Email Security: Don’t let attackers in through the front door
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Your email is a critical business function that needs to be constantly available and secured. Securing your email systems involves looking at the configuration of your email server, your mail exchange (MX) records, and SMTP (Simple Mail Transfer Protocol) to identify any potential vulnerabilities or misconfigurations….
Attack Surface: Are all your systems’ access points secure?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Anything freely available on the internet and open to users can be a point of attack for a malicious actor. To prevent unauthorized access to your network and systems, it’s crucial to understand the vulnerabilities of your network. The term “attack surface” refers to the total…
Fraud Control and Prevention: Proactive Measures
The Association of Certified Fraud Examiners (ACFE) publishes a bi-annual, Report to the Nations (the Report) providing detailed statistics and key findings related to fraudulent activity by industry throughout the world. The 11th study of occupational fraud, the publication serves as one of the best sources of fraud-related data and information the globe over. GRF’s…
Fraud Control and Prevention: Mastering the Basics
Keeping it simple provides more protection than you might expect The Basics of Fraud Control and Prevention A common misconception about fraud control and prevention is that it is expensive and time-consuming to develop and implement. This could not be more wrong. Some of the strongest fraud controls are inherent in the policies, procedures, and…
Information Disclosure: Are you up to date on privacy laws?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Securing the privacy of your organization’s employee and customer data is critical for maintaining the trust of members and donors – and is increasingly becoming a legal requirement. What is information disclosure? Information disclosure occurs when an application reveals sensitive information about its users. Depending on…
Social Network: Knowing the Narrative Surrounding your Organization
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Social media has allowed organizations to connect with customers around the world, but the wide reach of your social network also presents opportunities for hackers and bad actors to launch attacks or damage your organization’s reputation. Properly understanding and managing your social media presence allows you…
Hacktivist Shares: Are you being targeted?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Hackers and malicious attackers will often publicize their targets in various forums or on the dark web, so they can gather support and intelligence for taking down a website or finding vulnerabilities within an organization. Hacktivists are hackers who are politically and/or socially motivated. Their targets…
Identity and Access Management (IAM): Who is accessing your data?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Simply put, Identity and Access Management (IAM) is the discipline of allowing the right individuals to have access to the right resources at the right times for the right reasons. As hackers have gotten more sophisticated, organizations must take steps to ensure that users attempting to…
Know your site’s SSL/TLS Strength: Is your encryption up to date?
GRF Cybersecurity Risk Assessment and Scorecard Blog Series Most organizations have secured their data with encryption, but security protocols are evolving rapidly in response to sophisticated cyberattacks. Ensuring your organization has the latest SSL/TLS protocols enabled is necessary to help establish trust, ensure data privacy for your users, and to prevent data breaches. Risks…
GRF Cybersecurity Risk Assessment and Scorecard Blog Series
Remote work has exposed existing cybersecurity vulnerabilities and created new ones. How is your organization responding? The GRF Cybersecurity Risk Assessment and Scorecard provides a baseline diagnostic to help you analyze your organization’s risk and develop an appropriate compliance strategy. You may be surprised to discover you already have the right tools – you just…