Early Access to Sign Up For Our March 2023 Webinar
Incident Response

Planning and Training

Join SecuLore’s team of cyber experts for our webinar - Cyber Incident Response Planning and Training on March 8th at 2 PM ET to gain valuable insights into what needs to be included in your response plan, how to put together an incident response plan template, and why incident response training is a necessary exercise to test your plan.

Cyber Tip of the Month

When Should You Change Your Password?

Last week was National Change Your Password Day, which encourages all users on personal or organizational accounts to take action on protecting passwords and other sensitive data stored in accounts.

However, over the last few years, NIST dropped its recommendations of changing passwords quarterly and or set schedules, as it wasn’t having the intended effect on password safety.

When changing passwords on a set schedule, people may be likely to make small alterations to their password, such as add a number or one character to the password. Studies show year after year that some iteration of 12345 continues to be the most common password.

According to Verizon’s 2021 Data Breach Investigation Report, 61% of incidents that impacted US public sector agencies were due to weak login credentials.

The estimated time to crack a password that is just 12 numbers takes about 25 seconds. 

Instead of changing passwords with a schedule prompt every 90 days, password policies are often more effective to protect login information and other sensitive data.

Good password policies don’t just include dates to make changes but also include instructions for number, word and character usage in them to guarantee stronger passwords organization-wide.

Watch the above clip to learn more about creating quality cyber secure policies for your organization, including passwords and more. 
 

Download our full webinar on the topic to watch for free on-demand: Creating Cyber Resiliency: Policies, Procedures and Planning

Pima County, Arizona 1/30/23

Ransomware

K-12 education organizations continue to be a focus of ransomware groups over the last several months as Southern Arizona’s largest school district, the Tucson Unified School District was the latest victim.

The weekend before 1/30/23, the district was allegedly hit by the Royal Ransomware group, who held the data hostage and forced the schools to do work offline. Royal claimed the districts data was coped and could be published online, and sent the district an email claiming to offer them a “unique deal” to decrypt the data, restore it and keep it confidential. 

If you wish to learn more or have concerns about your network please contact us

410-305-0234

info@SecuLore.com

www.SecuLore.com/contact

Do you know someone who would like to receive our emails?
Send them the link below to sign up.
https://www.seculore.com/media/newsletters-cyberalerts