LakeRidge Blog

Cybersecurity & Compliance

News and guidance on cybersecurity, regulation, and compliance for regulated businesses.

Need help putting this into practice? See our compliance services.

14+ Security Settings to Boost WhatsApp Privacy

Cybersecurity ·Feb 2025

14+ Security Settings to Boost WhatsApp Privacy

Configure these settings to combat stalkers, spammers, and everyone else annoying you on WhatsApp.

How to Get Your Smartphone Ready for the Next Disaster

Cybersecurity ·Feb 2025

How to Get Your Smartphone Ready for the Next Disaster

If configured correctly, during a disaster a smartphone can be more than a communication device.

DeepSeek AI Database Leaked Secret Keys & Over 1 Million Log Lines

Cybersecurity ·Jan 2025

DeepSeek AI Database Leaked Secret Keys & Over 1 Million Log Lines

DeepSeek AI database security flaw uncovers confidential keys, chat records, and backend information, providing unfettered access to the entire system.

Russian hacker group Star Blizzard launch spear phishing attack via WhatsApp

Cybersecurity ·Jan 2025

Russian hacker group Star Blizzard launch spear phishing attack via WhatsApp

The Russian hacker group Star Blizzard posed as U.S. government officials in fraudulent emails, urging recipients to join a WhatsApp group supposedly dedicated to showcasing "the most recent non-governmental initiatives supporting Ukrainian NGOs."

Biden executive order imposes new cybersecurity standards for companies that do business with the U.S. government

Cybersecurity ·Jan 2025

Biden executive order imposes new cybersecurity standards for companies that do business with the U.S. government

The Biden administration aims to enhance digital security for both the government and private sector in the United States through the implementation of this executive order.

Telegram Hands Over Thousands Of Users Data To US Law Enforcement

Cybersecurity ·Jan 2025

Telegram Hands Over Thousands Of Users Data To US Law Enforcement

The arrest of the Telegram founder seems to have caused concern among those who use the platform for child exploitation, as it has had a notable impact.

Volkswagen data leak exposes location of 800,000 electric car drivers

Cybersecurity ·Jan 2025

Volkswagen data leak exposes location of 800,000 electric car drivers

A Volkswagen subsidiary data breach has exposed the location and other information of 800,000 electric vehicle owners for several months.

US Army soldier arrested for hacking President Donald Trump’s calls

Cybersecurity ·Jan 2025

US Army soldier arrested for hacking President Donald Trump’s calls

US Army soldier shared on the Telegram messaging service that they had breached the security of over 15 telecom providers through hacking.

US Treasury documents stolen by Chinese Hackers in Major Incident

Cybersecurity ·Jan 2025

US Treasury documents stolen by Chinese Hackers in Major Incident

Hackers supported by the Chinese government successfully penetrated the Treasury Department's computer security protocols, as stated in a letter sent to lawmakers.

Ensure that between two and four global admins are designated - Microsoft 365

Cybersecurity ·Apr 2024

Ensure that between two and four global admins are designated - Microsoft 365

Designate between two and four global administrators to ensure effective management and security within your Microsoft 365 environment.

Establish two emergency access accounts for critical situations, ensuring continuity and security in your system - Microsoft 365

Cybersecurity ·Apr 2024

Establish two emergency access accounts for critical situations, ensuring continuity and security in your system - Microsoft 365

Secure your Microsoft 365 environment by ensuring administrative accounts are distinct and solely cloud-based, enhancing control and minimizing risks.

Ensure that administrative accounts are distinct and solely cloud-based - Microsoft 365

Cybersecurity ·Apr 2024

Ensure that administrative accounts are distinct and solely cloud-based - Microsoft 365

Secure your Microsoft 365 environment by ensuring administrative accounts are distinct and solely cloud-based, enhancing control and minimizing risks.

BYOD - Do employees care about data security?

Cybersecurity ·Feb 2024

BYOD - Do employees care about data security?

According to a survey conducted by Kaspersky Labs, only 10% of employees are diligent in safeguarding work-related information on their personal devices.

4 Stages of Containing a Data Breach

Cybersecurity ·Feb 2024

4 Stages of Containing a Data Breach

Data breaches have become increasingly common, leading many organizations to establish comprehensive policies for handling them. In 2015, Anthem Blue Cross Blue Shield, a prominent US health insurance provider, disclosed a significant breach, revealing that approximately 78.8 million Social Security records and other sensitive personal data had been compromised. We look at four stages of containing a data breach.

5 Reasons Why Your Business Needs a Pen Test

Cybersecurity ·Feb 2024

5 Reasons Why Your Business Needs a Pen Test

Penetration testing is a highly effective method for evaluating your organization's existing cyber security measures (ISO 27001, NIST SP 800-171, HIPAA). Here are 5 crucial reasons to conduct a penetration test

Evidence Remotley Wiped From Police Station

Cybersecurity ·Jan 2024

Evidence Remotley Wiped From Police Station

Placing phones in a microwave prevents hacking?

Telehealth

Cybersecurity ·Oct 2023

Telehealth

Telehealth, what is it? how does it work? Telehealth explained.

HIPAA Healthcare Cybersecurity

Cybersecurity ·Oct 2023

Healthcare Cybersecurity

An In-depth Look at Cybersecurity in the US Healthcare Industry through Facts and Statistics

IT Services

Cybersecurity ·Mar 2023

Flying to the Cloud – IT & Security Transformation

Learn how we configured a client's Microsoft 365 environment to meet NIST SP 800-171 requirements and moved their on-premise resources to the Microsoft 365 environment

IT Services

Cybersecurity ·Mar 2023

Maintaining Systems and Compliance

Learn how our Azure AD services can streamline and secure your IT environnment.

Data Mining

Cybersecurity ·Mar 2023

Data Mining and Extracting Historical Data

How we helped a regional logistics company access historical data and provide the tools to mine it for information

Email Marketing Automation Platform

Cybersecurity ·Mar 2023

Email marketing automation platform = six figure increase in sales

How we helped a small business increase their sales by six figures and in salary cost using a custom built email marketing automation platform

Cybersecurity Policies and Procedures

Cybersecurity ·Mar 2023

Certification after Certification

Learn how our policies and procedures service enabled a customer to earn two cybersecurity accreditations.

Microsoft 365 Security

Cybersecurity ·Mar 2023

The Physics Behind Microsoft 365 Security

Learn how we helped a DoD contractor meet compliance requirements by securing their Microsoft 365 tenant.

Security Control Framework

Cybersecurity ·Jan 2023

Looking for an Information Security Framework? Use this.

Using a security frame helps an organization establish and meet its security objectives.

Cyberwarfare

Cybersecurity ·Aug 2022

Cyberwarfare vs Cyber Espionage, What is the Difference?

Cyber buzzwords always get thrown around causing confusion for readers.

Top Cybersecurity Certifications

Cybersecurity ·Apr 2022

Top 5 In Demand Cybersecurity Certifications

Which of these top 5 cybersecurity certifications do you have?

Small business data classification labels

Cybersecurity ·Apr 2022

Data Classification Labels for Your Small Business

Having trouble with data classification in your small business? Here are three classification labels you can use.

Small business cybersecurity

Cybersecurity ·Mar 2022

10 Ways to Improve Your Small Business's Cybersecurity

Perform these tasks to greatly improve cybersecurity at a small business.

CISSP Exam

Cybersecurity ·Jan 2022

How I Passed the CISSP Exam on My First Try

Follow my tips on how to pass the CISSP exam.

System Security Plans Explained

Cybersecurity ·Nov 2021

System Security Plans Explained

To meet NIST SP 800-171 requirements you must create and maintain a system security plan (SSP).

Easy to Use Incident Response Checklist

Cybersecurity ·Nov 2021

Easy to Use Incident Response Checklist

Organizations should have standardized procedures for responding to incidents, use this incident response checklist next time you respond to an incident.

Hardware and Software Inventory

Cybersecurity ·Nov 2021

How to Create a Hardware and Software Inventory for your System Security Plan

Every system security plan should include or reference a hardware and software inventory.

Collaborative Computing Device

Cybersecurity ·Oct 2021

What is a Collaborative Computing Device?

Learn what a collaborative computing device is and how to meet your NIST SP 800-171 and CMMC requirements.

Digital Bug Out Bag Tips

Cybersecurity ·Mar 2021

Digital Bug Out Bag Essentials

Are you preparing for a natural disaster, civil unrest, nuclear holocaust, or zombie apocalypse? If so, you need a digital bug-out bag.

Cybersecurity Travel Tips

Cybersecurity ·Feb 2021

Cybersecurity Border Crossing and Travel Tips

When traveling or crossing through border controls there are a few cybersecurity tips and best practices you should follow.

Privacy Guide

Cybersecurity ·Feb 2021

Easy to Follow Online Privacy Guide

Learn how to clean up your online presence and stay anonymous.

Data Classification Guide

Cybersecurity ·Feb 2021

Data Classification 101 Guide

Classifying and labeling data is a critical part of any mature cybersecurity program.

Is cybersecurity one word or two?

Cybersecurity ·Feb 2021

Is it Cybersecurity or Cyber Security? How do you spell it?

Is cybersecurity spelled as one word or two? The answer is it depends...

Least functionality

Cybersecurity ·Feb 2021

The Principle of Least Functionality, Simplicity is the Ultimate Sophistication

Employing the principle of least functionality is critical for organizations seeking to reduce their cyber risk.

Which is correct information security or cybersecrity

Cybersecurity ·Feb 2021

Information Security or Cyber Security? Which term should we use?

The term cyber security is often heard in the media, government circles, and the information technology community. Is the term being used incorrectly?

Worlds first hacker Nevil Maskelyne

Cybersecurity ·Feb 2021

The History of Hacking: 1903 the world's first Hack

In 1903 the world’s first hacking incident occurred, marking the start of an era. At the Royal Academy of Sciences in England, Nevil Maskelyne pulled off an unharmful yet very embarrassing hack.

Free and open source cybersecurity tools

Cybersecurity ·Feb 2021

5 Open-source Cybersecurity Tools Every Company Needs

Using free and open-source software (FOSS) to meet your cybersecurity needs is a great way to improve your organization’s cybersecurity posture without emptying your wallet. Here are 5 open source cybersecurity tools your company can leverage.

Remote Work Cybersecurity Risk

Cybersecurity ·Feb 2021

6 Cybersecurity Risks Associated with Working From Home

Although an operational necessity, allowing employees to work from home increases cyber risk. We cover six cyber risks and offer mitigations.

Kids Malware Viruses

Cybersecurity ·Feb 2021

Laptops given to British school kids came preloaded with malware

Laptops supplied to British schools by the Department for Education came preloaded with malware. Yes you read that right...

Cybersecurity Tips

Cybersecurity ·Feb 2021

12 Things You Need to Know About the Signal Messenger App

The Signal Messenger App is rising in popularity. Here are some common questions people have about it.

Cybersecurity Tips

Cybersecurity ·Jan 2021

5 Simple Ways to Improve Your Organization’s Cybersecurity

Tackling cybersecurity challenges is no walk in the park. However, you can use these five simple actions to improve cybersecurity at your organization.

malvertising

Cybersecurity ·Nov 2020

Signs an Employee Might Be an Insider Threat

More than 34% of businesses around the globe are affected by insider threats yearly.[1]

malvertising

Cybersecurity ·Oct 2020

Why Ad Blockers Should Be Part of Your Endpoint Security Strategy

Malvertising is a serious threat that can often be overlooked. Ad blockers can help mitigate this threat.

Small Business Cybersecurity

Cybersecurity ·Oct 2020

How to Protect Printers From Cyber Threats

We are used to locking down workstations and servers however we often overlook printers. Here is how to secure your printers.

Small Business Cybersecurity

Cybersecurity ·Oct 2020

How Going Paperless Improves Cybersecurity

Want to help save the environment and improve your information security? Then go paperless.

Small Business Cybersecurity

Cybersecurity ·Oct 2020

4 Reasons Small Business Doesn't Invest in Cybersecurity

Small businesses are often the target of cyber attacks. Why don't they take cybersecurity as seriously as they should?

Cybersecurity Awareness

Cybersecurity ·Oct 2020

3 Free Ways to Boost Cybersecurity Awareness

Training employees on cybersecurity practices and reminding them of security threats is paramount for any successful program.

Cybersecurity Violation Punishment

Cybersecurity ·Oct 2020

Should You Punish Employees for Cybersecurity Violations?

Everyone can agree that breaking the rules should have its consequences but is punishing users for cybersecurity policy violations and mishaps a good idea?

Physical Security CMMC

Cybersecurity ·Oct 2020

Physical Security Measures are an Important Part of Cybersecurity

Our data may be stored digitally but fundamentally it is still very much linked to the physical world. Here is how to bolster cybersecurity through physical security.

Split Tunneling Cybersecurity Maturity Model Certification (CMMC)

Cybersecurity ·Oct 2020

What is Split Tunneling? Should You Allow It?

What is split tunneling as it relates to virtual private networks? Is using split tunneling secure? How does it impact CMMC compliance requirements?

FIPS 140-2 Validated Encryption CMMC

Cybersecurity ·Oct 2020

What is FIPS 140-2?

What is FIPS 140-2? Why was it created? Which encryption algorithms are FIPS 140-2 compliant?

Privacy Tools

Cybersecurity ·Oct 2020

5 Free Apps & Services To Protect Your Privacy

Tired of Silicon Valley and the Government tracking your every move? Use these free apps and services to help protect your privacy.

Home Cybersecurity Tips

Cybersecurity ·Oct 2020

Practical Home Cybersecurity Tips

Use these tips to protect your home from cyber threats.

password reset

Cybersecurity ·Oct 2020

How Often Should Users Be Required to Reset Their Password?

Does requiring users to reset their passwords every few months promote better security or does it reduce security?

privacy

Cybersecurity ·Oct 2020

What is the difference between "Separation of Duties" and "Least Privilege"

Separating the duties of employees and implementing the principle of least privilege is vital to any cybersecurity program but what is the difference between the two?

<a href="/what-is-the-difference-between-separation-of-duties-and-least-privilege" class="link-cover" aria-label="What is the difference between "Separation of Duties" and "Least Privilege""></a>
privacy

Cybersecurity ·Oct 2020

What is the Difference Between Data Privacy and Security?

Privacy and security are related but what is the difference?

hacker

Cybersecurity ·Oct 2020

FALSE: Hiding your WiFi SSID is more secure than not, and here's why:

Does hiding your SSID improve security?

Mac Anti-virus

Cybersecurity ·Oct 2020

Do You Need Antivirus for Mac?

Does a Mac need antivirus? A lot of people believe that Macs don’t need it. Where did this belief come from? Is it true?

NIST Business Impact Analysis

Cybersecurity ·Sep 2020

How to Create A Business Impact Analysis (BIA)

We discuss business impact analysis definition, steps, and provide templates from NIST.

Multi-factor authentication CMMC

Cybersecurity ·Sep 2020

How to Choose an Enterprise Grade Multi-factor Authentication (MFA) Solution

Knowing how to choose the right multi-factor authentication (MFA) solution to meet your company's compliance and security needs can save you a lot of time down the road.

Cybersecurity Phishing Attacks

Cybersecurity ·Sep 2020

Cheat Sheets Every Cybersecurity Pro Needs

Check out these useful cheat sheets for cybersecurity tools like NMAP, Wireshark, and more!

Incident Response Plan

Cybersecurity ·Sep 2020

What is an Incident Response Plan? What Should it Contain?

The occurrence of a cybersecurity incident isn’t a matter of if but when. Organizations need to have incident response plans in place. So what is an incident response plan?

NIST

Cybersecurity ·Sep 2020

What is the NIST Privacy Framework?

The NIST Privacy Framework provides organizations with a tool to manage privacy risks. How can it benefit your organization?

Nerd

Cybersecurity ·Sep 2020

Use This Simple Trick to Prevent 94% of Windows Vulnerabilities

By revoking administrator rights from a Windows system you can remediate 94% of vulnerabilities affecting the Windows operating system. Here’s how.

Brute forece attack

Cybersecurity ·Aug 2020

What is a Brute force attack?

A brute force attack uses trial and error to guess login information such as passwords with the hope of eventually guessing it correctly.

SSL

Cybersecurity ·Aug 2020

What's the Difference Between SSL and TLS?

In short, SSL is the now deprecated predecessor of TLS.

Malware

Cybersecurity ·Aug 2020

What is Malware?

Malware is a broad term for any type of harmful software designed to exploit a device, service or network.

Browser Extensions

Cybersecurity ·Aug 2020

Practicing Good OpSec on Social Media

Social media can help you connect with friends and family, it can also be a way for bad actors to connect with you.

Browser Extensions

Cybersecurity ·Aug 2020

Building a Patch and Vulnerability Management Program

A patch and vulnerability management program is one of the most important parts of any cybersecurity program. In this post I explain how to build one.

Browser Extensions

Cybersecurity ·Jul 2020

Why Your Company Needs to Block Browser Extensions

Browser extensions can increase productivity, however, left unmanaged they can create security risks for your organization.

Cybersecurity Phishing Attacks

Cybersecurity ·Jul 2020

Top 5 Phishing Statistics

Here are the top 5 most shocking phishing statistics.

Cyber Training

Cybersecurity ·Jul 2020

How to Provide Free Cybersecurity Training to Your Employees

Your employees can receive some of the same training as Pentagon employees at no cost to you.

Phone Hack

Cybersecurity ·Jul 2020

How to Protect Your Smartphone from Hackers

Continue reading to find out how to prevent hackers from taking over your phone.

Twitter Account

Cybersecurity ·Jul 2020

How to Protect Your Twitter Account From Hackers

Learn to how to secure your twitter account to avoid being hacked.

Small Business Cybersecurity Statistics

Cybersecurity ·Jul 2020

7 Small Business Cybersecurity Statistics You Need to Know

Here are the top small business cybersecurity statistics you need to know.

Cybersecurity Basics

Cybersecurity ·Jul 2020

Successful Cybersecurity Programs Focus on the Basics

Companies often overlook the basic elements of cybersecurity, leaving them vulnerable to attack.

Cybersecurity statitics

Cybersecurity ·Jul 2020

Top 10 Useful Cybersecurity Statistics for 2020

Here are the top 10 recent cybersecurity statistics you need to know for 2020.

Controlling Portable Storage Devices

Cybersecurity ·Jul 2020

How to Control Portable Storage Devices

77 percent of corporate end-users surveyed have used personal flash drives for work-related purposes.

system hardening using DISA STIGS

Cybersecurity ·Jul 2020

How to Create a System Security Plan (SSP)

A system security plan (SSP) lists an organization’s cybersecurity requirements and explains how it meets them. We will show you how to create your own SSP!

system hardening using DISA STIGS

Cybersecurity ·Jul 2020

Use DISA STIGs to Secure Your IT Systems

The Defense Information Systems Agency (DISA) has a wide range of security technical implementation guides (STIGS) company’s can leverage to secure their IT systems.

Data sanitation and destruction

Cybersecurity ·Jul 2020

How to Sanitize or Destroy Digital & Non-Digital Media

Did you know that 42% of used drives sold on eBay hold sensitive data?

Acceptable Use Policy

Cybersecurity ·Jun 2020

How to Create an IT Acceptable Use Policy + Templates

Creating an acceptable use policy for your information system is a good way of informing users of your security policies and limiting legal risks.

Change Control

Cybersecurity ·Jun 2020

Change Control - Important Considerations Before Making Changes to your IT Systems

Change control procedures are the backbone of any mature cybersecurity program. We offer a list of items IT teams should consider before deploying changes to their production environment.

Information System CMMC

Cybersecurity ·Jun 2020

What is an information system?

Understanding what an information system is and its components is critical to effectively implementing your company’s CMMC requirements.

CMMC Model

Cybersecurity ·Jun 2020

America's Plan to Protect its Defense Industry from Cyber Threats

America will protect its defense industrial base from cyber attacks with a new cybersecurity framework and an army of assessors.