Tag: CISA

  • As Biden is set to leave office in a matter of days, he released an executive order aimed at bolstering US cyber defense

    As Biden is set to leave office in a matter of days, he released an executive order aimed at bolstering US cyber defense

    In what is truly the 11th hour (inauguration day for President Trump is January 20th, 3 days from now at the time of writing), the Biden administration announced an executive order that looks to strengthen US cyber defenses against outside influence, particularly from Russia and China.

    Described as a “sweeping” move, the executive order covers topics from cyber threat vulnerabilities to guidance on consumer electronics and even outer space.

    The order gives enhanced authority to CISA (Cybersecurity and Infrastructure Security Agency) to hunt for threats on federal networks, likely a response to the recent news that President Trumps communication with Vice President JD Vance may have been compromised by Chinese hackers.

    The order also covers additional protections for Federal agencies, including implementing end-to-end encryption for all video and email communication and stating  that by 2027 any internet connected devices purchased for federal use must have a “cyber trust mark” indicating they meet current cyber standards. Internet connected devices have a wide range of criteria in 2025, everything from home security systems to our appliances has an internet connected option in our modern world.

    The order also covers requiring enhanced cybersecurity measures for our space systems, likely in response to Russia targeting Ukraine’s satellite systems in the ongoing invasion.

    The order even takes aim at Microsoft specifically, citing a host of errors that allowed Chinese attackers to breach their networks in 2023 which had downstream consequences for our federal government (senior US officials email accounts were allegedly breached in the aftermath of the attack).

    Trump’s team has not yet responded to the new executive order so it’s unclear how much follow through will be had on it once he regains office next week, however the Biden team is optimistic on its longevity as bolstering US cyber defense was also a goal during the initial Trump administration (CISA was created in 2018 under Trump’s first term).

    As our government looks to shore up their cybersecurity practices in 2025, what are you doing to ensure your business is protected from ongoing threats?

    Cyberthreats are not limited to large scale attacks on larger businesses, small businesses are often seen as “easy targets” and can also be swept up in the aftermath of an attack aimed at someone else.

    Implementing strong cybersecurity measures, such as secure passwords, regular software updates, employee training, and robust data encryption, not only protects the business but also builds trust with customers. It is clear, in 2025 cybersecurity is no longer a topic that can be pushed off until a later time. The threats are here now and the time to act is before your business is compromised, because afterward it might be too late.

    Valley Techlogic includes cybersecurity protection as a core offering in all of our customized service plans. Learn more today with a free consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • October is Cybersecurity Awareness Month, now in its 18th year

    October is Cybersecurity Awareness Month, now in its 18th year

    We’re announcing this a bit late, but we did want to touch on this annual event (now in its 18th year). Every year CISA (Cybersecurity and Infrastructure Security Agency) releases new resources that are free to download and share for Cybersecurity Awareness Month. The theme this year is “See Yourself in Cyber” and we appreciate the effort to help everyone understand that cybersecurity measures are up to all of us to maintain.

    So many cybersecurity measures feel very passive, you’re protected by your anti-virus or firewall automatically. Your IT team helps you navigate any issues that make come up. For businesses, advanced cybersecurity threat protection can detect a threat just from activities that fall outside the norm (like your computer being online at three in the morning) and send you a warning.

    Unfortunately, hackers are always trying to circumvent these automatic measures no matter how advanced they become. The human element is still the biggest cybersecurity threat to your network and business. That’s why acknowledging we all have a role to play in preventing cyber threats is so important.

    CISA recommends four important steps we all need to take online:

    1. Think Before You Click: Before you click on that link in an email or download an attachment, do a little research. Is the sender who you expect it to be? Phishing emails are still the #1-way users are hacked.
    2. Update Your Software: This is good common-sense advice; most patches also include important security updates and it doesn’t take very long to install them (and for Windows devices you can even have them run automatically).
    3. Use Strong Passwords: This is another easy one and if you use one of our password manager recommendations, it’s even easier to create stronger passwords that you don’t have to manually remember.
    4. Enable Multi-Factor Authentication: This is CISA’s fourth tip for this year and lucky for you we have a guide for this too.

    These tips may seem simple, but they will be hugely beneficial to preventing a cyber threat for you, your business or your employees. However, you can take it a step further and engage with cyber security training.

    You may be wondering what that would look like, well you’re in luck. We have a sample training session right here for you to review with your employees:

    This is just a quick sample lesson; through our partner we have bite sized lessons that include video that you and your team can take to beef up your cybersecurity knowledge. They average 2-3 minutes long with a quick quiz at the end to make sure the knowledge was absorbed, and you can even see your employees average scores to see how everyone is doing.

    If you incentivize taking this training it will not only be a team building opportunity, it will also help your business stay safe from cyber security threats. If you’d like to learn more about cybersecurity training or stepping up your cybersecurity measures in your business (including the aforementioned advanced cyber threat detection) reach out today for a consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Hackers and the holidays, US government warns ransomware doesn’t take days off

    Hackers and the holidays, US government warns ransomware doesn’t take days off

    As you prepare to take some time off to enjoy with your families (especially if a certain health crisis kept the festivities to a minimum in 2020) it’s important to take some steps to make sure your business is still protected in your absence.

    The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory yesterday to businesses and consumers alike, warning that hackers often take advantages of holidays and other times people may let their guard down to wreak more havoc.

    The advisory included a warning of a possible increase on the following cyber threat events:

    1. Phishing attacks: That email from your Aunt Beth seeing if you’re going to bring the green bean casserole with a “Google Form” to check it off may not be what it seems to be.
    2. Fraudulent site spoofing: Especially for sites that may be seeing increased traffic due to holiday shopping (Black Friday anyone?).
    3. Unencrypted financial transactions: An easy way to check, is to look for the S in HTTPS, don’t enter your financial data into unencrypted websites.

    Beyond attacks aimed at individuals, attacks aimed at businesses also tend to rise during the holidays and on weekends.

    Such was the case for the attack on Kaseya, which occurred over Fourth of July weekend in 2021, and the Colonial Pipeline hack happened during Mother’s Day weekend the same year. Hackers realize there is less coverage on the weekend and during Holidays and they have taken advantage of it to great success.

    It’s not just large businesses that are a target either, many wannabe hackers have day jobs too and more time on their hands during the holidays to target businesses that could be local to them. That includes yours.

    So, here’s a list of things to check off before you leave the office this week to enjoy some well deserved time off.

    Holiday Crisis Checklist
    Click to view the full size version.

    As you can see, our number one recommendation is knowing who is going to cover your business if a cyber event does happen while everyone is home for the holidays. If you try to think of who that person is and you either come up empty or maybe it’s you, that’s a problem.

    Another problem is if your normal IT coverage is on a one time or break fix solution basis. The service you normally use could either be too swamped themselves to help you during the holidays, or maybe they’re taking time off too and are simply unavailable to help you.

    This is where having a contract with a technology service provider could really save the day during a crisis. When you have a contract with a business to provide your technology services, they’re bound by the service level agreement (SLA) you sign at the start of service. They will be better equipped to help your business if there’s a crisis – even during the holidays.

    If you’re in the Fresno, Modesto, Sacramento or anywhere else in the Central Valley and aren’t really sure who you would turn to if a technology crisis occurred during the holidays, Valley Techlogic is here for you. Learn more today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • October is National CyberSecurity Awareness Month, Our Checklist Will Get You Started

    October is National CyberSecurity Awareness Month, Our Checklist Will Get You Started

    Every October the CyberSecurity & Infrastructure Security Agency (CISA) releases a list of resources and tips for National CyberSecurity Awareness Month – which is now in its 18th year.

    This year’s theme is “Do Your Part. #BeCyberSmart”. There has been an onslaught of news worthy ransomware attacks, DDoS attacks and data breaches (up 38% this year compared to last) in 2021 and there has never been a better time to address what the average person or business can do so they don’t end up as part of these statistics.

    We’ve created this checklist so you can see if you’re following the right path to keep your business safe from outside intruders.

    Click to download the online capable version.

    Cybersecurity requires ongoing maintenance to succeed. Following simple safety steps will help but it’s important not to disregard active threats to your business from the outside.

    Ongoing employee training is one way to combat those threats, cybersecurity training has evolved to include bite size doses of good advice for your employees that could make the difference between inadvertently falling for a phishing scam or attack attempt and reporting it to your IT team as they should. 95% of data breaches involve human error.

    It can also be important to have a team behind you making sure all of your company devices are maintained and updated, even if that outdated Windows 7 computer that sits in a corner is barely used it can still be a threat to your business. Older devices with outdated software can act as a gateway to allow bad actors into your business.

    More advanced maintenance such as enabling two-factor or multi-factor authentication on company accounts can be another important step to keeping threats out. If someone gets your password from another company’s data breach (which happens all the time) that phone pop up could prevent you from being hacked.

    Finally, having a comprehensive backup program for your businesses data is the final shield against cyber threats. We’re unique in that we offer not only active backups but archival backups as well. The archival backup is “Write once, Read many” which means you can look at the data as often as you like but it can’t be edited or deleted.

    A bad actor may find your unbacked up data, and they may gain access to your active backups, but that archival data is virtually bullet proof. For your important files, the ones that must not be deleted at any cost, having that backup there and ready if you need it is the peace of mind most of us would not want to be without (learn more about our backup program here).

    If this article has gotten you thinking about what you can do to improve your cybersecurity processes or even that you need to create a plan to get there, we’d love to help. Schedule a discovery call with us to learn more about how Valley Techlogic can help you be #CyberSmart.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, adns, n IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.