Search
  • Synagex Modern IT

Quarterly Security Scoop #1

Updated: May 22



Get the scoop on all things security from your IT team at Synagex.


For many years we have delivered rich content to our clients in many forms - social media, webinars, podcasts, etc. We will begin delivering valuable cybersecurity content to your inbox. Each quarter we will share cybersecurity insights from our team. This may include anything from current cybersecurity related events happening globally, down to tips and tricks that you can utilize to protect your data.


Today we will cover:

We remain committed to supporting your mission. If there is anything that we can do to further assist, please do not hesitate to contact me or a member of our team. Thank you for your continued business and your trust.

- Pete Morin, CISO


Staying Aware 👀

Have you ever heard of the term Mitre Attack (MITRE ATT&CK)?

It is commonly mistaken for a type of cyber security attack. MITRE ATT&CK is actually a knowledge base created for collecting tactics, techniques, and procedures utilized by threat actors during cyber-attacks. Earlier this year a team of cybersecurity professionals from ConnectWise utilized this data to identify the most common techniques utilized to compromise information systems. The top two methods utilized by threat actors in 2021 were Phishing and valid accounts.


The two go hand-in-hand, account information is often acquired during a successful Phishing campaign. Either way, what is clear is that personnel is the first line of defense in protecting company data. Do not allow yourself or a member of your staff to be exploited, inadvertently giving away the keys to the system. Begin by implementing a security awareness training program within your organizations. Review these programs regularly, don’t set it, and forget it. Ensure that they continue to meet the needs of your organization.


🤔 Password Protocol

“Have you heard that Microsoft recently advised against password changes?”

Frequently changing passwords may lead to easily cracked passwords due to making minor modifications to passwords that have been utilized for decades. We are not suggesting to end the practice of regularly changing password. Many organizations are required to implement this practice to meet regulatory and compliance requirements. We are recommending that complex password policies are enforced and MFA (Multifactor Authentication) is implemented as an additional level of protection. If an account has been compromised by a threat actor, MFA may be the last level of defense capable of disrupting the attack.


Come One, Come All! 📣


Peter will be part of an expert panel discussing all things cybersecurity as a part of MassMEP’s Manufacturing Your Future i4.0 event at Polar Park in Worcester. Coming up soon on May 20th, it will be a fun day for Manufacturers across Massachusetts to network, learn and explore growth opportunities. Oh, and it’s FREE—Register today!

4 views0 comments