• Skip to primary navigation
  • Skip to content

SMB ISAO

Small to Medium-size Business Information Sharing and Analysis

833-SMB-SAFE
Become A Member
  • Home
  • About Us
  • Partners
  • Resources
    • Why Should We Share?
    • Frequently Asked Questions
    • Become A Partner
    • News & Events
    • Blog
  • Contact Us

Archives for January 17, 2018

From Bad to Worse

January 17, 2018 By Mike Shugart Leave a Comment

By now, we’re all aware of the recent set of security chip vulnerabilities, known as Meltdown and Spectre, affecting modern computer processors and enabling would-be attackers easy access to sensitive information from computers, tablets and smartphones made after 1955.

In simple terms, Meltdown attacks the isolation between user applications and the operating system, and allows a program to access memory and secrets of the operating system and other programs. The mass public has been advised that computers (and a cloud infrastructure) running on an unpatched operating system are at risk of sensitive information being leaked. Spectre attacks different applications and enables hackers to trick programs into leaking its secrets. Once hackers have access to memory systems, passwords are vulnerable, and so become a company’s crown jewels.

One security researcher, Daniel Gruss, said this is “probably one of the worst CPU bugs ever found.” And even though there’s not much evidence – yet — to support that hackers have taken full advantage of Meltdown and Spectre, (although it’s difficult to attribute specifics to this particular exploit), companies are keenly aware of impending major risks.

Naturally, business owners wanting to protect both personal and company information, are scrambling to make sure their operating systems are up to date and are watching for any updates from firms like Apple, Google, and Microsoft. Microsoft was first to offer operating system fixes. Intel followed suit and all hell broke loose.

Reboot issues were discovered after installing the patches that Intel issued. To makes matters even worse, a confidential memo, presented by media outlets, is said to have issued warnings to large companies and cloud providers not to install the patches because of the glitches.

As a small business owner, you know that no matter how strong you build up cybersecurity posture, and no matter how advanced your IT infrastructure and operating systems you install, nothing can prevent a cyber-attack. And if you’re wise enough to embrace the when-not-if mindset, then you understand that applying updates and patches is just putting lipstick on a pig.

This doesn’t discount the importance of cyber hygiene and doing everything in your power to stay on top of would-be attacks. But this also reinforces the importance of belonging to an ISAO. We hope you choose ours of course, as we understand the unique requirements of the SMB owner, but regardless, join an ISAO. Nothing will ever 100 percent protect you from cyber incidents, but having liability protection and safeguarding your assets could mean the difference between keeping your business alive or folding.

Filed Under: Uncategorized

  • Home
  • ABOUT US
  • PARTNERS
  • RESOURCES
  • CONTACT US
2005 Aeroplaza Drive, Colorado Springs, CO 80916 | 877-412-9407
Copyright © 2019 SMBISAO™.
Privacy Statement | Terms and Conditions

YOU ARE BEING REDIRECTED TO:

Why am I being redirected?
Membership to SMB iSAO includes the major benefit product: Survive Cyber. By becoming an SMB iSAO member and signing into to Survive Cyber, members gain access to SMB IiAO‘s Hall of Fame award-winning Information Sharing Platform. The Survive Cyber product is powered by SMB iISAO and provides members with access to our advanced security operation center, threat intelligence alerts curated by our cybersecurity analysts, and critical legal protections accessible only through compliance with CISA. In addition, Survive Cyber provides access to a content rich resource portal and up to $100,000 in Cyber Security Insurance coverage. Billing will be processed by SMBISAO.