A wise man once said, “If you think it is expensive to hire a professional, wait until you hire an amateur.” If your business is dependent on the integrity of your computer network and the data you are storing, don’t take a chance with your cybersecurity policy.

Cybersecurity should only be handled by experts. We understand that especially for smaller companies, it may be difficult to allocate budgets toward cybersecurity, but the investment into protecting your company and your customers’ private information is well worth it. If a cyberattack were to happen on your company, the financial and reputation damage could be irreparable.

Hackers are experts, using sophisticated tactics and software to break through and access your data. Why would you hire an amateur to compete with an expert? Your best line of defense against hackers is putting a team of skilled and experienced professionals in place to manage your cyber risk.

ICC conducts a number of audits and tests, as well as put tactics in place, to significantly reduce the possibility of an attack, protect your data and most importantly – have the ability to restore it. At a minimum, a comprehensive cybersecurity strategy should include network security, e-mail security, security patches & updates, employee education, backups and quarterly cybersecurity reviews to boost your defenses against cybercriminals and lost or compromised data. If you are missing one piece of the pie, are exposing yourself to cyber-attacks and could be faced with significant business disruption and financial loss.

Technology can be challenging. We strive to simplify the complexity of IT. With decades of experience, ICC is here to help you protect what matters most to your company: your data, your employees, your livelihood.

Let us show you the ICC difference.

The answer is a resounding NO. We’ve heard about the big brand companies that have experienced serious cyberattacks. However, just because your company name may not be big enough to make a news headline does not mean you aren’t at risk. In fact, if you believe that, you are making your company prey for hackers. Small businesses may actually be more of an attractive target for a cyberattack than larger companies. Here are a few reasons why.

• Many small businesses think they’re insignificant to a hacker and so don’t put much importance on cyber security. Their network protection is vulnerable because it is not being properly managed.
• Hackers believe many small businesses don’t have the budget or IT staff to put proper cybersecurity in place.
• Many small business owners don’t acknowledge the worth of their database. For instance, if you are a nonprofit with big donors, that information is very valuable to a hacker.

Small businesses have a lot to lose. Think about what kind of information is stored in your system: customer lists, possibly including credit card information, passwords, vendor information and much more.

The idea that small businesses aren’t a target is mistaken. Identity theft, ransomware and phishing continue to be real dangers to small businesses. Cyber protection is a real investment into the safety of your business and customers. It’s important to put the proper defenses in place.

ICC conducts a number of audits and tests, as well as put tactics in place, to significantly reduce the possibility of an attack, protect your data and most importantly – have the ability to restore it. At a minimum, a comprehensive cybersecurity strategy should include network security, e-mail security, security patches & updates, employee education, backups and quarterly cybersecurity reviews to boost your defenses against cybercriminals and lost data. If you are missing one piece of the pie, you may be exposed to cyberattacks and could be faced with significant business disruption and financial loss.

To learn how to upgrade your small business cyber protection plan, give us a call at (970) 821-8592 for Colorado and (307) 316-5665 for Wyoming.

Count on Cyber Insurance from PFS!

Most companies rely on technology to run their operations. If your company collects data, then it is most likely a target for cyber criminals. Like anything else of great value, it’s important to protect your business and assets with insurance. Cyber insurance can help protect your company from the potential damaging effects from a cyber-attack, including, ransomware, phishing attempts, revenue loss, reputation damage, legal fees, damaged equipment and more.

ICC protects our business data with cyber insurance from John Hintzman at the PFS Insurance Group. John has been in the insurance industry for nearly 30 years, joining PFS in 2008. After getting to know his clients and learning how they operate their business, John is effective at providing innovative risk management solutions. He enjoys building lasting relationships with his clients and giving them the peace of mind that their business is protected. It has been a pleasure working with him!

John works out of the main office in Johnstown, however the PFS Insurance Group has offices in Greenwood Village, Sterling and Yuma.

To learn more about the PFS Insurance Group, visit https://mypfsinsurance.com/.

Living in a digital world in which a lot of business is conducted online can be really concerning. Think about it: bank deposits, financial information, photos, employee information, etc. Cybersecurity risks are real and have become a normal concern these days. Security breaches can result in just a minor inconvenience to devastating financial loss. Most business owners aren’t sure what they should be concerned about the most. Here are some of the top considerations when planning to protect your company’s data:

– Phishing Attacks: Although phishing attacks aren’t new, hackers are consistently finding new ways to tempt employees to unknowingly click on a fake link, video or download – compromising your security.

– Remote Worker Endpoint Security: With more and more employees working from home devices like laptops, smartphones and tablets are a risk. Employees working from home, or especially from public places like coffee shops, risk uploading business data to an unsecure network.

– Cloud Jacking: One of the newest concerns to surface as more businesses and individuals rely on cloud computing. Cloud jacking is when an account is taken over by a cybercriminal – it can be something like identity theft or just data theft.

– IoT Devices: IoT, which stands for Internet of Things, refers to any web-enabled device connected to an app. The more devices that are connected the more entry points a hacker has to get into a network.

– Ransomware Attacks: Under this type of attack, hackers do not return stolen data until a ransom is paid. Handling this situation is unpredictable as many ransomware attackers still don’t release data even after payment is made.

– Deepfakes: These are videos, links or emails often targeted to specific individuals or businesses that are made to look authentic to lure employees to click on them.

– Mobile Malware: Most businesses focus on their desktops but it’s important to also protect mobile devices. As more high-volume work is being done on mobile devices, mobile security should be made a priority.

Cybersecurity can be daunting because it can be difficult to stay on top of the newest threats and protection recommendations. ICC conducts a number of audits and tests, as well as put tactics in place, to significantly reduce the possibility of an attack, protect data and most importantly – have the ability to restore it. At a minimum, a comprehensive cybersecurity strategy should include network security, e-mail security, security patches & updates, employee education, backups and quarterly cybersecurity reviews to boost your defenses against cybercriminals and lost data. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption.

To get started please call ICC at 970-821-8592 or if you are in Laramie call 307-316-5665.

Most companies understand the importance of backing up data and have regular backup systems in place, but are you also checking backup systems to make sure they are working correctly?

Backup management requires, not only having a system in place, but continual monitoring to ensure your data is being backed up correctly. Many Managed Services Providers fail to properly monitor data backups. Monitoring backup can be tedious and it’s important that sufficient resources are allocated to monitoring. It’s also important that a documented process is in place for consistency.

Additionally, a periodic backup restore test should be completed as an ongoing effort to ensure you can actually restore your data quickly in the event of an attack or system failure. It’s worth the time and effort to go through the process to familiarize yourself (and department) with what needs to be done if the need arises. In your tests you’ll want to focus on two critical measurements RPO and RTO so everything can be properly restored to meet your expectations. If you’re not sure how to execute such a test, ICC can help. At ICC, our skilled technicians monitor the status of your backups 24×7 and can perform a restore test twice a year giving you peace of mind knowing everything is taken care of.

It is important to remember that periodic backup restore tests are just a small piece of the cybersecurity pie.  ICC conducts a number of audits and tests, as well as put tactics in place, to significantly reduce the possibility of an attack, protect your data and most importantly – have the ability to restore it. At a minimum, a comprehensive cybersecurity strategy should include network security, e-mail security, security patches & updates, employee education, backups and quarterly cybersecurity reviews to boost your defenses against cybercriminals and lost data. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption.

To get your backup system tested give ICC a call at 970-821-8592. Our strategies are designed to build good habits and protect your business by protecting your data.

Ransomware attacks have increased in sophistication, frequency and demands. In fact, the average ransomware demand in the first quarter of 2020 was $111,605, up 33% from the fourth quarter of 2019. As its name implies, ransomware is a type of malicious software that encrypts your files, and then threatens to either destroy or prevent you from getting access to your data unless some form of ransom is paid. It has even become common for penalties to occur when demands aren’t met. For instance, a number of files may be deleted for every hour a hacker’s demands aren’t met.

Should you pay a ransom if something like this were to happen to your company? Experts seem to agree the answer is no: there’s no guarantee that you’ll really get your data back. Statistically, you only have a 60% chance of recovering your data if you pay the ransom.

The best thing to do is to be proactive and not be put in this position in the first place. Some ways to build a defense:

* Make sure all employees are trained to identify suspicious links and emails;

* Backup your data using the 3-2-1 method. Create 3 copies of your data, 2 different types of storage media (external hard drive & cloud), 1 copy stored off-site.

* Keep operating systems and software up to date with the most current security patches to avoid any vulnerabilities in your system.

It is important to remember that ransomware protection is just a small piece of the cybersecurity pie.

ICC puts a number of cybersecurity tactics in place to minimize exposure and significantly reduce the possibility of an attack. At a minimum, a comprehensive cybersecurity strategy should include email security, network security, monitored backups, test restoring, employee education and Quarterly Cybersecurity Reviews. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption and financial loss.

If you don’t have the right continuity plan in place, your business could be forced to close overnight. Call ICC today to find out how to lower your risk at (970) 821-8592. ICC will work to give you the best defense strategy against a ransomware attack.

When it comes to business insurance, most managers think about health insurance, liability insurance, property insurance, but many small businesses don’t think about cyber insurance. If they do, they may not believe their company is big enough to be at risk of a cyber-attack and waive the coverage. The reality is – small companies are often targets of attacks because their network security is less sophisticated than larger companies. A cyber-attack can be very expensive and may have lasting impacts to your operations, reputation, staff and customers.

In today’s digital world, cyber insurance should be part of any company’s list of necessities to help protect its company and client data. Your customers trust that you are keeping their personal information secure. Cyber insurance generally covers your company’s liability for a data breach involving sensitive customer information, such as Social Security numbers, credit card numbers, account numbers, driver’s license numbers and health records. Insurance companies are becoming more stringent regarding the requirements needed to provide cybersecurity coverage. As cyber-attacks continue to increase, traditional cybersecurity strategies may not be enough to protect your business against an attack. If you are not meeting their outlined requirements, they may deny an insurance claims after a cyber-attack!

When considering cyber insurance, make sure to examine all your needs and discuss the requirements in detail with your agent. Different types of coverage include customer and employee data loss, business interruption and extortion, and payment fraud among others. Cost will depend heavily on your industry, company size and type of coverage.

It is important to remember that cyber insurance is just one small piece of the cybersecurity pie. ICC puts a number of cybersecurity tactics in place to minimize exposure and significantly reduce the possibility of an attack. At a minimum, a comprehensive cybersecurity strategy should include email security, network security, monitored backups, test restoring, employee education and Quarterly Cybersecurity Reviews. If you are missing even one piece of the pie, you may be exposed to cyberattacks and could be faced with significant business disruption.

Did you know that 92.4% of all malware is delivered via email? Cyber criminals have become incredibly good at “phishing.” Phishing is the act of sending emails disguised to be from familiar companies or people you may know with the goal to get recipients to reveal personal or financial information. Phishing emails are incredibly deceiving. They can use personal messages and sometimes make the recipient feel even scared if they don’t open the email. SPAM/Phishing filters help prevent many of these attacks, but your team members are your biggest line of defense. Training team members on phishing awareness and security can help significantly reduce your company’s risk of cyberattacks.

In-depth training is necessary to properly condition team members to identify phishing emails. It is not enough to just talk about it, it’s important to go through the steps using simulated phishing scenarios. By participating in ICC’s fake phishing tests, you can see just how many of your team members need to be trained on how to recognize suspicious emails and report them BEFORE opening. This is critical in protecting your network because once they are opened it is too late, and the hackers are already in. The hypothetical phishing scenarios effectively build team members understanding on how to confidently detect and avoid phishing attacks under safe conditions. It is important to conduct frequent training to help team members retain the habit of spotting the “phishy” emails and to stay updated on new solutions. Making the investment to mitigate phishing threats will strengthen and protect your data in the long run.

It is important to remember that phishing training is just a piece of the cybersecurity pie.  ICC puts a number of cybersecurity training and tactics in place to significantly reduce the likelihood of an attack and protect your data. At a minimum, a comprehensive cybersecurity strategy should include email security, network security, backups, security updates, team member education, and Quarterly Cybersecurity Reviews to boost your defenses against cybercriminals. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption.

To learn more, check out our latest video about phishing tests.   https://www.youtube.com/watch?v=fzo8pt-zXTM

To begin team member “phishing training” give ICC a call at 970-821-8592. Our training is designed to increase awareness, build good habits and make engage everyone involved.

There’s a place on the Internet called the dark web, but there’s a good chance you’ve never heard of it. The dark web is a collection of websites on the Internet that is not visible to search engines or the general user. It can only be accessed using special software. Even if you never plan to visit the dark web, you need to be aware of its existence. The dark web is where cybercriminals go to buy and sell illegally obtained materials such as compromised passwords, identity information, payment information, and much more.  

Think of the Internet as having three layers. The top layer, which is what we know as the world wide web and where normal webpages reside.  This top layer only accounts for 4% of all Internet content.

The next layer is the “deep web.” This would pertain to web pages like healthcare records, payment information, and subscription services – web pages that would contain confidential consumer information and have strong security protocols to access.  

The deepest layer–and the one we’re focusing on here–is the dark web. The dark web hosts 6% of all Internet content. That is a scary number when you consider that the dark web serves as a clearinghouse for buying and selling stolen and illegal information.  It utilizes specific software and payment methods to ensure anonymity.  

If you’re just learning about the dark web, you may be feeling a bit defenseless against it. Luckily, there are ways to protect your business from the dark web. As part of its comprehensive cybersecurity plan, ICC monitors the dark web for your credentials.

It is important to remember that scanning the dark web is just a small piece of the cybersecurity pie.  ICC puts several cybersecurity tactics in place to significantly reduce the possibility of an attack and protect your data. At a minimum, a comprehensive cybersecurity strategy should include email security, network security, monitored backups, test restoring, employee education, and Quarterly Cybersecurity Reviews to boost your defenses against cybercriminals. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption.

If you’d like us to do a little digging into the dark web on your behalf and put a full defense plan in place, give ICC a call at (970) 821-8592. You can also check out our latest video about the dark web on YouTube (https://www.youtube.com/watch?v=831BBl6pfEU).

The number of data breaches is increasing at an alarming rate and can happen when you least expect them.  Your business’s backup strategy is a very important piece of the cybersecurity pie. If a data breach occurs, it is important to remember that time is of the essence. There are many factors to consider when designing your backup and disaster recovery plan.

Some business owners believe their data is being backed up, but that is not always the case. Many times, while onboarding a new client, we discover that their backups have not been working for weeks. If your I.T. provider is not monitoring your backups for completion and/or corruption, you may be exposed to cyber-attacks and could be faced with significant business disruption.

Additionally, when considering your backup needs ICC will review two main factors: RTO and RPO.

• RTO (Recovery Time Objective): This refers to the amount of time it will take to restore data.
• RPO (Recovery Point Objective): This refers to how much data is at risk if a total failure occurs, which is often related to how often the data is backed up.

If you’re unsure that your system is being properly backed up give ICC a call at (970) 821-8592. ICC will work to give you the best defense strategy against a data breach.