Security Consulting (Advisory)

Key Conversations from the 2018 FS-ISAC Annual Summit

Key Conversations from the 2018 FS-ISAC Annual Summit

Herjavec Group recently attended the 2018 FS-ISAC Annual Summit in Boca Raton, Florida, which brought together regulated financial services firms, relevant public sector entities, and country-level banking associations for keynotes and interactive sessions around the cybersecurity challenges facing the greater financial services community. Financial institutions are consistently challenged to keep up with new and emerging technology, while managing the risk... Read More
May 30, 2018
Threat Advisory: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

Threat Advisory: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government: a remote access tool... Read More
May 29, 2018
Threat Advisory: Office 365 Zero-Day Used in Real-World Phishing Campaigns

Threat Advisory: Office 365 Zero-Day Used in Real-World Phishing Campaigns

Security researchers have revealed that a zero-day vulnerability found in the SafeLinks feature of Microsoft Office 365 may allow hackers to send malicious emails that bypass security systems on Office 365 accounts. SafeLinks is included in the Office 365 software as as part of Microsoft's Advanced Threat Protection (APT) solution, originally designed to protect users from malware and phishing attacks,... Read More
May 9, 2018
Is Your Business Vulnerable to Password Spraying?

Is Your Business Vulnerable to Password Spraying?

Password security has always been one of the most important aspects of ensuring good cyber hygiene for enterprises. However, passwords - regardless of length or complexity, are not sufficient as a security measure on their own.  Multi-factor authentication should always be utilized.   The US-CERT recently released a threat alert regarding the increase in brute force attacks using a technique... Read More
April 16, 2018
Forbes: Cyber ‘Shark’, Robert Herjavec, Advocates Maintaining ‘Cyber-Hygiene’ For Businesses (Part 1)

Forbes: Cyber ‘Shark’, Robert Herjavec, Advocates Maintaining ‘Cyber-Hygiene’ For Businesses (Part 1)

I had the opportunity to interview Robert Herjavec in an exclusive, two-part series, on what his thoughts were on the current state of the cybersecurity industry today. Part 1 of this interview talks about the state of the cybersecurity industry. Andrew Rossow: If you had to describe the current state of the cyber-security industry today, how would you describe it? Robert... Read More
March 1, 2018
Are You Properly Testing Your Cyber Security Systems?

Are You Properly Testing Your Cyber Security Systems?

Nathan Sherlock is VP Managed Services Client Advocacy for Herjavec Group who will be moderating a track at the April CIO Peer Forum in Vancouver. He has worked within the Managed Services field for over 10 years and is passionate about SIEM and security monitoring. Nathan holds various certifications including CISSP, CEH, GCIH, GSLC, and always strives to advance his security knowledge while... Read More
February 21, 2018
Security Consulting Customer Success Story with A&W Canada

Security Consulting Customer Success Story with A&W Canada

With over 850 locations nation-wide, A&W is the second-largest fast food chain in Canada. The firm has two sets of customers - the franchisees that own and operate individual restaurant stores and the restaurant guests.  Since a majority of the restaurant guests use debit and credit cards to pay (over 50% don’t use cash), the point-of-sale (POS) system is a... Read More
February 20, 2018
Security Consulting Success Story with Mogo Financial

Security Consulting Success Story with Mogo Financial

Mogo is a leading financial technology (“fintech”) company that helps consumers take control of their financial health. As a result, Mogo is committed to designing and maintaining corporate governance standards for cybersecurity. In order to ensure that they were adhering to the strict industry standards for cybersecurity, Mogo engaged Herjavec Group to perform a series of security consulting services, including... Read More
January 25, 2018
10 Tips For Building Your Cyber Resilience

10 Tips For Building Your Cyber Resilience

We live in a time of constant cyber threat, and one thing remains certain: cyber criminals are not slowing down. Organizations that can return to regular business operations quickly following a cyber attack will have a significant advantage over those that are unprepared. Unfortunately, according to the 2016 Ponemon Institute study, only 32% of IT and security professionals believed their... Read More
January 18, 2018