromising customer data.

Read more

---

In Other News: Capital One Data Breach Impacts US and Canadian Customers 

An expansive data breach at the credit card juggernaut, Capital One Financial, has compromised the personal information for more than 100 million US and Canadian customers. 

The breach exposed the personal data for more than six-million Canadians, making it one of the most significant data breaches in the country’s history. Capital One, which provides Mastercard credit cards for retailers like Costco Wholesale and Hudson Bay Company, noted that the data is primarily restricted to consumers and small businesses who applied for a credit card between 2005 and 2019. 

The data includes names, addresses, postal codes, phone numbers, dates of birth, and incomes. For US customers, the stolen data also includes 80,000 linked bank account numbers and 140,000 social security numbers.

The incident is just the latest wide-spread data breach impacting small businesses and consumers, making their preemptive data protection a must-have element of personal or organization data security.

Read more

Last week, Capital One announced that they experienced a data breach in March which exposed the data of nearly 106 million bank customers or credit card applicants. Capital One has said they will notify the customers or applicants whose data was exposed. However, you must stay alert and be on the lookout for any phone calls, emails, or text messages from cyber criminals related to this data breach.

Watch out for the following things:

• Phishing emails that claim to be from your financial institution where you can “check if your data was compromised”
• Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information
• Calls from scammers that claim they are from your bank, a credit union, or a government institution
• Any unexpected communication requesting personal information, such as your Social Security Number
• Indications that your identity was stolen, such as fraudulent charges on your credit card or notifications that your credit score has lowered

Stay safe out there!

Stop, Look, and Think. Don’t be fooled.

Exploit: Ransomware

New Haven Public Schools: Public school district serving students in New Haven, Connecticut

Risk to Small Business: Severe: A network vulnerability allowed hackers to install ransomware on the district’s servers, prohibiting access to many of their critical digital assets. Fortunately, New Haven Public Schools maintained comprehensive backups, allowing them to restore functionality without paying the ransom. Many attacks in this realm are self-initiated, with an employee accidentally clicking into a phishing email that installs malware into a system. However, in this case, the district insists that technical vulnerabilities were the culprit.

Customers Impacted: Unknown

How it Could Affect Your Business: A holistic ransomware response plan is a mission-critical component of any organization. This plan, which must include everything from attaining the right insurance policy to determining a philosophical position on paying ransom demands, can mitigate the consequences of an attack. In this case, New Haven Public Schools had the backups in place to avoid paying a ransom and to quickly restore operations. Of course, securing IT infrastructure is a complicated process, and partnering with third-party experts can help spot vulnerabilities before the lead to a data breach.

Read more

---

In Other News: Ransomware Gets a New Lease on Life 

Ransomware attacks have made a precipitous return to public life, making them one of the most potent threats in today’s digital landscape. 

Once targeting individual computer systems, ransomware fell out of favor with cybercriminals as it failed to net significant returns. That changed when cybercriminals began targeting local governments and small and medium-sized businesses where they can earn thousands of dollars from the relatively inexpensive attack method. 

Many attribute this shift in approach to the WannaCry ransomware virus, which captured national headlines and set a new direction for future cybercriminals.

As municipalities and organizations grapple with the best response plan, it’s clear that bad actors will continue to wreak havoc with new iterations of ransomware. A strong defense is the most affordable and advantageous approach to these attacks and getting expert eyes on your cybersecurity landscape can ensure that your vulnerabilities are accounted for.

Read more

Be on the lookout for suspicious attachments! The bad guys are using a new type of attachment to trick you and it could reach your inbox. They’re sending phishing emails with SHTML file attachments (.SHTML extension). These types of files are typically used on web servers. If you “open” this attachment, you’re brought to a dangerous website that requests sensitive information. Always remember, never open attachments that you weren’t expecting. Even if the attachment appears to be from someone you know, pick up the phone to verify it’s legitimate.

Stop, Look, and Think. Don’t be fooled.