Whitepaper | Source: Microsoft — In the last year, the cyber threat landscape continued to become more dangerous and complex. Improved defenses will not be enough. However, improved defense will not be enough. The data, insights, and events in this report represent July 2023 through June 2024 (Microsoft fiscal year 2024), unless otherwise noted.
The current United States administration continues to issue and execute dramatic changes in US policies and programs. For businesses, tariffs and their potential impact on the economy and various business sectors gets most of the media attention. Getting less attention, US Cybersecurity Policy changes will have an immediate and potentially devastating impact on many businesses and individuals.
Multiple reputable news and information sources are reporting that on March 2nd, the current administration ordered the Cybersecurity and Infrastructure Security Agency (CISA) to cease tracking and reporting on Russian threats. This is a tectonic shift in policy as Russia is generally understood to be the largest nation-state sponsor of cyber attacks. This change in focus for CISA will dramatically reduce the availability, reliability, and timeliness of cybersecurity threat intelligence.
Here is what you need to know, what to expect, and what to do.
Here are three things to know about cyber threats, CISA, and nation-state cyber attacks.
Threat intelligence is the invisible backbone of your cybersecurity protections. As the name implies, threat intelligence is the collection of sharing of information about cybersecurity risks, threats, methods, actors, sources, and sponsors. It also encompasses knowledge of how to prevent, block, and stop attacks; fix hardware and software to close exploits.
Every legitimate cybersecurity product or service relies on threat intelligence to build, maintain, and improve their product or service. Larger and better-funded cybersecurity companies conduct their own research and share their findings.
CISA is the US federal government agency responsible for collecting, evaluating, and sharing threat intelligence across government and private sectors. The agency also partners with core infrastructure companies, such as Internet Service Providers, to actively prevent, block, and respond to potential and active cyber attacks.
Industry experts estimate that over 40% of cyber attacks originate from, or are sponsored by, hostile nation-states. The Microsoft Digital Defense Report Report 2024 notes that in 2024, 58% of nation-state attacks originated in Russia. These attacks account for up to 25% of all cyber attacks globally.
Expect more cyber attacks and greater challenged to your cyber security profile.
Expect an increase in cyber attacks and, more importantly, successful cyber attacks.
With CISA no longer tracking Russian-sourced cyber attacks, expect Russia, Russian-sponsored, and Russian organized crime to increase the frequency, intensity, and scope of the cyber attacks. Knowing that CISA is no longer watching signals a huge opportunity to attack US government entities, businesses, and non-profits with fear of early detection or responsiveness.
Without fast and accurate threat intelligence, cybersecurity systems and services will take longer to identify threats and attacks.Their response to zero-day (new, immediate) and other cyberattacks will take longer.
Unprotected and under-protected systems will be more vulnerable to successful attacks as the frequency and scope of cyber attacks increase.
In addition to sharing information to help block and stop cyber attacks, CISA shares information on how to repair and recover. Without this information, obtaining decrypt keys and other help to undo the damage will be more difficult and will take more time.
Use our Security CPR® model to guide your next steps:
Inform your team to expect an increase in cyber attacks and ask for additional vigilance. Have security awareness training in place to reinforce the message and to occasionally test if your team can recognize phishing and other email-based cyber attacks.
More than 80% of cyber attacks originate, directly or indirectly, by email. Make sure you have next-generation email threat protection services in place. Beyond header validation and basic sandboxing, your solution now should analyze character sets and fonts, images, QR codes, graymail, and email delivery patterns.
Microsoft estimates that more than 90% of cyber attacks on small and midsize businesses can be stopped with multi-factor authentication (MFA). If you do not have MFA in place for critical systems (preferably ALL systems), do so now.
As the risk of successful attacks increases, ensure that you have the ability to restore damaged and lost data and systems. Verify that you can recover – return to operations – quickly, even as you continue to restore systems and data. Continuity solutions for critical systems and software will save you time and money.
Assess your immediate needs and take appropriate action. Our Cloud Advisors can help you assess your cybersecurity needs and priorities, and can offer budget-friendly, effective solutions.
Contact us or schedule a no-obligation meeting with a Cloud Advisor today.
Allen Falcon is the co-founder and CEO of Cumulus Global. Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.
Your business faces an ever-increasing array of cyber threats. Beyond protections, cyber insurance is an essential component of a robust risk management strategy. Therefore, understanding cyber insurance realities is necessary for you to make sound security and business decisions. In this post, we focus on debunking common cyber insurance myths.
In reality, policies vary significantly with respect to coverages and services. Opting for bundled policies generally results in coverage gaps, as most general liability policies treat cyber coverage as an add-on.These gaps leave your businesses vulnerable to liabilities and losses.
Standalone cyber insurance policies, provided by financially strong carriers, offer comprehensive protection tailored to the specific needs of your business. They address unique risks associated with cyber threats given your industry, business size, and other risk factors. Standalone policies also often include coverage of forensics, temporary resources, and other recovery needs. Dedicated coverage helps you respond more effectively to a cyber incident.
While robust security practices can positively impact premiums, broader industry trends and company-specific factors play a more significant role in determining pricing.
Industry-wide loss ratios have a substantial impact on insurance costs. Peer group averages impact premiums as well. Insurers assess the risk profile of businesses within sectors. As insurers issue more policies and analyze claims, insurers refine actuarial, incorporating additional factors and risks.
Many businesses hesitate to buy standalone cyber insurance policies out of fear that their policy will not pay out in the event of a claim. Reputable cyber insurers with strong financials rarely deny claims with a valid cause..
Inaccurate, or fraudulent, applications are the most frequent reasons for claim denials or reductions.
Your application must accurately reflect your cyber insurance risk profile. The information you provide on your cyber insurance application should reflect a thorough review process. Cybersecurity tools offer verification of your security profile.
Many businesses, including yours, may need additional layers of protection for specific cyber risks. These additional coverages may not be available within a traditional cyberinsurance policy.
Cyber warranties offer additional layers of protection by covering these specific elements of cyber risk. Combining cyber warranties with cyber insurance creates a more comprehensive safety net. This approach bolsters your overall security strategy and ensures appropriate coverage.
Investing in strong cybersecurity defenses provides crucial protection for your business. No security profile or system, however, will stop every cyber attack, data breach, or data loss incident. Cyber threats continually evolve. Even the most secure systems fall victim to sophisticated attacks.
Cyber insurance serves as your financial safety net. Beyond covering direct financial losses, better policies help you recover from incidents that slip through the cracks of your security measures. These resources include forensics, data recovery, customer relations, legal expenses, and more. Cyber insurance protects you financially if and when a cyber attack gets past your defenses.
The thought of obtaining cyber insurance deters many businesses from seeking the coverage they need. Horror stories of complex applications, surveys, and audits create anxiety and fear of the process.
Unfortunately, this myth can come true. Businesses that apply through general insurance agents and fail to leverage knowledgeable IT resources often run into issues during the underwriting process.
Cumulus Global partners with cyber insurance specialists that offer streamlined application processes and non-committal quotes. Our partners work with more than two dozen carriers, ensuring you have options to choose the policies that meet your business needs and budget. Non-biased policy reviews help you understand your coverages and make informed decisions.
Cyber Security Requirements for Cyber Insurance (eBook)
5 Questions for Lower SMB Cyber Insurance Premiums (Coffee & Clouds)
Security CPR® (Cloud Burst)
Security CPR® Managed Security Services (Service Overview)
Avoid falling prey to cyber insurance myths. Contact us and let us introduce you to our cyber insurance partners.
We can provide you with a Cyber Insurance Risk Assessment and help you assess your cybersecurity profile.
Bill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.
(02/18/25) – If your business must comply with government or industry regulations covering disclosure of protected information, Data Loss Prevention (DLP) can be complex and expensive. This session coves affordable, effective DLP solutions for small and midsize businesses, like yours.
As we have shared in the past, cyber attacks constantly change and evolve. We face new attack vectors, or methods, and old methods reappear. Email remains the most common starting place for cyber attacks. These attacks may be direct, or they may be the first step of a larger attack.
Over the last few months, we have seen an increase in new and reappearing email-based cyber attacks. Here are three types of attacks that you may be unaware of, but should protect against.
As the name implies, an Email Burst Attack begins when the attackers send a burst of legitimate-looking, identical emails. To the victim, the attack appears to be a technical issue, as they may receive anywhere from 10 to more than 100 emails within 20 to 90 seconds. The attack continues with a phone call or email impersonating an IT employee or a vendor. The victim is asked to “reset” a password or download software to “fix the problem,” giving the attackers access to credentials and/or the computer.
Email Burst Attacks are difficult to detect and can result in significant breaches and loss.
An email-based cyber attack that uses Google Groups is back after several years in the shadows. In this attack, the cyber attacker creates a Google Group, directly adds members, and sends emails to the group members. These emails range from basic spam to sophisticated phishing attacks.
The emails look legitimate because the email is from the Google Groups service, a trusted sender. As such, a Google Group attack is difficult to identify and defend against.
Email-based cyber attacks often use images and “calls to actions” that appear to be from a trusted source or brand.
Attackers will use images of, or from, legitimate websites to mimic the look and feel of stores, banks, and other trusted businesses. To detect these attacks, you need to compare the image and branding with the email header and meta data. This type of scanning is beyond the ability of most email threat protection services.
QR Codes pose a similar risk. In order to validate that a QR Code is safe, you need to scan the image and test the underlying URL. Because QR Codes are not a “link click”, most email scanners cannot validate they are safe.
The newest generation of email threat protection services include the abilities to detect and mitigate these attacks. These services include:
Cumulus Global offers email threat protection services with these capabilities within our Managed Cloud Services and as a stand-alone service offering.
Get more information and assess your email threat protection services, or schedule a no-obligation meeting with one of our Cloud Advisors.
Christopher Caldwell is the COO and a co-founder of Cumulus Global. Chris is a successful Information Services executive with 40 years experience in information services operations, application development, management, and leadership. As COO, Chris overseas our Service Team, providing expert consulting, cloud migration, education, and support services.
The Next 3 Items on Your 2025 IT Checklist
As we move into 2025, our businesses face a new set of challenges. Political and economic changes, rapidly emerging technologies, and increasing security threats will all demand our attention. Where we focus, and the decisions we make, will impact our businesses, customers, and employees. Is your 2025 IT Checklist ready to help?
Your information technology services remain critical to your business operations. Pragmatic, thoughtful planning and decisions now, will empower your team and enable your business to address the coming challenges – and opportunities. Here are the next three of six key areas to explore as you build your IT goals and objectives, and your 2025 IT checklist.
Evolving threats and regulatory requirements keep cybersecurity a top priority for businesses. Beyond protection and prevention, focus on resilience. Ensure your business can maintain operations during and after a crisis.
As your IT environment becomes more complex, inefficiencies and costs will escalate. Simplify your IT systems and services to reduce redundancies and enhance productivity.
Stay ahead of technology trends to ensure your business remains competitive.
For help with any part of your 2025 IT checklist, or to tap into our expert guidance, book a complementary intro call with our Cloud Advisors. Ask for an IT Assessment Referral Code and request your IT assessment.
Allen Falcon is the co-founder and CEO of Cumulus Global. Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.
eBook | Source: Cumulus Global — This eBook provides a summary of the security features across Google Workspace subscriptions. Using the included matrices, you can select the subscription that best meets your needs and compare the detailed capabilities of security features against third party options.
As we head into the new year, we face an uncertain business landscape. Politics, the economy, and technology advances create new tech-related challenges and opportunities. As you make your plans, be ready for these 3 things in 2025.
Windows 10 reaches its end-of-life on October 14, 2025. As of this date, Microsoft will stop releasing new features, free security updates, and support. You must decide when and how you will transition to Windows 11.
Staying on Windows 10 without subscribing to the Extended Security Updates (ESU) program exposes your systems to increased vulnerabilities, potentially impacting compliance with cybersecurity regulations.
While many devices currently running Windows 10 can support Windows 11, older machines may struggle with performance due to inadequate resources. You should expect to invest in some new hardware or upgrade existing components, such as memory, to ensure smooth operation. Given the anticipated surge in demand for new devices, early planning and procurement can mitigate potential cost hikes and supply chain delays.
More Info:
The realm of artificial intelligence (AI) is poised to transition from theoretical enthusiasm to practical implementation. 2025 is the time to focus on AI’s tangible benefits, such as enhancing employee productivity and streamlining customer interactions. Rather than replacing human labor, use AI as a tool for augmenting capabilities and achieving efficiency gains.
Security remains a critical consideration as AI becomes more integrated into your business processes. Protecting your sensitive data and ensuring your compliance with regulatory standards is paramount, especially when using AI tools within Microsoft 365 or Google Workspace.
Assess the cost-effectiveness of AI investments, ensuring they provide a clear return on investment without duplicating existing capabilities. As AI tools continue to evolve, balance cost, security, and practicality to leverage AI effectively.
Resources:
In an era where cybersecurity threats are ever-evolving, small businesses like yours should adopt a robust security framework to safeguard your operations. A comprehensive approach—encompassing communication, prevention, and recovery—is critical as new threats emerge. With incidents like business email compromise posing significant financial risks, maintaining a strong security posture is non-negotiable.
For smaller businesses, Resilience becomes a key focus of your cybersecurity strategy. Ensuring your operational continuity, even during cyber incidents, is crucial for minimizing disruptions. Resilience is not only protecting data but also enabling swift recovery and business continuity.
As cyber insurance requirements become more stringent, Compliance with evolving security benchmarks and standards will increase coverage and lower premiums. The savings is a bonus to improved protections against potential threats. Penetration testing, or Pen Testing, can be an affordable way to benchmark and track your security profile against relevant industry and regulatory standards.
Dive Deep:
If you are interested in planning your Windows 10 to Windows 11 upgrade, your use of AI, or your security improvements, book a free, no-obligation session with one of our Cloud Advisors. Or, send us a quick note and let us know how we can help.
Allen Falcon is the co-founder and CEO of Cumulus Global. Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.
* Discount RSA offer requests must be received prior to 3:00 PM EST on Dec. 31, 2024.
eBook | Source: Cumulus Global — This eBook presents an introduction to Penetration Testing and discusses how small and midsize businesses can use Pen Testing effectively and affordably as part of a robust cybersecurity program.
