5 Cybersecurity Obstacles Small Businesses Face

5 Cybersecurity Obstacles Small Businesses Face

I have spoken to hundreds of small business owners and general managers over the last few months about cybersecurity. Many present one or more of the following five reasons as to why they don’t have data protection in place.

Ultimately, they don’t think their data is worth stealing.

Ironically, this is exactly the attitude most bad actors hope for. With systems that are minimally secure, cybercriminals can have a heyday with your company bank accounts, confidential employee information and customer files. Roughly 50% of all small businesses who suffer a cyberattack go out of business within six months. We don’t want you to be one of them.

Let’s look at these hinderances and discover ways to overcome them.

 

Five Most Common Stumbling Blocks to Cybersecurity

 

“We have no money.”

Small or large, this is the number one hindrance I see moving forward. Most decision makers think cybersecurity solutions cost hundreds of thousands of dollars per year. They already set in mental motion either severe budget cuts in other areas or an unbudgeted approval by management needs to occur. Neither position is attractive, so nothing happens.

Cybersecurity doesn’t have to be expensive. Our SecureAmerica solution starts at $299 per month – giving your business the protection it needs 24/7!

 

“We backup our data regularly, so there’s no risk.”

Really? How regularly – every transaction, once a day or a few times per month? Regular backups will allow your business to limp along after you install new operating systems, applications and put new passcodes on everything. This can take days, if not weeks to complete.

But the fact is, your data has been stolen and encrypted. Depending on the number of records and sensitivity of that information, you may have to pay ransomware to get the records back, which will also impact your budget.

Our solution monitors your network for any vulnerabilities, phishing or scraping attempts, and stops ransomware attempts before they happen.

 

“We have malware protection on each device, so we’re covered.”

While this is certainly important, it isn’t enough. Bad actors are smart and constantly trying to find ways to enter your system. In addition, many of them roam around your servers for days or months before they retrieve anything, which makes your systems all that more vulnerable. Malware protection is a piece, but it isn’t the entire solution.

We offer complete protection of your entire network, down to the device level.

 

“We’re too small to be hacked.”

87% of small businesses don’t think they will ever be hacked, yet 50% of them are. No one is too small. If you have a business that interacts with clients, vendors and employees, you can be a victim.

Bottom line: Every business needs cybersecurity.

 

“Our IT guy is handling our cyber protection.”

Is he really? How much has he been trained on cybersecurity? How will he be able to detect a breach? How soon can he detect it? These are the hard questions you should be asking. IT “guys” are good at installing and managing your systems, but without the proper tools, they can be in the dark about a data breach as much as you are.

 

Axiom Cyber Solutions Has You Covered

Our SecureAmerica Threat Defense Platform takes in multiple open and closed source threat feeds daily. It is built on Artificial Intelligence and Machine Learning to not only parse the latest threats but predict future ones as well.

With a low monthly subscription cost, you can have a complete cybersecurity package. Give us a call at (800) 519-5070 or send an email to info@axiomcyber.com for more information.

 

Shannon Wilkinson, President of Axiom Cyber Solutions, selected as the 2018 Las Vegas Women in Technology – Cybersecurity Award Winner

Shannon Wilkinson, President of Axiom Cyber Solutions, selected as the 2018 Las Vegas Women in Technology – Cybersecurity Award Winner


On Saturday, April 28th, President of Axiom Cyber Solutions, Shannon Wilkinson (far left), was selected as the 2018 Las Vegas Women in Technology – Cybersecurity award winner.

“I am incredibly honored to receive the inaugural Las Vegas Women in Technology for Cybersecurity award. Three years ago, I started Axiom Cyber Solutions with the best business partner I could ask for, my husband, Troy. I also want to thank my parents for always supporting me and not batting an eye when I told them that I wanted to run off to join a United Nations peacekeeping mission after I graduated from UNLV. Lastly, I’d like to dedicate the award to the future of technology – our three young daughters who have already started showing an extreme interest in technology and thank the community for their support of education for girls in technology,” said Shannon Wilkinson.

The Las Vegas Women in Technology Awards recognizes the women working in and changing the face of the technology community in Las Vegas

 

As President of the Las Vegas Women in Technology award program from the Las Vegas Community Tech fund I want to personally congratulate you on your award!  The technology community of Southern Nevada “has spoken” and they choose you for all your hard work, progress and great achievements in technology.

Lori Nguyen, Las Vegas Women in Technology Awards

The Las Vegas Women in Technology Awards accepts nominations from the community for for the following categories:

  • Technology Woman of the Year
  • Technology Woman Entrepreneur
  • Technology Woman for Community Service
  • Technology Woman Mentor
  • Technology Woman Rising Star
  • Technology Woman for Gaming & Hospitality (New 2018)
  • Technology Woman for Cybersecurity (New 2018)

In addition to honoring professional women, the awards also recognizes outstanding local students in coordination with the National Center for Women & Information Technology (NCWIT) for Aspirations in Computing, Collegiate, and Educator awards.

Shannon Wilkinson, President of Axiom Cyber Solutions, Selected as Top 100 Women of Influence by MYVegas Magazine

Shannon Wilkinson, President of Axiom Cyber Solutions, Selected as Top 100 Women of Influence by MYVegas Magazine

For the second year in a row, President of Axiom Cyber Solutions, Shannon Wilkinson, has been named to the Top 100 Women of Las Vegas by MyVegas Magazine. MYVegas Magazine polls over 100,000 of its readers to find the Top 100 Women in Las Vegas each year.

These women come highly recommended by our readers and our community! There’s no shortage of fabulous females in the Las Vegas Valley, so ranking among the Top 100 Women of the Year is an extraordinary honor and sought-after accolade. – MYVegas Magazine

Shannon Wilkinson stated “I am very honored to have been nominated and selected as one of the Top 100 Women of Las Vegas. To see the outstanding line-up of other women being honored, I am humbled to be included in the list for 2018.”

MYVegas Magazine is available for free around the community or a free copy can be requested from their website www.myvegasmag.com

MYVegas Top 100 Women 2018

Why Threat Intelligence is Not Always Intelligent

Why Threat Intelligence is Not Always Intelligent

The primary purpose of threat intelligence is to help organizations understand what kind of threats they may face, zero-day attacks or exploits. The problem that exists for many organizations about threat intelligence is that there can be so much information coming at them, so much information to act upon, but no time or resources to shift through it, much less apply it to the company’s cybersecurity defense and/or strategy.

Threat intelligence that doesn’t do anything is not that intelligent.

Brent Watkins, FBI Special Agent (Retired), Axiom Cyber Solutions Head of Business Development

There is a real issue with cybersecurity alert fatigue. It is such a problem that TechRepublic ran an article titled “Why notification overload is killing enterprise cybersecurity teams“. Cybersecurity fatigue affects 72% of organizations and part of the problem is the cybersecurity skills gap that only seems to be widening, rather than closing. Basically, the conclusion of a Bitdefender report called CISO’s Hardest Burden is that unless companies have enough personnel to deal with the incoming threat reports, they cannot improve their security.

And if cybersecurity teams, or the lone IT professional tasked with anything & everything within the organization (including cybersecurity, which is not a hobby), are overwhelmed, what does that mean for the cybersecurity defense of the organisation? Troy Wilkinson, CEO of Axiom Cyber Solutions, has frequently discussed that a company’s risk factor exponentially increases from the time that a vulnerability is disclosed to the time that a patch is applied yet still so many organizations are struggling to stay on top of their cybersecurity defense.

The result of the mismatch between the magnitude of threat data and the qualified resources needed to analyze and respond to new threats is increasingly costly and damaging data breaches across all industries from healthcare to financial services to retail and food service.

The problem with threat intelligence data is that it does require that someone in the organization to analyze and apply changes. Changes that may need to go through a strenuous and timely change management approval process which further slows down apply patches to maintain a secure cyber defense. And by the time that a change to the defense may be approved, there are thousands of other possible changes that have come through. So where does it end?

Axiom’s Polymorphic Threat Defense System

Recognizing the need to marry threat intelligence with action, Axiom Cyber Solutions developed its Polymorphic Threat Defense Systems used by both our Axiom SecureAmerica and Axiom Shield products. Axiom has curated over 100 open and closed sources of threat data to bring into our platform which allows us to currently push out over 350,000 threat data points a day to our clients. And to steal a line from “As Seen on TV”…but wait there’s more… one of the beautiful things about connecting with Axiom’s platform is that it requires no action on the part of the customer. All updates from our platform are fully automated and applied without intervention.

Threat actors are constantly evolving their tactics, methods, and connection points. It is important that we also evolve our defenses just as fast, if not faster, to ensure that we are doing our best to protect our businesses.

If you are interested in more information about Axiom’s Polymorphic Threat Defense System, please contact us or call 800-519-5070.

Cybersecurity and the Medical Field: Six Solutions You Should Implement Today

Cybersecurity and the Medical Field: Six Solutions You Should Implement Today

United States healthcare organizations, from small two-person offices to massive hospitals, need to draw their attention to cybersecurity. While many medical personnel don’t understand or think they need it, a recent report by the U.S. Department of Health & Human Services on cybersecurity disagrees.

The industry must come together to address this growing concern and this blog will give you six solid ways to do so.

 

Why Healthcare Organizations are Targeted

According to the Identity Theft Resource Center, social security numbers have the possibility of being more exposed in healthcare than any other industry.

In addition, because doctors’ offices, hospitals and suppliers are often interconnected with Electronic Health Records, once a cybercriminal breaches one system, it’s much easier to crack into others.

Unlike credit card numbers that are generally used within a few minutes to a few days of being stolen, health records are valuable to a bad actor up to ten years after they capture the data. If the patient information is sensitive in nature, it can be used a blackmail against them.

One other important note, health records are ten to sixty times more valuable on the dark web than credit card information.

 

How Bad Actors Get In

Nurses, doctors and administrators typically don’t understand data breach risks; therefore, cybercriminals access patient records in one or more of the following ways:

  1. While smart devices help diagnose and treat patients, they often have the lowest level of encryption which make them great entry points
  2. Legacy hardware that doesn’t support current operating systems and applications and software that hasn’t been upgraded and updated is another method
  3. Electronic Health Records (EHRs), that are purposefully or accidently given to the wrong individuals
  4. Patient portals that do not have end-to-end encryption

Unfortunately, even today, only 25% of all U.S. hospitals have a designated cybersecurity specialist, according to Healthcare IT News. This makes reporting and monitoring difficult.

Ignoring Cybersecurity is Risky Business

If patient data is stolen or compromised, your organization will be held accountable under HIPPA guidelines and will incur heavy regulatory fines. In addition, if enough records are exposed, your brand reputation will suffer leaving patients to possibly seek other medical options. Last, if your records are held for ransomware, you may have to pay millions of dollars for return of those records.

 

Six Effective Cybersecurity Solutions

  1. Put one individual in charge of cybersecurity.
    Whether you run a small office or a sprawling medical complex, one person needs to oversee cybersecurity. This person will set policy. They will be the conduit to others to report problems and suspected breaches.
  2. Complete a benefit/risk analysis of all connected devices.
    What is the value of each device? Is there an alternative product that offers a better cybersecurity choice? What is your BYOD policy? A complete analysis should be completed before moving to the next step.
  3. Set in place cybersecurity standards and practices.
    Once a thorough analysis of your hardware, software and network solutions is concluded, which should include virtual workers and suppliers that can tie into your network, you are armed with enough information to move forward on an effective policy. Work with outside consultants who can analyze your vulnerabilities effectively.
  4. Subscribe to updates from the Health Care Industry Cybersecurity Task Force.
    This 21-member task force is responsible for researching and making recommendations on healthcare cybersecurity initiatives. They offer best practices, on an ongoing basis, to prepare your organization against an attack.
  1. Implement a strong continuous monitoring solution.
    Effective cybersecurity starts by protecting the data that resides on the network. Failure to have 24/7 monitoring can result in data loss, ransomware and impact your brand integrity.
  2. Outsource cybersecurity.
    The funding required to hire, train and keep cybersecurity talent may simply not be available for small-to-medium medical facilities. Tack on assessment software and monitoring solutions, which can be enough to push your small IT budget over the edge, not allowing you to move forward on other needed equipment upgrades. Outsourcing handles all of the above concerns and more.

Axiom Cyber Solutions Can Protect Your Medical Establishment

We offer the world’s first polymorphic cyber defense platform that can identify the newest threats, vulnerabilities, and automatically dispatch updates in real-time. This included ransomware and DDoS mitigation, as well as, dynamic dark web protection. Contact us today to learn more about how we can protect your data today!

Healthcare Cybersecurity Woes

Healthcare Cybersecurity Woes

2018 has not gotten off to a good start in the healthcare industry cybersecurity. Still the top targeted industry, we have seen hospital groups and one of the electronic medical record companies fall to very preventable SamSam ransomware attacks.

SamSam infections are troubling

The recent attacks with SamSam ransomware is particularly concerning because it requires the attacker to be inside the victim’s computer network to manually activate the ransomware. This means that the attacker(s) who held Hancock Health, AllScripts, the Colorado Department of Transportation, and most recently at the time of writing, the City of Atlanta, Georgia ransom had remote access to the computer systems of all those organizations.

Research shows cyberattacks have lethal results

Dr. Sung Choi, a researcher at Vanderbilt University’s Owen Graduate School of Management, has found that 2,100 deaths can be linked to hospital data breaches and lack of cybersecurity protections. The reason is that breaches “trigger remediation activities, regulatory inquires and litigation in the years following a breach…” and these activities affect the performance of the facility, leading to quality issues.

Thinking to the large-scale ransomware attack on Hollywood Presbyterian Medical Center in Los Angeles in February 2016 that brought their computer systems down for weeks, when the attack was at its worst, the hospital had to divert ambulances and even transfer patients to nearby medical facilities for treatment. When WannaCry ransomware hit 16 hospitals in May 2017, at least one facility had to cancel 10 scheduled operations due to computer system outages.

So what do healthcare organizations need to do?

The first step is identifying what is on your network. It is surprising how many organizations have no idea how many computers or internet-connected devices are on their networks, much less their protection status. How can you protect your systems and data if you don’t even know where they reside?

The questions “Do you have a firewall” and “when was it last updated” seems to catch many organizations off-guard and the all too common answer is that “I think my IT guy put one in and I’m sure he’s keeping it up to date”. But that’s not good enough. As an office manager or administrator, you need to know that you have all the protections in place not only to maintain HIPAA compliance but really because you care about your patient’s data and safety.

Contact Axiom today for a short and complimentary cybersecurity risk assessment to go over your cybersecurity strategy. Contact us or call 800-519-5070 to speak with one of our qualified cybersecurity experts.

Are you PCI Compliant?

Are you PCI Compliant?

Does your business process credit cards? Would you be able to continue operating if you lost the ability to process cards?

If your business relies on credit cards to conduct business, there are certain cybersecurity measures you must implement to comply with the Payment Card Industry Data Security Standard (PCI-DSS). A common misperception of PCI-DSS is that if you don’t store credit card information, you don’t have to be PCI compliant but that simply is not true. The PCI standards also apply to handling of data while it is processed or transmitted over the computer network, phone lines, and even fax. So unless you are using point-to-point encryption AND tokenization, you will need to comply with PCI-DSS.

Another misconception is that payment card processors do not fine small companies when they have a breach and while fines are typically levied with merchants that process more than a million transactions a year, if you suffer a breach of cardholder data you will be liable for chargeback amounts, credit monitoring costs, and could be on the hook for compliance auditing costs as well as lose your ability to process credit cards.

The PCI-DSS requirements mirror data security best practices and a few of key requirements are:

Requirement 1: Install and maintain a firewall configuration to protect cardholder data

Requirement 1 requires that businesses that process or transmit credit card data to have a firewall to protect the cardholder data. It further dictates that the firewall configuration needs to be reviewed every six months and that you must block bogus IP addresses (Bogons) from accessing the network from outside.

Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs

Requirement 5 requires that the business implement anti-virus software on all computers that could be compromised (5.1) and also that the anti-virus is able to detect, block, and remove known malicious software (5.1.2). While there are free anti-virus options available, many are limited in their capabilities and also do not provide the same level of protection as paid anti-virus. Additionally, anti-virus programs are not expensive (as low as $2.50 per computer per month from Axiom) so why would you take the risk that your computers could be infected by credit card stealing malware or locked up by ransomware?

Requirement 5 also states that you must ensure that the anti-virus programs are kept up-to-date, perform regular scans, and that you maintain an audit log (5.2) And anti-virus programs also cannot be disabled by users (5.3) unless justified and approved by management.

Requirement 6: Develop and maintain secure systems and applications

Requirement 6 guides companies to establish a method of conducting security assessments (6.1) to identify vulnerabilities and assign a risk rating (low, medium, high, critical) to found vulnerabilities. The requirement also requires that companies install security patches for known vulnerabilities within one month of the patch being released (6.2).

How Axiom can help with PCI Compliance

Axiom is able to assist with fulfilling all of the PCI-DSS requirements listed above through our combination of hardware and software services. If any of the requirements give you pause, contact us today for a free consultation at (800) 519-5070 Ext. 7

For more information on PCI-DSS, you may find the official PCI DSS Quick Reference Guide helpful.

Why Hackers Target SMEs and Why You Need to Take Threats to Your Business Seriously

Why Hackers Target SMEs and Why You Need to Take Threats to Your Business Seriously

Between tight budgets and simply having too many other things to worry about, SME owners often overlook cybersecurity. The thought is that because the company is so small, no hacker would waste his or her time trying to gain access to the information you possess.

This logic is simply wrong. Around half of the cyber attacks that occur each year are on small businesses, and this number is expected to grow in the future. Ignoring cybersecurity is taking on an unnecessary risk for your business that could cost you big time down the road.

But why do hackers target SMEs? It is true they have a lot less information, and hacking into a large corporation stands to be a lot more lucrative. Well, the simple answer is that they are just easier targets. They know that a lot of small businesses don’t consider themselves worthy of hackers’ attention, and they know they have a better chance of stealing information and getting away with it. To hack into a larger company, hackers would need to bypass much more advanced security measures. They are often unsuccessful in doing this, so going after SMEs ends up being the better move.

Plus, just because your business is small doesn’t mean that it doesn’t have valuable information. Credit card data, identification numbers, mobile phone numbers, etc. are all worth something, and if a hacker can steal this information from enough companies, they can sell it and make a fair bit of money. So perhaps the real question is why wouldn’t hackers target SMEs?

If this isn’t enough to convince you to take cybersecurity seriously, consider the consequences that this decision can have on your business.

Reputation damage

Often times, one of the things that helps a small business stand out from the competition is its reputation and relationship with customers. People are more likely to trust small companies, and are usually more loyal to them because of this.

However, if you lose people’s data and expose them to unnecessary cybersecurity threats, this trust will be gone in no time, and you may not be able to convince them to come back to you. This damage to your reputation could be the eventual downfall of your entire business.

Recovery is expensive

Beyond just the damage a cyber attack would do to your reputation, you will also be facing a steep financial hill. You may need to pay retributions to customers for lost data, and there is a chance you will face lawsuits, which are always expensive.

This alone could be enough to send your business under, and that is not even counting all the time and resources you’ll have to dedicate to cleaning up from an attack. Diverting energy away from core business functions can run you into the ground quickly. It is no wonder 60 percent of all small businesses fail within six months of a cyber attack.

Lost value

There may come a day when you decide to sell your business. And when determining the value of your company, investors will look at how well you account for and mitigate risks. If you’ve been the victim of a cyber attack, or if you do not have a good plan in place for them, this will reflect negatively on the value of your business, causing investors to give you a much lower valuation, or perhaps even walk away without making an offer.

It just makes good business sense

It really comes down to this. You wouldn’t leave the front door of your home or office unlocked so that anyone who wants to steal from you can just walk in whenever they want. So why would you leave your business unprotected from cyber threats? It may require some extra time and a little investment, but this is well worth it considering the alternative may mean going out of business and losing everything.

About the author: Jock is an entrepreneur who has built and sold several online businesses throughout his career, including a website dedicated to home and business internet security. Connect with Jock on LinkedIn here.

What is Firewall-as-a-Service?

What is Firewall-as-a-Service?

The firewall is one of the most important components of cybersecurity. The firewall sits at the edge of the internet connection filtering everything going into and out of the business.

One of the biggest gaps in any company’s cybersecurity strategy is constantly updating the firewall against the latest threat. Once a new threat or vulnerability is identified in the world, hackers have a new tool to break into your business. Your risk only increases until you patch your firewall against that threat. This is the cornerstone why Axiom was founded.

Not only do we provide proprietary Axiom technology that can process packets faster than other chipsets on the market, we fully configure the device for every business because no two businesses are the same. We then manage that device so that as new configurations become necessary, such as VPN tunnels or open ports, our experts can make those changes securely, so you don’t have to worry about accidentally leaving a backdoor open to hackers when changes are made.

The devices are monitored 24/7 by certified cybersecurity experts for indicators of compromise (IoC) as well as breach activity and attacks such as DDoS or ransomware. Our engineers monitor uptime and will reach out to the client if we see an outage, a major attack, or an advanced persistent threat.

Most importantly, our devices are updated more than 52,000 times per year. Because we fully manage the firewall, we can provide the most broad-spectrum updates in the industry. Behaviors, signatures, definitions, access control lists, heuristics, black lists, block lists, encryption algorithms and much more can be updated without the need to restart the device. Because of this advance in technology, we are able to reduce the amount of time from identification of a vulnerability to patching against it down to minutes rather than months.

Our updates originate from the SecureAmerica Threat Defense platform which is Axiom’s proprietary big data analytics engine that brings in multiple threat feeds from open and closed sources of vulnerability and hacker information. The platform then creates an update that is specific for our customers and pushes it out in real time. Our clients also become sources of threat intelligence. If their device sees a “Zero Day” attack, our firewall will send that to the platform and the update creation process begins. Within minutes of a client seeing a new threat, every Axiom customer is protected against it.

Axiom also provides real time feedback through our customer portal. This allows business owners and executives to get a real time look into what may be hitting their company. For IT administrators, there is a dashboard feature coming soon that will give full local visibility into logs, configurations, connections, and prevention statistics. Each month, the designated executive will receive summary reports so that you understand the tremendous value Axiom brings. When’s the last time your firewall emailed you to let you know it’s doing its job?

One of the benefits of Firewall as a Service is the need for less staff to manage it. Cybersecurity staff members can be costly and hard to find. Cybersecurity jobs are plentiful and employees to fill these roles are increasingly hard to find. Axiom can save businesses thousands of dollars in staff dollars alone. Another benefit is lower TCO or “total cost of ownership”. Because the hardware is included in the monthly subscription, there’s no large outlay of capital. Next generation firewalls can cost hundreds or thousands of dollars depending on throughput. With Axiom, you get the right device for your business at a low monthly subscription you can afford.

Another benefit is the unlimited change requests and support. Our engineers are here 24/7 to assist with whatever changes are needed and any tech support questions about our device or platform.

Call today to see if you qualify for a trial of the Axiom Firewall as a Service. Once you get your first monthly report of all the threats and attacks Axiom is able to prevent, we’re confident you’ll want to keep us in place.

Forget Everything You Knew about Safe Passwords

Forget Everything You Knew about Safe Passwords

Last month, the father of the 2003 NIST password guidelines said that he got it wrong and the way we are creating passwords to be a completely random string of characters and the frequency we change our passwords is making it harder on all of us but easier for cyber-criminals to crack.

The complexity of the old password guidance led to many bad password habits such as just replacing letters with the equivalent in numbers (‘o’ for zeros, e for threes, etc) and letters for characters (@ for a, $ for s) so that they could more easily be remembered. In fact, it was found that the standard eight-character password with special characters could be cracked faster than a 20-character password without special characters.

The old requirement to change passwords so often also led to many users simply reusing their passwords on multiple sites which again, made things easy for cyber-criminals when there was a breach. There has not been any evidence that your password becomes more hackable because it’s in use for more than 90-days. Plus, when we were forced to change our password too frequently, many times users would just shift one letter in the password which cyber-criminals quickly caught on to.

And believe it or not, a completely random password that does not use words are actually easier for hackers to crack than long, weird words or phrases that you can easily remember.

New guidelines throw everything we’ve been told to the wind like using a mix of upper & lower case letters, the use of special characters, and changing your password frequently. Now the password experts say that we should make our passwords long and memorable. Using a phrase that is unique to you, in conjunction of special characters if you are forced to use them (within the phrase, not within words), will make it harder for hackers and their cracking software to compromise your passwords.

Also, think about the system you are accessing and whether or not it needs a strong, unique password or is it ok to reuse a password for a site that just has your name, email, and password? For instance, do you really mind it if a hacker got access to your online recipe lists?

You might think that the password to your online bank is the most important password but you may be surprised to find that your email and social media passwords may be more sensitive because of the “Forgot Password” feature in systems that would allow a hacker that compromised your email account to reset your online banking access.

But passwords and one-time multi-factor authentication (like a SMS), are not bullet-proof protection as they can be hacked and hijacked. A recent, terrible example of account take-overs has been in the crypto-currency space where hackers are compromising email and mobile telephone accounts and emptying crypto-currency wallets. Users will need to continue to be vigilant and take every precaution to secure their most sensitive accounts.