June News:

• • • • On The Calendar
      • Why Do I Need A Security Assessment?
      • Types of Security Assessments
      • Cybersecurity SPOTlight: Device Hygiene – Tools & Tips for a Healthy Cyber Life
      • Vistage Executive News: The Wrong Way To Hire
      • Did You Know…?  Security Assessments

To pencil in July 9th – The Fort Worth Chamber of Commerce will be hosting its “Impact Your Business” luncheon from 11:30 a.m. to 1:00 p.m. and Fulcrum Group’s Steve Meek will be presenting on Cybersecurity for Small Business Owners.  As we close in on July, we’ll share the details on our Events page.

Monday, July 29th, we will be at Grow Successfully 2019, an educational event for business owners that adds Frisco RoughRiders baseball entertainment afterwards. If you’re a business owner and have an interest in attending, please reach out to your Fulcrum Group account manager to find out more!

We’ll let you know about any additional upcoming special events through our social media pages, which we’ll update on our Events page as they occur. Quick links to our social media pages are accessible right from our website and in every monthly newsletter email you receive from us.

If you’re new to our newsletter and you’d like to subscribe, let us know.

Wondering why your business – or any others – might need a cybersecurity assessment?  Here are the 3 most common reasons for any organization to do a cybersecurity assessment:

1. Many times, it is required  by some type of regulation – DFS, HIPAA, 201 CMR 17, PCI, DFARS, GLBA, SOX, etc.
2. The next most common reason would be when a 3rd party service (bank, service provider, etc.) a business works with requires them to perform an assessment before allowing access to their information or systems.
3. And of course, some organizations recognize it’s good business practice to have a 3^rd party audit your IT systems.  Just as you use your CPA to audit the work of your internal accounting team, having a cybersecurity assessment of your IT environment can find and remediate potential risk areas.

Where do your organization fall in this snapshot?  Not sure where you should start?  Reach out to Fulcrum Group to find out more.

Types of Cybersecurity Assessments 

Most organizations should consider having regular cybersecurity assessments completed.  It’s not that much different than having a CPA firm audit your financials.  Businesses have 3^rd parties check their various critical processes to ensure that they are being done properly and effectively.  Below is a list of the common types of cybersecurity assessments.

• Cybersecurity Risk Assessment – A Cybersecurity Risk assessment is always the best way to start getting an understanding of how your company’s security posture holds up. These assessments can be geared toward any specific regulation that you might need to be compliant with such as HIPAA, DFARS, PCI, etc. All of these are following the NIST guidelines. We recommend that a Risk Assessment is done once a year, or whenever there is a significant change in your IT or business environment.
• External Penetration Test – One of the most common cybersecurity assessments for organizations of all sizes is an external penetration test, typically targeting internet-facing websites and services.  If your organization hosts any public-facing websites or services, then this is something that should be done on at least an annual basis.
• Vulnerability Assessment – Vulnerability Assessments are usually completed from inside your network, and can provide a punch list of vulnerabilities to resolve.  These assessments are especially valuable to organizations with compliance or 3^rd party requirements needs.
• Compliance Audit – These are usually industry and compliance standards-focused audits, and may be conducted by regulatory agencies.  You may want to complete any of the above assessments prior to your audit so you’ll be prepared.

Remember, you don’t have an unlimited budget, so be sure to complete the Cybersecurity Risk Assessment first, to determine where your biggest risks are, and that will help you focus your cybersecurity budget to get the biggest bang for the buck.

Cybersecurity SPOTlight: Device Hygiene – Tools & Tips For A Healthy Cyber Life

As with cars, buildings and our own selves, good device management involves proper attention, preventative maintenance and smart use.

We’ve gathered up a few valuable ‘device hygiene’ tips for you from this month’s Security Awareness Newsletter for great info on the following topics: 

1. Some great apps & tools for a healthy cyber life
2. A helpful smartphone security checklist
3. What is Privileged Access & How To Mouse-over on your mobile device to help boost security

Don’t miss this month’s issue and feel free to share with a colleague!