Posts

Your Strategy for Business Resilience

/in ,

Cyber incidents, system failures, and unexpected disruptions are no longer rare events. For small and mid-size businesses (SMBs), even a short outage or minor breach can interrupt operations, expose sensitive data, and damage customer trust.

Business resilience means preparing your organization to absorb disruptions and keep moving forward. You cannot, however, achieve resilience with a single tool or policy. 

Business Resilience requires a layered security strategy that reduces risk, limits impact, and supports fast recovery

Why Business Resilience is Your Priority

Technology plays a critical role in nearly every part of your business. When systems are disrupted, the impact extends beyond IT to revenue, reputation, and customer confidence. 

A resilient security strategy helps you maintain operations even when things do not go as planned. 

Connect with a Cloud Advisor4 Strategic Pillars for Resilient Cybersecurity

An effective approach to security addresses risk across four key areas:

  1. Awareness: Your employees recognize common threats, follow security best practices, and understand their role in protecting the organization.
  2. Prevention: Updates, controls, and monitoring reduce exposure by closing common attack paths.
  3. Protection: Safeguards such as encryption, access controls, and multi-factor authentication limit damage when incidents occur.
  4. Recovery: Backups and response plans enable you to restore systems, data, and workflows quickly.

These pillars help you defend against both cyber threats and everyday mistakes and align with our Security CPR managed security model. 

Plan for Impact, Not Just Prevention

No environment is immune to risk. 

Even with strong preventive measures, incidents will still happen. Ongoing training, layered defenses, and clearly defined response plans will help you manage disruptions efficiently and reduce downtime. 

Preparation ensures that a security event becomes a manageable incident rather than a prolonged crisis.

Resilient cybersecurity is the foundation for business resilience. 

Resilience is a Strategic Commitment

Building resilience is an ongoing effort that evolves as threats, technologies, and business needs change. With the right strategy and experienced partners, you can stay prepared, protect critical systems, and maintain stability when disruptions occur.

Managed Cloud Services Support Business Resilience

Managed cloud and managed security services play a critical role in helping you improve security and business resilience without overwhelming internal teams. At Cumulus Global, we support resilience through:

  • Comprehensive IT and security management
  • Secure collaboration and productivity solutions
  • Cloud infrastructure monitoring, optimization, and protection

By aligning cloud technology with your business objectives, our managed cloud services and our Security CPR™ Managed Security Services improve reliability, reduce risk, and support long-term continuity.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with productive, security, and secure managed cloud services. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped hundreds of organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience and effective change management.

Avoid MFA Pitfalls and Lockouts

/in

MFA PitfallsMaybe you have seen the meme about spending 6 hours per day entering multi-factor authentication (MFA) codes. While inconvenience is one pitfall of MFA, improper configuration and management of MFA can lead to more damaging pitfalls and lockouts. Your ability to work can take days to recover.

The MFA Pitfalls 

Most of us are not using a separate security key; we authenticate using our smartphones. Whether by Authenticator app, SMS text, one-time passwords/codes, or local app login, we need our smartphone to access our apps and services.

Imagine this scenario:

  • Your iPhone is lost, stolen, or damaged.
  • On your laptop, you need to login to check email and the authentication goes to the Authenticator app on your phone.
  • You could opt to have a one-time password emailed to you, but you cannot access your email.
  • You could send it to your recovery email, which you rarely use, is logged out and the MFA also goes to your phone.

You get the picture. You are stuck, but you still have other means of access. Depending on your configuration, restoring access may be complex and take too much time.

And while this scenario may seem unlikely to happen, we see online forums where over 80% of help requests relate to account lockout and recovery. Almost all of the problems were avoidable with proper configuration and management.

Tips to Avoid MFA Pitfalls

To help you avoid MFA pitfalls and lockouts, we created a list of things to consider when configuring management of your MFA services.

  • Use a Sustainable Phone Number for MFA and for Recovery: MFA texts and messages should only go to a phone number that can remain in use if you switch phones or phone systems. Whether to a physical phone or a VoIP service, make sure that you will not lose your number if things change in the future.
  • Have a Separate Recovery Phone Number: If your phone is not available for MFA calls or texts, it is not going to work for recovery codes, calls, or texts. If at all possible, use different phone numbers for MFA and recovery. If your MFA phone number is your smartphone, your recovery phone number could be your business’ VoIP phone number, or the number of a trusted coworker or spouse.
  • Use a Separate Recovery Email: If the email account that receives MFA messages is inaccessible, you will not be able to use it for recovery. Use an alternate email address. This could be a personal (@gmail.com) account or a one belonging to somebody you trust. When setting up your recovery email account, make sure that account is not reliant on the same methods and devices.
  • Stop Before You Drop: Before you give up, abandon, or change a phone number or email address, review the MFA setup across all of your apps and systems. Make sure you move them to your new number and/or email address before you give up the old ones.
  • Backup Your Authenticator Apps: Both Microsoft Authenticator and Google Authenticator let you backup your Authenticator App data. This lets you reinstall and recover your Authenticator settings and accounts on a new or different device. Make sure, however, that the backup location does not require the Authenticator App for access.
  • Create, Print, and Save Recovery Codes: Many systems, apps, and security tools let you create emergency recovery codes. If available, create the codes, print them, and keep them in a safe location (“Put it with your Passport”). Having these codes can reduce account recovery time by hours or days.
  • Use a Password Manager: Password managers provide a single, secure login to allow access to complex passwords and validation for the connected apps. Using a password manager reduces the risk of account lockout.
  • Do Not Buy Direct: Buy your cloud apps and services through authorized partners. For most SaaS and cloud solutions, your partner has administrative access to your account. They can reset passwords and recover accounts. If needed to expedite access or recovery, your partner can change MFA configuration and/or temporarily remove MFA from an account.

These steps require some planning. As MFA settings and preference can often be set individually, you will need to communicate and coordinate with your employees. 

We Will Help

Our Cloud Advisors are here to assist. We can:

  • Review your current MFA services and configurations
  • Identify risks and recommend changes
  • Assist your team members with settings and recovery codes
  • Provide your with Password Manager services
  • Provide license and account co-management for your cloud services

Schedule time with one of our Cloud Advisors now to discuss your next steps.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Don’t Fall for the Call

/in ,

Don't Fall for the Call

IT support scams are back and on the rise. Over the past few weeks, the reports of vendor phone calls and emails claiming to contact people about suspicious activity in their accounts have skyrocketed.  

Do Not Fall for the Scam

Google, and Microsoft, will NEVER call your or email you to start a service or support call.  Let me repeat that, but this time in bold. Google, and Microsoft, will NEVER call your or email you to start a service or support call.

Some of these calls and emails attempt to get you to enter your username and password into a fake web page. 

Many of these attacks request the multi-factor authentication (MFA) code. The attackers initiate a password reset. If given the MFA code, they access the account and can change credentials, access other services, and exfiltrate information.

It is more difficult to spot fake landing and sign in pages

While historically easy to spot, attackers use generative AI to create sophisticated fake login pages. 

Attackers are also using legitimate landing page, marketing, or document tools. The link in the email may open a validly hosted page or document with instructions and another link that, in turn, takes you to the fake login page. 

As the hackers take you through a legitimate service, as a pass-through, you may be less likely to notice that the page asking for your credentials is fake. This method is also more difficult to combat since the pass-through may require valid credentials for access.

Steps You Can Take

You can take a few simple steps to prevent these types of attacks from successfully damaging your business.

  • Education – Inform and educate your team about current and emerging cyber attack methods, what to look for, and how to handle suspicious activity.  Cyber Awareness Training, if well managed, is an affordable means to keep security top of mind.
  • Advanced Email Threat Protection – Email threat protection focused on sender domains, links, and attachments is not enough. Attackers use masking, images, and QR codes beyond the capabilities of many email protection services. Upgrading to a more robust service will provide better protections. Solutions that provide banners and “one-click response” better empower users to flag and manage suspect messages.

We Will Help

Our Cloud Advisors are here to assist. We will:

  • Assess your current security profile and protections
  • Prioritize options and recommendations for security improvements
  • Help you plan and budget for any changes
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

5 Cyber Threat Trends You Should Know

/in , ,

5 Security Cyber Threats You Should Know

Earlier this week, we shared CrowdStrike’s 2025 Global Threat Report which identified five (5) cyber threat trends that you should know. While cyber-fatigue is real, understanding the threat landscape helps you assess your risks and security posture and make informed decisions on how to prioritize security-related spending and investment.

5 Cyber Threat Trends

Here are the 5 cyber threat trends you should know.

1 China on the Rise

Cyber attacks originating in China – both nation-state and organized crime – jumped 130% over the prior 12 months. At the enterprise-level, China-nexus attackers focus on telecommunication systems. For most businesses, the increase in attacks on unmanaged devices should be of concern. 

Unmanaged devices lack detection and response capabilities that allow attackers to lurk, monitor, and capture credentials for greater access to your systems, applications, and data.

2 Hands-On-Keyboard Attacks are Making a Comeback

The best way for cyber attackers to avoid modern malware protection, such next-gen endpoint protection and managed detection and response (MDR) services, is for the attacker or a surrogate to use the keyboard. These manual, interactive attacks are up 27% over the prior year.

We may imagine hands–on-keyboard attacks as movie-like scenarios of corporate spies posing as custodians sneaking onto computers while avoiding the security guards making their rounds. In reality, the hands-on-attack may be your employee responding to somebody they think is IT support or a vendor helping them solve a problem.

3 Rapid Ransomware Reach

The speed at which cyber attackers can launch ransomware attacks after an initial breach is accelerating. From breach to spread, attacks are up to 32% faster than previously known.

This speed gives cybersecurity systems less time to identify behaviors and patterns that identify the cyber attack, weakening the effectiveness of the protections.

4 AI for Evil

With the help of AI, certain types of cyber attacks have jumped 220% over the prior year. Cyber attackers are using generative artificial intelligence (Gen AI) technologies to power more-effective attacks.  

Using GenAI, attackers create more realistic fakes – emails, documents, phone calls, and videos – to trigger responses and reactions that enable and facilitate access and breaches.

At the same time, cyber attackers are using security vulnerabilities in the platforms and tools businesses use to build AI agents, just as they use vulnerabilities in web, application, and office productivity platforms.

5 Cloud Attacks Gain Altitude

Cloud intrusions – successful cyber attacks on cloud systems and services – jumped 136% during the first half of 2025 compared to all of 2024. These attacks vector through compromised identities, improper security configurations, API vulnerabilities, lax security and permissions governance.

Steps You Can Take

To ensure your security footprint protects your business appropriately:

  • Conduct IT and Security Assessments that benchmark your security posture.
  • Prioritize your risks based on the nature and size of your business, industry standards and expectations, and regulatory requirements.
  • Level our Security CPR® model and managed services to plan, prioritize, and implement appropriate security and business resilience solutions that:
    • Address your prioritized risks as your budget allows
    • Protect from the most common and the most damaging/costly types of attacks.

We Will Help

Plan Now; Act Soon. Our Cloud Advisors are here to assist. We will:

  • Review your current systems and services and prioritize your risks. 
  • Help you prioritize, plan, and budget for security changes and improvements that may be necessary or preferred
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

The 3 Most Common Cloud Admin Oversights

/in

Cloud AdminIf you use Google Workspace or Microsoft 365, managing your services requires time and effort. Failing to do so can lead to wasted money and security risks. Here are the three most common cloud admin oversights we encounter.

1 – Data and Account Retention Policies

Every business has some degree of employee turnover. Whether you are hiring replacements, reducing staff, or growing, having data and account retention policies will guide how you handle user accounts and data when an employee leaves. Without such policies, we tend to keep accounts active “in case we need some of their files or emails,” long after the need has passed. 

Data and account retention policies can be both effective and simple. Here are some key elements for simple data and account retention policies: 

  • Determine how long you need to keep an employee’s data accessible for legal or regulatory reasons. The length will depend on your business and the user’s job function.

Outside of legal and regulatory requirements, think about:

  • When should you transfer emails, files, or other content to another person.
  • How long to keep an account active in the system.
  • How long to keep an archive or the user’s account in the system.
  • How long to keep a copy of the user’s data in your backup/recovery system.
  • If you choose to export the data, how long to keep the export.
  • When to delete the account after it becomes inactive, allowing you to reuse the license.

Since archive and backup/recovery solutions allow you to restore data to a different user, they offer a more cost-effective option than keeping an account active and licensed. They also help meet your legal retention requirements without the expense of an active user license.

2 – License Management

Sometimes we overlook simple actions that can save us time and money. Both Microsoft and Google allow you to add users at any time during your annual contract term. These additions become part of your contracted commitment, which you cannot reduce until renewal.

Too often, when a new employee or contractor joins the team, we immediately add a license and set them up to work. By not checking for available licenses or user accounts that can be deleted, we miss opportunities to reuse existing licenses. Consequently, we end up paying more without any added benefit.

If you have data and account retention policies, you can safely determine if and when to remove a former employee’s account. This allows you to reuse licenses and avoid incremental costs.

While the process may take a few minutes, it is simple and effective in saving money. We have seen businesses with seasonal employee turnover accumulate 25% to 50% more licenses than they actually need.

3 – On-Boarding / Off-Boarding

Small and midsize businesses may not see the need for formal on/off-boarding processes. However, not having them in place can lead to wasted time and potential security risks. Simple, efficient checklists can save you time, effort, and money

On-Boarding

The key to efficient on-boarding is knowing which applications, tools, and data the new employee should be able to access and use.

Create a simple checklist of applications, tools, and file shares. When on-boarding a new employee, determine what access is needed and check off each item as it is provided. This ensures new staff members only gain access to the resources they need.

Creating standard checklists for specific departments and jobs ensures consistent access and permissions across teams.

As a best practice, create security groups for departments and/or job functions to which you assign permissions are access rights. When on-boarding, adding new employees to the appropriate groups streamlines the process and saves time.

Off-Boarding

One of the most common mistakes made during employee departures is leaving accounts active with continued access to systems and data. This poses a security risk and can create confusion for remaining staff.

Having data and account retention policies helps ensure that past employee accounts, also known as “ghost accounts,” are removed from your systems. Creating off-boarding checklists helps ensure that application and data access gets transferred, as appropriate, to other users. Using security groups further simplifies the off-boarding process.

Your Next Step

With time-saving best practice, cloud admin services, Cumulus Global co-manages and remotely administers your IT services to save you time and money, improve productivity, enhance security, and protect your business.

Contact us about our Managed Cloud Services or schedule a no-obligation meeting with a Cloud Advisor today.

Contact us or schedule a no-obligation meeting with a Cloud Advisor today.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

US Cybersecurity Policy Shift Increases Risk of Successful Cyber Attacks

/in ,

Data Protection & SecurityThe current United States administration continues to issue and execute dramatic changes in US policies and programs. For businesses, tariffs and their potential impact on the economy and various business sectors gets most of the media attention. Getting less attention, US Cybersecurity Policy changes will have an immediate and potentially devastating impact on many businesses and individuals.  

Multiple reputable news and information sources are reporting that on March 2nd, the current administration ordered the Cybersecurity and Infrastructure Security Agency (CISA) to cease tracking and reporting on Russian threats. This is a tectonic shift in policy as Russia is generally understood to be the largest nation-state sponsor of cyber attacks. This change in focus for CISA will dramatically reduce the availability, reliability, and timeliness of cybersecurity threat intelligence. 

Here is what you need to know, what to expect, and what to do.

What to Know

Here are three things to know about cyber threats, CISA, and nation-state cyber attacks.

1Threat Intelligence

Threat intelligence is the invisible backbone of your cybersecurity protections. As the name implies, threat intelligence is the collection of sharing of information about cybersecurity risks, threats, methods, actors, sources, and sponsors. It also encompasses knowledge of how to prevent, block, and stop attacks; fix hardware and software to close exploits.

Every legitimate cybersecurity product or service relies on threat intelligence to build, maintain, and improve their product or service. Larger and better-funded cybersecurity companies conduct their own research and share their findings.

2CISA: Cybersecurity & Infrastructure Security Agency

CISA is the US federal government agency responsible for collecting, evaluating, and sharing threat intelligence across government and private sectors. The agency also partners with core infrastructure companies, such as Internet Service Providers, to actively prevent, block, and respond to potential and active cyber attacks.

3Nation-State Cyber Attacks

Industry experts estimate that over 40% of cyber attacks originate from, or are sponsored by, hostile nation-states. The Microsoft Digital Defense Report Report 2024 notes that in 2024, 58% of nation-state attacks originated in Russia. These attacks account for up to 25% of all cyber attacks globally.

What to Expect

Expect more cyber attacks and greater challenged to your cyber security profile.

1More Cyber Attacks

Expect an increase in cyber attacks and, more importantly, successful cyber attacks.

With CISA no longer tracking Russian-sourced cyber attacks, expect Russia, Russian-sponsored, and Russian organized crime to increase the frequency, intensity, and scope of the cyber attacks. Knowing that CISA is no longer watching signals a huge opportunity to attack US government entities, businesses, and non-profits with fear of early detection or responsiveness.

2More Successful Attacks

Without fast and accurate threat intelligence, cybersecurity systems and services will take longer to identify threats and attacks.Their response to zero-day (new, immediate) and other cyberattacks will take longer.

Unprotected and under-protected systems will be more vulnerable to successful attacks as the frequency and scope of cyber attacks increase.

3More Challenging Recovery

In addition to sharing information to help block and stop cyber attacks, CISA shares information on how to repair and recover. Without this information, obtaining decrypt keys and other help to undo the damage will be more difficult and will take more time.

What to Do

Use our Security CPR® model to guide your next steps:

Communicate and Educate:

Inform your team to expect an increase in cyber attacks and ask for additional vigilance. Have security awareness training in place to reinforce the message and to occasionally test if your team can recognize phishing and other email-based cyber attacks.

Protect and Prevent:

More than 80% of cyber attacks originate, directly or indirectly, by email. Make sure you have next-generation email threat protection services in place. Beyond header validation and basic sandboxing, your solution now should analyze character sets and fonts, images, QR codes, graymail, and email delivery patterns.

Microsoft estimates that more than 90% of cyber attacks on small and midsize businesses can be stopped with multi-factor authentication (MFA). If you do not have MFA in place for critical systems (preferably ALL systems), do so now.

Restore and Recover:

As the risk of successful attacks increases, ensure that you have the ability to restore damaged and lost data and systems. Verify that you can recover – return to operations – quickly, even as you continue to restore systems and data.  Continuity solutions for critical systems and software will save you time and money.

Your Next Steps

Assess your immediate needs and take appropriate action. Our Cloud Advisors can help you assess your cybersecurity needs and priorities, and can offer budget-friendly, effective solutions.

Contact us or schedule a no-obligation meeting with a Cloud Advisor today.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Debunking Cyber Insurance Myths

/in ,

Cyber Insurance Risk Assessment

Your business faces an ever-increasing array of cyber threats. Beyond protections, cyber insurance is an essential component of a robust risk management strategy. Therefore, understanding cyber insurance realities is necessary for you to make sound security and business decisions. In this post, we focus on debunking common cyber insurance myths.

1MYTH: Cyber Insurance Policies Offer the Same Level of Protection

In reality, policies vary significantly with respect to coverages and services. Opting for bundled policies generally results in coverage gaps, as most general liability policies treat cyber coverage as an add-on.These gaps leave your businesses vulnerable to liabilities and losses.

Standalone cyber insurance policies, provided by financially strong carriers, offer comprehensive protection tailored to the specific needs of your business. They address unique risks associated with cyber threats given your industry, business size, and other risk factors. Standalone policies also often include coverage of forensics, temporary resources, and other recovery needs. Dedicated coverage helps you respond more effectively to a cyber incident.

2MYTH: Your IT Security Measures Dictate Your Premiums.

While robust security practices can positively impact premiums, broader industry trends and company-specific factors play a more significant role in determining pricing.

Industry-wide loss ratios have a substantial impact on insurance costs. Peer group averages impact premiums as well. Insurers assess the risk profile of businesses within sectors. As insurers issue more policies and analyze claims, insurers refine actuarial, incorporating additional factors and risks.

3MYTH: Cyber Insurance Policies do Not Pay Out

Many businesses hesitate to buy standalone cyber insurance policies out of fear that their policy will not pay out in the event of a claim. Reputable cyber insurers with strong financials rarely deny claims with a valid cause..

Inaccurate, or fraudulent, applications are the most frequent reasons for claim denials or reductions. 

Your application must accurately reflect your cyber insurance risk profile. The information you provide on your cyber insurance application should reflect a thorough review process. Cybersecurity tools offer verification of your security profile.

4MYTH: Cyber Insurance is All You Need

Many businesses, including yours, may need additional layers of protection for specific cyber risks. These additional coverages may not be available within a traditional cyberinsurance policy.

Cyber warranties offer additional layers of protection by covering these specific elements of cyber risk. Combining cyber warranties with cyber insurance creates a more comprehensive safety net. This approach bolsters your overall security strategy and ensures appropriate coverage.

5MYTH: Robust Cybersecurity Measures Eliminate the Need for Cyber Insurance

Investing in strong cybersecurity defenses provides crucial protection for your business. No security profile or system, however, will stop every cyber attack, data breach, or data loss incident. Cyber threats continually evolve. Even the most secure systems fall victim to sophisticated attacks.

Cyber insurance serves as your financial safety net. Beyond covering direct financial losses, better policies help you recover from incidents that slip through the cracks of your security measures. These resources include forensics, data recovery, customer relations, legal expenses, and more. Cyber insurance protects you financially if and when a cyber attack gets past your defenses.

6MYTH: Obtaining Cyber Insurance is Complicated and Time-Consuming

The thought of obtaining cyber insurance deters many businesses from seeking the coverage they need. Horror stories of complex applications, surveys, and audits create anxiety and fear of the process. 

Unfortunately, this myth can come true. Businesses that apply through general insurance agents and fail to leverage knowledgeable IT resources often run into issues during the underwriting process.

Cumulus Global partners with cyber insurance specialists that offer streamlined application processes and non-committal quotes. Our partners work with more than two dozen carriers, ensuring you have options to choose the policies that meet your business needs and budget. Non-biased policy reviews help you understand your coverages and make informed decisions.

Related Information

Cyber Security Requirements for Cyber Insurance (eBook)

5 Questions for Lower SMB Cyber Insurance Premiums (Coffee & Clouds)

Security CPR® (Cloud Burst)

Security CPR® Managed Security Services (Service Overview)

Your Next Step 

Avoid falling prey to cyber insurance myths. Contact us and let us introduce you to our cyber insurance partners.

We can provide you with a Cyber Insurance Risk Assessment and help you assess your cybersecurity profile.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Email Cybersecurity Risks: 3 Things to Know

/in ,

Email Cybersecurity Risks

As we have shared in the past, cyber attacks constantly change and evolve. We face new attack vectors, or methods, and old methods reappear. Email remains the most common starting place for cyber attacks. These attacks may be direct, or they may be the first step of a larger attack.

Over the last few months, we have seen an increase in new and reappearing email-based cyber attacks. Here are three types of attacks that you may be unaware of, but should protect against.

1 Email Burst Attack.

As the name implies, an Email Burst Attack begins when the attackers send a burst of legitimate-looking, identical emails. To the victim, the attack appears to be a technical issue, as they may receive anywhere from 10 to more than 100 emails within 20 to 90 seconds. The attack continues with a phone call or email impersonating an IT employee or a vendor. The victim is asked to “reset” a password or download software to “fix the problem,” giving the attackers access to credentials and/or the computer.

Email Burst Attacks are difficult to detect and can result in significant breaches and loss.

2 An Old-School Cyber Attack Returns

An email-based cyber attack that uses Google Groups is back after several years in the shadows.  In this attack, the cyber attacker creates a Google Group, directly adds members, and sends emails to the group members. These emails range from basic spam to sophisticated phishing attacks.

The emails look legitimate because the email is from the Google Groups service, a trusted sender. As such, a Google Group attack is difficult to identify and defend against.

3 Visual Risks On The Rise 

Email-based cyber attacks often use images and “calls to actions” that appear to be from a trusted source or brand. 

Attackers will use images of, or from, legitimate websites to mimic the look and feel of stores, banks, and other trusted businesses. To detect these attacks, you need to compare the image and branding with the email header and meta data. This type of scanning is beyond the ability of most email threat protection services.

QR Codes pose a similar risk. In order to validate that a QR Code is safe, you need to scan the image and test the underlying URL. Because QR Codes are not a “link click”, most email scanners cannot validate they are safe.

Protecting Yourself

The newest generation of email threat protection services include the abilities to detect and mitigate these attacks. These services include:

  • Detecting and blocking email burst attacks
  • Letting administrators and users manage graymail, so that Google Group and similar attacks can be identified and blocked
  • Scanning emails using AI-empowered computer vision to verify branding and safely test QR codes.

Cumulus Global offers email threat protection services with these capabilities within our Managed Cloud Services and as a stand-alone service offering.  

Your Next Step

Get more information and assess your email threat protection services, or schedule a no-obligation meeting with one of our Cloud Advisors.

About the Author

Chris CaldwellChristopher Caldwell is the COO and a co-founder of Cumulus Global.  Chris is a successful Information Services executive with 40 years experience in information services operations, application development, management, and leadership. As COO, Chris overseas our Service Team, providing expert consulting, cloud migration, education, and support services.

Business Email Compromise: The Second Costliest Crime

/in ,

Originally Posted December 9, 2024.  Updated to add a link to a related article published by the Washington Post.

Cyberattacks, specifically Business Email Compromise attacks are back in the national news. This feature story on CNN.com covers the risk, nature, and impact of Business Email Compromise attacks on a national level.

Back in March of 2022, we blogged about Real Estate Cyber Security and the rapid increase in Business Email Compromise (BEC) attacks. We followed up in April of 2022, with a post Business Email Compromise – The Costliest Type of Cybercrime. The post explained how BEC attacks work and how you can prevent them.

Related Update: The latest housing scam: Using AI to impersonate your agent or lender, Washington Post, December 14, 2024.

Are YOU safe from Business Email Compromise Attacks?

A $2.9 Billion Problem

With 2023 adjusted losses exceeding $2.9 Billion, the FBI’s 2023 Internet Crime Report identifies BEC attacks as the second-costliest type of crime. In a recent survey by CertifID, more than half of the 650 homebuyers and sellers were not fully aware of these types of fraud risks.

While the victims in the CNN article believe the compromise was from the title company, these breaches often initiate with the real estate agent or brokerage. The fragmented system of real estate franchisors, franchises, brokers/groups, and agents, gaps in cybersecurity awareness and protections are common. Real estate is a rich target for these BEC attacks. Large dollar amount transactions and low security-vigilance among agents, buyers, and sellers attracts cyber attacks.

Your Business Email Compromise Risk

The scope of BEC attacks spans businesses of all sizes.  Your small business is a target because you are less likely to have adequate cybersecurity protections in place.  As a small business, you are also less likely to have procedural checks and balances in place. Your chance of identifying and thwarting a BEC attack is lower.

Business Email Compromise attacks may target payments you make, or those your customers make to you. In either case, a successful BEC can destroy your reputation, expose you to litigation and liability, and cost you tens of thousands of dollars.

Your Next Step

Your best next step is to evaluate how well you are protected from BEC attacks.  Use Referral Code 24RSA50 to request savings of at least 50% off our Rapid Security Assessment*. You can also schedule a brief, free call with one of our Cloud Advisors to discuss your cybersecurity risk and protections.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

* Discount RSA offer requests must be received prior to 3:00 PM EST on Dec. 31, 2024.

What is Pen Testing and Why You Should Care

/in ,

Penetration TestingCyber threats are evolving at an alarming rate, posing significant risks to your business. Penetration testing, commonly referred to as “pen testing,” is becoming a vital, proactive tool for assessing your risks.

Pen testing simulates a cyber attack on a computer system aimed at identifying vulnerabilities and testing the security of IT systems. Pen testing goes beyond electronic systems; it encompasses the entire IT ecosystem, including human elements and physical security. 

As cyber threats diversify, pen testing has become an important cybersecurity practice and an emerging requirement for cyber insurance.

Types of Pen Testing

Pen testing falls into various categories, each targeting different aspects of your business’s IT infrastructure:

  • External Testing:
    Evaluates vulnerabilities in the systems that are visible from the outside, such as web applications, servers, and network devices. It simulates attacks attempting to breach your network from the Internet.
  • Internal Testing:
    Examines what could happen if an attacker gains access to the internal network. It highlights potential damage and data exposure risks from within your organization.
  • Targeted Testing:
    A collaborative effort between your IT team and the testers, providing real-time insights into the attacker’s perspective and your response.
  • Blind Testing:
    Testers receive limited information about the target, mirroring the knowledge an actual attacker might have. This helps assess your organization’s security posture from an outsider’s perspective.
  • Double-Blind Testing:
    An advanced form of blind testing where neither the testers nor the IT staff are aware of the test. It evaluates the effectiveness of the security monitoring and incident response processes.

Benefits of Pen Testing for Businesses

Investing in pen testing offers businesses several compelling advantages:

  • Identifying Vulnerabilities:
    Pen tests expose weaknesses in systems, applications, and networks, allowing you to address them before they are exploited.
  • Prioritizing Risks:
    Not all vulnerabilities carry the same weight. Pen tests help you prioritize risks based on their potential impact and likelihood, guiding you on where to focus your efforts and resources.
  • Enhancing Security Measures:
    Insights from pen tests can guide the implementation of stronger security controls, such as multi-factor authentication, data encryption, and improved access management.
  • Boosting Cyber Insurance Prospects:
    Many insurers require regular pen testing as part of their coverage criteria. Demonstrating proactive security measures can lead to better terms and premiums.
  • Regulatory Compliance:
    For industries with stringent regulatory requirements, pen testing can help you assess compliance with standards like HIPAA, PCI-DSS, and GDPR. It can also help you benchmark against cybersecurity frameworks, such as CIS, NIST, and CMMC.

Getting Started

The best way to get started with pen testing is to perform a basic, preliminary scan of your environment. Referred to as a “Level 1” test, this snapshot provides a baseline assessment. From this assessment, you can determine what, if any, mitigation efforts are needed to improve your security, meet compliance requirements, and/or secure cyber insurance.

Your Next Step

Cumulus Global offers a free Level 1 Pen Test to qualifying organizations. Click Here to Request your test and to access related resources.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

library

Decision Tree: Windows 10 End of Life

/in

eBook | Source: Cumulus Global — Windows 10 End of Life is October 14, 2025. Proactive planning and action are not just recommended, they are critical for your business continuity and security. This eBook provides a decision tree and walks you through your Windows 10 upgrade options.

Read more

Cybersecurity Essentials for Smaller Businesses

/in ,

eBook | Source: Cumulus Global — Cybercriminals target small businesses because we tend to have fewer resources and less robust cybersecurity practices. This eBook provides a strategy, model, & roadmap of affordable, effective cybersecurity essentials for sole practitioners, solopreneurs, & very small businesses.

Read more

Google Workspace: A Guide for Using AI at Work

/in ,

eBook | Source: Google — With Google Workspace, powerful AI is included – not bolted on. Gemini AI is the AI that makes everyday work easier. This eBook provides an app by app overview of ways to use AI in Google Workspace

Read more

Verizon 2024 Data Breach Investigations Report

/in

Whitepaper | Source: Verizon — The Verizon 2024 Data Breach Investigations Report, the 17th annual edition, highlights evolving threat scenarios world-wide. From year to year, we see new and innovative attacks as well as variations on tried and-true attacks. The past year has been a busy one for cybercrime.

Read more

Microsoft Digital Defense Report 2024

/in ,

Whitepaper | Source: Microsoft — In the last year, the cyber threat landscape continued to become more dangerous and complex. Improved defenses will not be enough. However, improved defense will not be enough. The data, insights, and events in this report represent July 2023 through June 2024 (Microsoft fiscal year 2024), unless otherwise noted.

Read more

Google Workspace Security Feature Matrix

/in ,

eBook | Source: Cumulus Global — This eBook provides a summary of the security features across Google Workspace subscriptions. Using the included matrices, you can select the subscription that best meets your needs and compare the detailed capabilities of security features against third party options.

Read more

Pen Test Primer: Security for Small Businesses

/in ,

eBook | Source: Cumulus Global — This eBook presents an introduction to Penetration Testing and discusses how small and midsize businesses can use Pen Testing effectively and affordably as part of a robust cybersecurity program.

Read more

2023 OpenText Cybersecurity Email Threat Report

/in ,

eBook | Source: OpenText Security — Attackers persistently adapted their email-based techniques throughout 2022, introducing more nuances into their methods. This eBook shares current information about Phishing, Business Email Compromise, Cryptocurrency Scams; and the Top Malware Threats. The report provides examples of attacks as a learning tool for understanding attacks, how to prevent them, and how to respond.

Read more