Avalon Cybersecurity

December 2, 2024

Avalon Appoints Anthony Quartaro as Chief Financial Officer

Avalon is pleased to announce the appointment of Anthony Quartaro as our chief financial officer (CFO). With over 17 years of experience in finance and accounting, including over a decade of leadership at Sutherland and a strong background in both private and public accounting, Anthony will play a key role in driving our financial strategy and operational growth.
September 23, 2024

New York Department of Financial Services (NYDFS) Amendments Effective November 2024

As covered in our previous article, the New York Department of Financial Services (NYDFS) updated its Cybersecurity Regulation in 2023. To help entities roll out the changes and new requirements, they have provided phased timelines for when these items must be implemented by.
September 4, 2024

Risks Lurking in the “Shadows”: Shadow IT and Shadow AI

You may have heard the saying: “Change is the only constant in life.” This is certainly true of the information technology industry, which in turn, has a ripple effect on the technology, services, risk, and regulatory requirements that impact your organization and its environment.
August 13, 2024

Focusing In On the New “Govern” Function in NIST CSF 2.0

In February 2024, the National Institute of Standards and Technology (NIST) released Version 2.0 of the Cybersecurity Framework (CSF or the Framework) which is the first significant update to the Framework since 2014 when it was first created.
July 19, 2024

MS outage linked to CrowdStrike: Falcon Content Update for Windows Hosts

You are not alone if you woke up this morning with a Blue Screen of Death (BSOD). Please reach out to the Avalon Cyber team if you need assistance:877.216.2511.
June 27, 2024

The CDK Incident and Recommended Actions from Avalon Cyber

Thousands of car dealerships’ operations slowed to a halt last Wednesday as their core dealer management system, CDK, shut down. CDK Global announced that they were investigating a cyber incident and “Out of an abundance of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible” according to...
May 28, 2024

Avalon Cyber Security Poll Recap: A Deeper Dive into Insider Threats

Earlier this month, Avalon Cyber posted a poll on LinkedIn asking, “What cybersecurity threat keeps you up at night?” The choices were: external threat (for example, ransomware), internal threat (i.e., IP theft), or the birth of GenAI.
March 26, 2024

Get 24/7/365 Protection with Avalon Cyber's Managed Extended Detection & Response (MXDR) Service

While Avalon Cyber has offered managed detection and response services for years, KnightVision MXDR, our managed extended detection and response service, provides your organization with the highest standard of cybersecurity protection available today.
December 12, 2023

Cyber Insurance Considerations for Small and Medium-Sized Businesses

There are over 33 million small or medium-sized businesses (SMBs) in the U.S. – making up over 99% of all U.S. companies – and recovering from a cyberattack can be costly to these businesses.
November 14, 2023

NYDFS Amendment to Cybersecurity Regulation

Avalon Cyber previously reported on proposed changes that may have a significant impact on the current 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500) released by the New York State Department of Financial Services (NYSDFS).
April 12, 2023

Governance Considerations in the Age of AI

There has been a lot of talk recently about artificial intelligence (AI), especially around ChatGPT, a chatbot which interacts in a conversational way. As a broad category, AI is the simulation of human processes by machines and computer systems. A few business use cases may include leveraging AI to provide fast and accurate response for customer inquiries, assisting with topic research, or...
March 21, 2023

Does the Silicon Valley Bank Collapse Mean More Cyberattacks?

Will the recent shutdown of the Silicon Valley Bank (SVB) and subsequent financial activity worldwide lead to an increase in cyberattacks? Some experts, including those at Avalon Cyber, think it’s a foregone conclusion.
March 6, 2023

CISO Spotlight: Jeremy Walczak

We created the “CISO Spotlight” series to highlight some of the CISOs we know and admire, to learn more about their challenges, hear what they have to say about the current state of cybersecurity, and more. Read on to see what Jeremy Walczak of GenesisCare has to say.
March 2, 2023

Overview of Proposed NIST Cybersecurity Framework Changes

In January, the National Institute of Standards and Technology (NIST) released a concept paper as they work to draft the Cybersecurity Framework (CSF or Framework) 2.0, an update to the current 1.1 Framework that was last updated in 2018, as well as associated resources such as websites, mappings, and related guidance. The purpose of the CSF is to provide guidance to organizations to better...
January 24, 2023

Be Cyber Ready by Implementing These Key Controls

As the number and severity of cyber threats and attacks continues to rise, it’s more important than ever to make sure your organization is cyber ready. Safeguarding your environment, including the systems and data within, will both reduce risk and promote business operation continuity and security.
January 17, 2023

ChatGPT: The Advent of Synthetic Malware

What, exactly, is ChatGPT?
October 14, 2022

A Quick Guide to Creating Complex Passwords

You may think a complex eight-character password composed of numbers, symbols, and upper- and lowercase letters is relatively safe from cybercriminals, right? Nope. It would take an adversary just 31 seconds to crack that password.
October 5, 2022

Introducing Our Cybersecurity Service Plans

Developing – and maturing – a layered, effective cybersecurity program for your organization can be confusing, time-consuming, and stressful. But it doesn’t have to be.
August 3, 2022

Proposed Changes to NYDFS Cybersecurity Requirements

On July 29, 2022, the New York State Department of Financial Services (NYSDFS) released proposed changes that may have a significant impact on the current 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). Part 500, a regulation establishing cybersecurity requirements for financial services companies, was declared by the...
April 11, 2022

Cybersecurity Spring Cleaning

The weather is changing, and spring is upon us. Each year around this time, many people tend to do a thorough cleaning of their home and maybe tackle a few home improvement projects before summer arrives. We cannot forget to do the same maintenance and enhancements to our cybersecurity program. To assist you, we created this basic cybersecurity “to-do” list to ensure that you are being proactive...
April 6, 2022

Get Ready for the New 36-Hour Cyber Breach Notification Rule for Financial Institutions

If you’re in the financial sector, no doubt you’ve already heard, and hopefully, are prepared or preparing for, the new federal banking rule regarding cyber breach notifications. This new rule, which took effect April 1, 2022, with full compliance required by May 1, 2022, requires banking organizations and bank service providers to notify banking regulators within 36 hours after a notification...
March 3, 2022

Planning Ahead to Aid in the Prevention of Cyberattacks

Most (not all) cyber-related incidents can be avoided through proper planning and by having the right resources in place. Preparation is what makes all the difference, which entails outlining your risks, implementing safeguards to aid in prevention, and knowing who to bring in and when in the event of a cyber incident. After a cyber incident has occurred, time is of the essence to lessen the...
March 1, 2022

Russian Cyberthreats: Steps to Take to Protect Your Business

In early 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to all businesses and government entities on the risk of Russian cyberattacks affecting US systems and networks. Rob Lee, CEO of Dragos, indicates that his team has “observed threat groups that have been attributed to the Russian government by US government agencies performing reconnaissance against US...
February 16, 2022

Avalon Cyber Welcomes Jill Martucci

The Avalon Cyber team is proud to welcome Jill Martucci as our new Director of Governance Risk and Compliance (GRC) for our security advisory services. Her experience spans many service lines and industries in which she executes programs that ensure the proper functioning of client information technology and information security (IT/IS) controls, with a focus on the following areas:
February 8, 2022

Avalon Cyber Launches Incident Response Retainer Program

If you experience a breach, it’s critical that you quickly find and fill the gaps in your network and identify what data may have been compromised. The Avalon Cyber team has extensive experience in digital forensics and technology crime fighting and provides prompt and comprehensive response to cyberattacks.
January 10, 2022

Cybersecurity Maturity Model Certification (CMMC) Services

If you’re one of the more than 300,000 companies in the defense industrial base’s (DIB) supply chain, you’re probably familiar with the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC). If not, here’s a quick definition courtesy of the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)): “The CMMC is a framework that includes a...
December 16, 2021

The Log4j Vulnerability: Where Do I Start?

If you’ve made it past the title, you already know what we’re talking about, and I hope you don’t stop here because you’re afraid of just another technical brain dump of how bad Log4j (aka Log4shell) actually is. What I think will be more impactful for our readers is to provide you with information on:
December 8, 2021

92 and Loving It!

Getting good grades back in grammar school was pretty exciting, right? You get a high score on your math test and you’re super psyched for the rest of the day. Well, that’s the same feeling the team at Avalon gets when we think about our overall Net Promoter Score (NPS), which is… 92!
December 2, 2021

Lockbit 2.0 Ransomware Infographic

An attacker leveraged a combination of Microsoft Exchange vulnerabilities (ProxyShell), which led to the deployment of Lockbit 2.0 ransomware. Here's what happened:
November 2, 2021

Why You May Need a Microsoft 365 Best Practices Security Assessment

Microsoft 365 (previously Office 365) offers a wealth of tools, including Teams, SharePoint, OneDrive, PowerPoint, Excel, and more, that help your team work and collaborate easily and efficiently from anywhere in the world. And, since the platform is cloud-based, your business has access to all these resources, yet doesn’t have to host the infrastructure.

Contact Our Team Now