Blog
← Back to Blog
November 25, 2019 general

Thanksgiving 2019: Celebrating Security Wins (and Dreading 2020)

Thanksgiving security gratitude Gratitude and thanksgiving celebration

It's Thanksgiving 2019, and as has become our tradition, we're taking stock of the year. What worked. What didn't. What keeps us up at night.

What We're Thankful For

CCPA Is Coming

California's Consumer Privacy Act takes effect January 1, 2020. It's the strongest US privacy law and will influence legislation nationwide. Data privacy regulation is no longer a European thing. It's an American thing.

Security Awareness Is Mainstream

Ransomware attacks on Baltimore, Riviera Beach, and 22 Texas municipalities put cybersecurity on front pages nationwide. The awareness gap that plagued us in 2016 has closed significantly.

Better Tools, Lower Costs

Enterprise-grade security tools are more accessible than ever. Endpoint detection and response, cloud backup, email filtering, and security awareness training platforms are available at price points that work for small practices.

What Keeps Us Up at Night

Windows 7

January 14, 2020 is 50 days away. Windows 7 end of life. We've written about this three times. And we know, with absolute certainty, that some practices reading this will still be running Windows 7 on January 15th. When the inevitable exploit hits, they'll wish they'd listened.

MSP Attacks

Ransomware attacks through managed service providers are the supply chain threat we warned about. One compromised MSP can take down hundreds of businesses. The trust model for IT outsourcing needs to evolve.

Ransomware Evolution

Ransomware gangs are now exfiltrating data before encrypting it. If you don't pay, they publish your data. For healthcare practices, this means a ransomware attack is automatically a data breach with notification obligations, even if you have good backups.

The Thanksgiving To-Do List

Before the holiday weekend ends:

  1. Check if any of your machines are still running Windows 7. If yes, schedule the upgrade for December. No excuses.
  2. Test your backups. (We say this every Thanksgiving because it matters every Thanksgiving.)
  3. Verify 2FA is enabled on all email accounts.
  4. Review your cyber insurance policy. Does it cover the current threat landscape?

Happy Thanksgiving. Eat well, rest well, and please, for the love of all that is good, upgrade your Windows 7 machines.