Cybersecurity Concerns Due To CrowdStrike Outage
Cybersecurity concerns increase due to CrowdStrike outage. Phishing attempts may increase.
7/2/2024 – LASCO IS HIRING!
JOIN THE LASCO TEAM!
[07/16/2024] CBM Upper Peninsula Banking Summit
CBM Upper Peninsula Executive Banking Summit Lasco was pleased to attend the Community Bankers of Michigan U.P. Executive Banking Summit, July 16 and 17. It was two great days of golf, networking, and learning. The event was attended by Robert Baer, President and CEO of Lasco; Mark Niemi, Vice-President of Cybersecurity Services; Paul Clarke, Financial Services Account Manager; and Dustin Frak, Technical Services Account Manager. The event kicked off on July 16 at the stunning Greywalls Golf Course at the Marquette Golf Club, followed by a cocktail hour and dinner. July 17 featured the Summit at the Northern Center, on the campus of Northern Michigan University. Find more information on the CBM website.
SHF Golf Outing
Lasco participates in 2024 Superior Health Foundation Golf Outing to benefit the Dickinson Iron Community Services Agency.
The Basics of Cyber Insurance
Do you need cyber insurance? Probably. Do you need help figuring out how it all works? Read on for the basics of cyber insurance.
Prepare for 2024: Assessment tools to secure your organization.
A quick recommendation of a couple of tools and resources to better prepare your organization for a secure new year!
Lasco Names Niemi Vice-President of Cyber Services
Lasco Names Mark Niemi Vice-President of Cyber Services Lasco is pleased to announce the promotion of Mark Niemi, Cyber Threat Analyst, to Vice President of Cyber Services. A familiar name and face to Lasco clients, Mark has been with Lasco for 14 years. Mark began work at Lasco as a part-time Help Desk technician, moving to a Tier 3 technician, then to being one of Lasco’s senior network administrators. Mark’s interest in the dark web and cybersecurity has evolved over the years, and as Lasco’s needs for cybersecurity and cyber-readiness has increased, Mark was moved to focus on cyber services for our clients as well as monitoring Lasco’s overall cyber health. As the need for cybersecurity continues to grow, Lasco feels Mark is ready to take on the role of Vice President of Cyber Services. Mark’s duties will have him continue working on cyber threat analytics. He will also be tasked with growing Lasco’s cyber services and sharing the load of Lasco’s internal and external compliance requirements. Please join all of us in congratulating Mark on his promotion as he continues to further his career with Lasco.
Lasco and Peoples State Bank – Cybersecurity Lunch & Learn
Lasco and Peoples State Bank of Munising partner up to engage local business leaders in cybersecurity training and look at the threat landscape in regards to business compromise.
CSBS R-SAT 2.0 – What you need to know
CSBS Updates Ransomware Self-Assessment Tool in Response to Enhanced Threats On October 24th, 2023 the Conference of State Bank Supervisors (CSBS) released a webinar outlining their updates to the Ransomware Self-Assessment Tool (R-SAT) detailing today’s ransomware threat environment, the risk to the financial sector, and why changes were made to the R-SAT. Speakers included Commissioner Charles Cooper of the Texas Department of Banking, Phillip Hinkle of the Texas Department of Banking, Robert Kahl of the FDIC, Christopher Furlow of the Texas Bankers Association, Brad Robinson of the CSBS, and Mary Quist of the CSBS. Ransomware Self-Assessment Tool – What is it? In case you didn’t know, the R-SAT is a resource created from the Bankers Electronic Crimes Taskforce, state bank regulators, and the United States Secret Service to “help financial institutions periodically assess their efforts to mitigate risks associated with ransomware and identify gaps for increasing security,” according to the R-SAT Purpose Description. Essentially, this tool allows an organization to check and verify they are following all of the best security practices to help reduce the risk of ransomware. This can be done regularly on an organization’s own time, and it compliments things such as vulnerability assessments, penetration tests, and audits. Important Updates to R-SAT While many of the core elements of the R-SAT are the same, they have expanded the questionnaire from 16 to 20 questions and included emphasis within some critical areas. Below are a few key changes we agree are big game changers on how you view security within your organization: Increased emphasis on multi-factor authentication (MFA).Before, MFA was a subsection of the R-SAT. They have now expanded it to its own question (question 13) and emphasized key components on where it should be used at a minimum. Request a Consult Security Awareness Training for employees has an increased emphasis. The assessment tool now focuses more on the quality and quantity of security training for employees by adding in a question on frequency and whether the organization utilizes phishing tests on a quarterly basis. They also ask if the organization is providing emerging ransomware threats and news to keep everyone aware. Expansion for checks on cloud-based environments.Throughout the assessment, there has been an increase in detail regarding cloud-based environments for authentication, data validation, and even backup controls. Incident Response Planning.Not only do they update wording and processes to match the latest needs in cyber controls, but they include alternative strategies with regard to third party involvement ranging from media representation, escalation procedures, threat hunting, and more. Third Party Engagement.Last but not least, they also added some emphasis and checks regarding organizations that use outside partners to complete their service portfolio. New questions about response procedures and scope of how a third party may be involved (question 18) or if you utilize an existing pre-approved third party in the event of a ransomware attack (question 19). A sub question for this that is very important asks, “Are any such third parties pre-approved by the bank’s cyber insurance provider?” A Successful Update to a Great Resource Here at Lasco, we are pleased to see further development of this assessment tool. There have been a great number of advancements on how ransomware can be distributed, and it only gets easier for threat actors. With these changes and vigilance on security we can continue to defend against the next cyber incident in our organizations. If you would like to watch the webinar, you can see it here: https://youtu.be/lMZgpJ1fF_A?si=Hl90jfJB_j9M_EVC Check out the updated assessment tool here: https://www.csbs.org/ransomware-self-assessment-tool Don’t forget, we can help you through the changes of this assessment tool and many tools like it! Connect us by filling out the form above or find out more information on our Cyberecurity and Compliance page.
Supporting the Future of Cybersecurity Professionals
Lasco Shows K12 Support at NMU Yoopercon [Marquette, MI Nov. 2nd, 2023] NMU Yoopercon, hosted by Northern Michigan University, serves as a prime avenue for igniting interest and knowledge in cybersecurity. This event offers workshops, seminars, and practical experiences, allowing students to interact with industry professionals and grasp the latest cybersecurity trends and challenges. Yoopercon 2023Ben Chaney, Business Development Manager at Lasco, spoke to foster interest and awareness among students at the NMU Yoopercon 2023 event, helping shape the landscape for future I.T. professionals, which aligns closely with Lasco’s commitment to technological innovation and security. During the panel, Ben presented ideas and helped inform students’ understanding of what to expect when coming into a cybersecurity role, outlining the importance of understanding regulations and compliance in each field, emphasizing the importance of continuing education, and keeping informed of the latest intelligence from both large and small vendors and organizations. Ben joined William Provost (UPPCO CISO), Anthony Cavalieri (Lundin Mining IT Manager), Mark Tracy (Marquette Board of Light and Power System Administrator), and Liam Goetz (Northcross Group) on the panel.