800-214-0957 info@blackbottleit.com

Ask the Experts

Inspired by our Clients & the Time of Year. October is Cybersecurity Awareness Month!

FAQ

Ask Any Cybersecurity Related Question!

Just email our Tag-Team Michael Valentine and Matt Kerr at AskTheExperts@BlackBottle.io.

 

Each time you revisit this page… you should see the Q&A growing to answer your questions.  No question is a dumb question, so ask away!

Michael Valentine
Matt Kerr

Michael Valentine Responses:

Matt Kerr Responses:

How often should our team study Cybersecurity Awareness Training?

Cybersecurity Awareness Training is an important part to both protecting your business and  your staff. We here at Black Bottle IT perform awareness training and phishing campaigns every month. The reason you want to do both on a monthly basis is because it gets your users use to identifying phishing emails with the phishing campaign. Awareness training keeps your users engaged and keeping your staff educated on different ways malicious actors try and compromise them to steal their data or company data. People often dislike Cyber Awareness training, but that training can help you both in the workplace and outside of the workplace. So I think it is a valuable tool that can be used to help protect you and your business

Why should we implement a table-top cyber incident exercise?

Black Bottle IT actually worked with a payroll company on a tabletop exercise.  Knowing who to call first when a breach happens is extremely important.

Preparedness: It helps organizations prepare for potential cyber incidents. Teams can identify weaknesses in their incident response plans, procedures, and personnel skills by simulating various scenarios. This preparation is essential because cyberattacks can happen at any time.

Risk Mitigation: Conducting tabletop exercises allows organizations to identify and mitigate risks proactively. They can identify vulnerabilities and weaknesses in their systems and processes and take steps to address them before a real incident occurs. 

Our business has antivirus software, why isn't that enough?

No surpise, Black Bottle IT receives this question quite often.  

Antivirus software is an essential component of cybersecurity, but it’s not a comprehensive solution on its own. While antivirus programs are designed to detect and remove known viruses, malware, and some types of threats, they have limitations:

  1. Limited to Known Threats: Antivirus software primarily relies on signature-based detection, meaning it can only recognize and protect against threats for which it has known signatures. It might not detect new or unknown forms of malware or sophisticated attacks that haven’t been previously identified.

  2. Doesn’t Cover All Threat Vectors: Cyber threats are diverse and can come through various channels—emails, websites, removable media, network connections, and more. Antivirus software might not cover all these entry points, leaving gaps for attackers to exploit.

  3. Inability to Protect Against Advanced Threats: Advanced persistent threats, zero-day exploits, or targeted attacks often bypass traditional antivirus software. Sophisticated malware can be designed to evade detection by such software.

Are vulnerability scans really required?

Vulnerability scans are not always required, but they are highly recommended in any industry your business is in.

Risk Management – Vulnerability scans help identify and prioritize security weaknesses and potential threats, allowing organizations to see what’s vulnerable.

Best Practices – It is great for any industry to get alerts on devices that need to be updated before a malicious actor can exploit known vulnerabilities.

Regulatory Requirements – In some industries, regulatory authorities require organizations to conduct regular vulnerability assessments or scans. For example, the Payment Card Industry Data Security Standard (PCI DSS) mandates vulnerability assessments for organizations handling credit card data.

Compliance Standards – Many compliance standards and frameworks, such as HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), and NIST (National Institute of Standards and Technology) guidelines, recommend or require regular vulnerability assessments as part of a comprehensive security program.

What are the latest trends in cybersecurity?

Black Bottle IT sees trends such as AI-driven security, IoT security, and increased focus on supply chain security on the horizon in 2024.

AI-driven attacks – Refer to the use of artificial intelligence and machine learning technologies by malicious actors to conduct or enhance cyberattacks.

Automated Phishing Attacks, AI-generated Fakes -videos or audio recordings that impersonate individuals to deceive and manipulate targets, AI password cracking, AI Botnets

All this is possible from the EvilBot ChatGPT

Overall, technological advancements will necessitate a corresponding increase in security measures to protect against evolving cyber threats. These areas—AI-driven security, IoT security, and supply chain security—are expected to remain at the forefront of cybersecurity strategies in 2024 and the years to come.

Why isn't Traditional AV not good enough anymore?

Black Bottle IT describes it this way, there is so so, and then there is great!  Is your business great at what it does? 

Traditional AV — So, so

  • Can only detect previously known threats
  •  Minimal to no data collection
  • Minimal to no added features or benefits

 

 Endpoint Detection & Response (EDR)

  • Can detect previously known and UNKNOWN threats due to behavioral-based monitoring 
  • Complex and detailed endpoint data collection
  • Added features and benefits including application monitoring, threat-hunting capabilities, and advanced reporting

Office

7000 Stonewood Drive, Suite 222
Wexford, PA 15090

Hours

M-F: 8:30 am – 5 pm
Breach Hotline 24×7

Call Us

800-214-0957 (main)

800-214-0957 x700 (breach hotline)