Posted: Tuesday, August 9, 2022

Pen-testing & Vulnerability Scanning: What’s the difference?

Pen-testing & Vulnerability Scanning: What’s the difference?

By : Sentia

https://www.sentia.ca/IT-Solutions/Cyber-SecurityPenetration testing and vulnerability scanning are vital for enhancing an organization’s cybersecurity postures. However, most businesses are confused about differentiating the two services. For example, a vulnerability scanning process looks for existing security weaknesses and vulnerabilities, such as unpatched systems, lacking authentication schemes, misconfigurations, and weak password security, and reports them as potential exposures. On the other hand, a penetration test looks to exploit identified security weaknesses in the organization’s systems and IT network architectures to determine the extent to which an attacker would compromise your assets. Also, a vulnerability scan often utilizes automated software programs and tools, whereas a penetration test is a manual process carried out by a security expert.

Read more »

Number of views (90)

Posted: Thursday, July 28, 2022

Security Awareness Training

Security Awareness Training

What is it and Why is it Important?

By : Sentia

Cybersecurity is a top priority for all organizations today. Still, the rapidly changing security landscape introduces unique challenges that require users and cybersecurity professionals to stay informed and adopt best practices. Security awareness training educates employees, third-party partners, contractors, and other relevant stakeholders concerning the current cyber threats, cybersecurity responsibilities, procedures, and policies. It is a critical program that helps inform the necessary threat prevention measures and assists in complying with industry-standard data privacy and security regulations.

Unfortunately, according to Proofpoint’s 2022 State of the Phish Report, only 25% of companies train their employees for two or more hours annually. Yet, a Verizon Data Breach Investigations Report shows that eight out of ten, approximately 82%, data breaches are due to exploitable human vulnerabilities. In addition, untrained and unaware employees account for the largest number of social engineering attacks, stolen credentials incidents, and phishing scams.

Read more »

Number of views (96)

Posted: Tuesday, June 21, 2022

The State of Global Supply Chain and Cybersecurity

The State of Global Supply Chain and Cybersecurity

Addressing the Growing Challenge of Increased Cyber Threats within Global Supply Chain

By : Sentia

Cybersecurity threats have increased twice in the global supply chain, impacting consumers and enterprises. Supply chain attacks have evolved tremendously in recent years, reaching new levels of frequency and sophistication. Nation-state attackers and cybercrime groups target supply chains to carry out extensive espionage and large-scale extortion cyberattacks. According to Gartner, 45% of companies will likely experience software supply chain attacks by 2025, three times more than in 2020. Therefore, it is critical to understand the top supply chain cybersecurity threats and how you can mitigate them.

Read more »

Number of views (210)

Posted: Monday, June 13, 2022

Mental Health in Motion 2022

Mental Health in Motion 2022

Ride, Walk and Run for Mental Health Awareness

On Sunday June 12, Sentia sponsored and participated in the 2022 Mental Health in Motion Ride, Walk and Run event hosted by the Canadian Mental Health Association of York and Simcoe.

After a long two-year hiatus, we were delighted to be back in-person with other like-minded individuals all in support for a worthy cause. The rain had threatened to put a ‘damper’ on the event (pun intended), but it fortunately held off for the entire duration of the ride, walk and run.

Read more »

Number of views (215)

Posted: Tuesday, May 31, 2022

Creative Solutions to Address the Cybersecurity Skills Shortage

Creative Solutions to Address the Cybersecurity Skills Shortage

By : Sentia

The cyber risk landscape continues to evolve at an alarming rate. Cyber adversaries are leveraging new technologies to innovate powerful malware variants and new hacking techniques. On the other hand, a pervasive cybersecurity talent shortage hampers organizations’ efforts to secure their critical infrastructure and data from attacks. However, companies can mitigate the chronic shortage of knowledgeable cybersecurity professionals by prioritizing talent, expertise, and experience over the traditional hiring practices, including those that require minimum educational qualifications.

Read more »

Number of views (406)

Posted: Monday, May 16, 2022

E-commerce and Cybersecurity: What Online Merchants Should Know

E-commerce and Cybersecurity: What Online Merchants Should Know

Best Practices to Secure Your E-Commerce Business

By : Sentia

E-commerce platforms and sites are hot targets for attacks and breaches since cybercriminals consider them as treasure troves of financial, personal, and business data. Regardless of the business size, a breach of an e-commerce platform can cause huge financial losses by destroying customer trust, lawsuits, and stolen data. eCommerce businesses are mindful of the security issues facing them and have increased spending on security measures. A 2020 VMWare Carbon Black Cybersecurity Outlook Report revealed that 77% of companies included in the study have invested in new security measures, whereas 69% have hired more security personnel.

Read more »

Number of views (412)

Posted: Thursday, May 5, 2022

Understanding Multifactor Authentication (MFA)

Understanding Multifactor Authentication (MFA)

How It Works and Why Companies Should Consider Adapting It

By : Sentia

"For every lock, there is someone trying to pick it, or break it." - David Bernstein

One of the biggest problems with traditional user ID and password login is the need to maintain a password database. Whether encrypted or not, if the database is captured it provides an attacker with a source to verify their guesses at speeds limited only by their hardware resources. Given enough time, a captured password database will fall.

As processing speeds of CPUs increase, brute force attacks have become a real threat. GPGPU cracking can produce more than 500,000,000 passwords per second even on lower end gaming hardware. Depending on the software, it can take as little as 160 seconds to crack a 14-character alphanumeric password. A password database alone does not stand a chance against such methods when it is a real target of interest.

Read more »

Number of views (2458)

Posted: Tuesday, April 26, 2022

What Do Cyber Threats Mean for the Financial Sector

What Do Cyber Threats Mean for the Financial Sector

And How Can You Protect Yourself?

By : Sentia

The financial industries of most countries worldwide use emerging innovative technologies to cut down operational costs, enhance customer services, and automate work. For example, organizations in the Canadian financial sector heavily depend on Fintech, the Internet of Things, quantum computing, the cloud, and artificial intelligence, among others, to enable electronic financial transactions and data transfer between payment systems, institutions, vendors, and clients.

However, while these interconnections promise increased efficiency and faster communications, they have become attractive targets in today’s highly sophisticated and rapidly evolving cyber threat landscape. For example, a cyberattack that compromises only one financial organization can potentially spread to external partners, which may ultimately disrupt critical international and national financial systems.

Unsurprisingly, motivations like financial gains from transaction values that amount to billions of dollars daily have seen the financial industry face frequent and complex cyberattacks. For instance, Canada’s population has embraced online banking transactions more and more, with 76% of Canadians preferring mobile devices and online banking for all transactions.

Read more »

Number of views (659)

Posted: Wednesday, April 13, 2022

Addressing Cyber Risks in Real Estate

Addressing Cyber Risks in Real Estate

How to be prepared and stay ahead of any impending threats.

By : Sentia

In the past, the real estate industry has been known to be slow in embracing technology. However, this situation is changing. The PwC report on Emerging Trends in Real Estate 2021 found that the COVID-19 pandemic forced the real estate sector to embrace various technology solutions, including virtual open houses, digital payments, collaboration tools, and property technology to enhance business continuity. Likewise, the Emerging Trends in Real Estate 2022 reports that Canadian real estate companies can successfully navigate forces of change through accelerated digitization that plays a significant role in both delivering efficiencies and creating the experiences and services the customers want. The latest report points out construction technology, increased data analytics, and digitizing operations as the key area of focus for the real estate sector in 2022.

Read more »

Number of views (619)

Posted: Tuesday, April 5, 2022

Why the Retail Industry Requires Enhanced Cybersecurity Protection

Why the Retail Industry Requires Enhanced Cybersecurity Protection

While Cybersecurity is a Cross-industry Need, Learn Why the Retail Sector Needs Special Attention

By : Sentia

Cybercrime has increased exponentially worldwide, mostly due to significant events that lead to a rapidly changing threat landscape. Most nations have seen increased cyber threats across sectors due to significant incidents ranging from the COVID-19 pandemic to the Russia-Ukraine conflict, with the retail industry bearing the brunt of the attacks. In Canada, for instance, at least three out of ten companies have reported a spike in attacks, and 80% of businesses fell victim to phishing attacks. Also, 25% of Canadian organizations have reported data breaches that target sensitive employee and customer data.

In addition, Canadian organizations in the retail industry have suffered numerous attacks in the recent past. For example, JBS, one of the largest global, suffered a devastating ransomware attack in 2021 that saw it shut down operations in Canada, the US, and Australia, resulting in a loss of more than $11 million. Also, an unauthorized party compromised the user credentials of the Canada Revenue Agency, resulting in more than 800,000 taxpayers being unable to access their accounts. Whether you look at cybersecurity in Montreal, Toronto, or any other Canadian city, the statistics show that cybercrime is getting worse, and the retail industry suffers innumerable damage.

Read more »

Number of views (733)

CategoryID: