• CYBER SECURITY
    FOR THE 21ST CENTURY

    Many organizations have security policies, IDS or encryption’s in place. However, they are still being compromised and are not focused on the most effective practices. This is where Milli Micro Systems comes in. Rely on us to stop major breaches of security and even the most elementary of mistakes.

ABOUT MILLI MICRO SYSTEMS

OFFERING VITAL SECURITY
TRAINING FOR A
DANGEROUS WORLD

The Military uses independent training programs,
can you afford not to?

Our customers have included the US Army, US Navy,
US Air Force, National Guard, Department of Interior,
Department of Veterans Affairs, Metropilitan
Water District, County of Los Angeles, State of
California, Chicos FAS, and many more.

CYBER NEWS FEED
  • What the infosec jobs sector will look like in 2017 December 22,2016

    What the infosec jobs sector will look like in 2017

    (Insider...

  • BrandPost: How to develop mature DevOps practices March 13,2017

    Every company must act like a software company these days. That's why DevOps is so critical to your success: DevOps methodologies help you get better software to your users, and build tighter feedback loops for more effective learning.If you’ve already undergone a DevOps transformation,...

  • Simple Steps for Internet Safety October 11,2016

    Steps you can take to minimize the risks associated with doing business online, surfing the Internet, and sharing information on social media...

  • Hot products at Black Hat 2016 August 3,2016

    Hot products at Black Hat 2016

    Demisto Free EditionKey features:  The free edition of Demisto’s  ChatOps platform automates and streamlines security operations and incident management processes. It includes the ability to create playbooks that can be shared to collaborate among organizations to combat cybercrime and imported...

  • Yahoo investigating if insiders knew of hack November 10,2016

    Yahoo investigating if insiders knew of hack

    Yahoo said investigators were looking into the possibility that some people within the company knew at the time about the late 2014 theft of information of at least 500 million user accounts. Law enforcement authorities on Monday also “began sharing certain data that they indicated was...

  • Mobile security: iOS vs. Android vs. BlackBerry vs. Windows Phone March 19,2015

    Mobile security: iOS vs. Android vs. BlackBerry vs. Windows Phone

    Apple's iPhone and iPad long ago pushed out the BlackBerry as the corporate standard for mobile devices, in all but the highest-security environments. Google -- whose Android platform reigns outside the corporate world -- is now trying to push out Apple, with a new effort called Android for Work....

  • 43% off OxyLED Mini Stick-on 6-LED Wireless Motion Sensing Night Light – Deal Alert June 20,2017

    43% off OxyLED Mini Stick-on 6-LED Wireless Motion Sensing Night Light - Deal Alert

    This tiny motion-sensing strip contains 6 bright LEDs, and sticks anywhere. Just the trick for illuminating an entryway door-lock, a kitchen cabinet, drawers, closet or the glove box in your car. Simply turns on when somebody is there, and turns off when no motion is sensed. And the part that...

  • 30% off Lexar Professional USB 3.0 Dual-Slot Reader – Deal Alert June 19,2017

    While the high-speed Professional USB 3.0 Dual-Slot Reader supports the latest high-speed CF and SD formats, it’s also backwards compatible with standard CF and SD cards, as well as USB 2.0. The Lexar Professional USB 3.0 Dual-Slot Reader has the ability to read from both card slots...

  • Security leaders that help startups get traction reap the rewards February 1,2017

    Security startups aimed at solving enterprise problems face a tall hurdle: the first few clients. Done right, the initial traction builds momentum that leads to continued success.A lot of compelling security startups struggle to get traction.Similar to investors looking for strong returns by...

  • Do no harm: an oath for health IT developers August 1,2016

    Do no harm: an oath for health IT developers

    As health professionals, nurses, doctors, and even pharmacists are held to a high standard of making sure everything they do is above board. They can lose license for failing to comply with ethical guidelines. Even though software engineers in health IT have a far greater reaching impact on...

  • CISOs, it’s time to bury the hatchet with your CIO October 19,2016

    CISOs, it’s time to bury the hatchet with your CIO

    Historically, the head of security (CISO) reporting into the head of IT (CIO) has made a lot of sense. Both departments are – at their core – technical disciplines, and as such there is a need for the two to be in regular contact. They need to overlap on network infrastructure, information...

  • Contract obligations, third parties, and cyber insurance June 5,2017

    Contract obligations, third parties, and cyber insurance

    Do you rely on third parties in your organization? Are you a third party to others? And have you signed agreements with these parties?To read this article in full or to leave a comment, please click here(Insider...

  • Evernote CEO: ‘We let our users down’ with privacy policy change December 16,2016

    Evernote CEO: 'We let our users down' with privacy policy change

    Evernote CEO Chris O'Neill has had a long couple of days. The company he runs recently ignited a firestorm among its users when it announced a privacy policy change that would have required users to open up all their notes for analysis in order to take advantage of forthcoming machine learning...

  • Cisco starts patching firewall devices against NSA-linked exploit August 25,2016

    Cisco starts patching firewall devices against NSA-linked exploit

    Cisco Systems has started releasing security patches for a critical flaw in Adaptive Security Appliance (ASA) firewalls targeted by an exploit linked to the U.S. National Security Agency.The exploit, dubbed ExtraBacon, is one of the tools used by a group that the security industry calls the...

  • Why awareness needs to teach scam detection and reaction March 2,2017

    Why awareness needs to teach scam detection and reaction

    Everyone makes mistakes, but do they know it or know what to do next? When I realized I did something “stupid”, the important question was, “What do I do next?” I figured it out. Can your users? Over the past month, there were countless news stories highlighting a new scam where...

  • 57% off Anker LED Water-Resistant Rechargeable 1300 Lumen Flashlight – Deal Alert February 13,2017

    57% off Anker LED Water-Resistant Rechargeable 1300 Lumen Flashlight - Deal Alert

    The high-performance Cree LED XM-L2 chip delivers 50,000 hours of intense brightness at a true 1300 lumens. Sweep bright light beyond the length of two football fields. The Anker Bolder torch has a full range of light modes for every situation: a powerful high-beam, balanced medium-beam,...

  • IDG Contributor Network: Mining the Minecraft generation May 23,2017

    IDG Contributor Network: Mining the Minecraft generation

    With a predicted global shortage of 2 million cyber security professionals by 2019, it’s now more crucial than ever to start thinking outside the box in recruiting efforts. It's quite possible that going outside the box means looking a little bit more closely into the Generation Zs, the Xbox...

  • IDG Contributor Network: How to address civil unrest April 6,2017

    IDG Contributor Network: How to address civil unrest

    As the state of public discourse around political ideology remains a flashpoint for demonstrations and dissent, differentiating between peaceful protest and a violent public disturbance is vital. Operational and security management within organizations should view current events as a catalyst...

  • Switch from Yahoo Mail to Gmail, and turn your phone into a physical key December 20,2016

    Switch from Yahoo Mail to Gmail, and turn your phone into a physical key

    What's a Yahoo Mail user to do now? Skedaddle.The secure thing to do, and the recommendation here is simple: Ditch your Yahoo Mail account and sign up for a Gmail account with two-step verification.Here's how:Delete your Yahoo! Mail account First order of business is copying or forwarding your...

  • AAA security among 5 enterprise technologies that will shake things up in 2017 December 19,2016

    AAA security among 5 enterprise technologies that will shake things up in 2017

    You think you have your hands full as an IT pro now? Just wait until blockchain, IoT, augmented and virtual reality, and these other technologies really start to take hold in 2017. Thinkstock The Internet of Things – for real Yes, yes, we know – it’s one of those long-standing tech...

GET THE LATEST CYBER SECURITY NEWS & UPDATES
WHAT TO KNOW

IMPORTANCE

Why Is Cyber Security Important?
The increasing number and sophistication of cyber threats (targeting phishing scams, data theft, and other online vulnerabilities) require us to remain vigilant securing our systems and information.

The average computer does not have proper security controls in place. New attack methods are found every day. There were 183 million accounts compromised in Q3 of 2014 [1]. The number of phishing sites leaped by 10.7 percent over the fourth quarter of 2013[2]. These are just a few examples, and they highlight the importance of cyber security for protecting data and systems.

With BYOD becoming ubiquitous in the workplace, the “trend in cyber security is that IT leaders are losing control of their technology. It’s a trend that obliterates how security has traditionally worked and it can’t be stopped.”[3] Refusing to adapt is more expensive than investing in a new approach.

MMS has that new approach. We know Cyber Security should never be an afterthought, but instead integrated into every new project from the start. Our 5-step program is designed to deal with 95% of security problems right off the bat.

But wait, why aren’t all computer systems secure?
Partly due to hard technical problems, but also due to cost/benefits issues, Security costs and Security usually only pays off when there’s trouble. Typically, it’s the users’ perception that there is no real threat to themselves and they trust everyone, “Here is my password, I trust you’re not going to do anything bad, I don’t have any secrets.” and when that information gets out the user is now compromised. The user is not taking into account how their infected computer can hurt others.

This isn’t just an end user issue either, many key decision makers, as well as the employees in organizations, have this attitude. That is why we have added the 5th step to our program: Training. With the proper training stakeholders and employees can understand the importance of cyber security as a business process, not just something for the I.T. department. The I.T. department exists in an advisory and support capacity but cannot solve all problems by itself. It is in user’s and organization’s best interest to obtain the right knowledge to protect themselves from cyber threats. Our training in cyber security will ensure users will be aware of all important threats and how to be a smart user.

Cyber Security is an important Business issue, but like everything else unless you get buy-in across the board, Cyber Security policies and procedures will be ignored.

  1. http://www.safenet-inc.com/news/2014/q3-data-breaches-compromise-183-million-customer-accounts/
  2. http://docs.apwg.org/reports/apwg_trends_report_q1_2014.pdf
  3. John Pescatore, director of emerging security trends at the SANS Institute

LEADING THREATS

There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber-security incident – whether because of improper cyber security controls, manmade or natural disasters, or malicious users wreaking havoc-include the following:

Interruption Threats:Denial-of-service refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency’s website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day or even an hour?

Malicious Code Attacks:Malware, worms, and Trojan horses: These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malware without the user’s knowledge or intervention. This is known as a “drive-by download.” Other methods will require the users to click on a link or button.

Botnets and zombies: A botnet, short for robot network, is an aggregation of compromised computers that are connected to a central “controller.” The compromised computers are often referred to as “bots” or “zombies”.These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience, with less technical knowledge required to launch successful attacks. Botnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.

“Scareware” – fake security software warnings: This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to “protect” their system.

Social Network Attacks: Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users’ inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone’s page, which could bring users to a malicious website.

Top 5 Social Networking Attacks

  1. Fake offering
    These offers invite users to use a free gift card or discount coupon; to receive these offers the user must share personal information with the scammer.
  2. Fake Plug-in Scams
    These trick the user into downloading a fake extension or web browser. The infected extension or browser will begin to steal password data and other sensitive information.
  3. Like-jacking
    The fake “Like” button on websites to get users to click on the button; once the user clicks on the “Like” button an installation begins with malware and other malicious code.
  4. Fake-Apps
    Typically, the app is legitimate, but it’s bundled with malware then released again by the attacked and once the user installs or uses the app the malware is released on their machine to wreak havoc.
  5. Manual Sharing
    User is sharing the infected offering that will intrigue other users without knowing what was shared was malicious.

For more information visit: http://msisac.cisecurity.org/

SECURITY VS SAFETY

Safety: Protection from negligence, accidental damage and hurt.

Security: Protection from malign intent.

The difference is People cause security events. This distinction is critical to understanding the role security must play in your organization. Security is therefore a “people problem.” Security programs are only effective when they control the people who have access to those assets.

There are many laws and regulations surrounding safety, but very little time and energy is based on security.

Security is often seen as a checkbox or a list of compliance requirement by an agency. It is often an afterthought and a poorly executed one at that. Frequently the focus is to just make it work and worry about security later. This is of course detrimental to the organization.

  1. http://www.rmasecurity.com/2014/07/the-difference-between-safety-and-security/


REQUEST MORE INFO.

Complete the request form below to learn more about Our Cyber Security Options.

captcha