security – Cooper Mann Consulting

April 7, 2026

AI and Cybersecurity: Don’t Trust, Always Verify

Faster, cheaper and more scalable

The advancements in artificial intelligence are reshaping the landscape of cybersecurity, with AI now the single biggest force in the network. AI can discover vulnerabilities faster, it can execute highly scalable automated attacks, and it can help malware adapt and change to avoid detection or gain new capability. In cybersecurity defense, AI is used for real-time threat detection, and it facilitates automated response and triage capabilities, too. But part of the trouble comes from within, where companies are increasingly deploying AI tools without properly securing them, creating entirely new risks for businesses to consider.

The internet is run by machines

Human users versus hackers is no longer a model that applies when it comes to internet security. AI and bot traffic is growing far faster than human user traffic, and automation has given way to AI-driven fraud, account takeovers, credential stuffing and scraping and more. Large-scale attacks are far easier and cheaper to deploy, allowing a literal explosion of bots and automated traffic – machines running machines – across the internet.

You are the product

Free games aren’t really free. Even what seems to be a harmless activity can become a conduit of valuable data, conducting surveillance and recording information. Individual bits of data may not have great meaning, but in aggregate it might. The telemetry gained from devices and applications provides location information, networking and proximity data and more. The exchange of convenience or enjoyment for security and privacy is a well-known tradeoff that bad actors exploit continuously.

Identity is the new attack surface

It used to be that cybersecurity focused on the devices – the endpoints which represented the way into the network. Endpoint security is essential, yet it is the user identity which is the vulnerable element. It has been said that bad actors aren’t hacking systems any longer, they’re just logging in. This means that stolen credentials drive the majority of system breaches. Breaking into and highjacking active sessions, bypassing MFA challenges, and performing other identity-based attacks is now forcing a shift toward continuous authentication and a completely Zero Trust (never trust, always verify) security model.

Cybersecurity has never been easy, but it is harder than ever now that AI is involved. There’s a market out there for enabling the bad guys, like cybercrime as a business model. It’s organized and scalable and terrifying. More than ever before, cyber risk is tied directly to business risk, making security something far more than just IT.

Make Sense?

January 15, 2025

Phishing, Cybersecurity and Your Small Business

Phishing can have a significant and often devastating impact on small businesses. Unlike larger organizations, small businesses typically have fewer resources to dedicate to cybersecurity, making them an attractive target for cybercriminals.

Small businesses can be impacted by phishing and other types of attacks in ways that might not have been considered before. Here are some of the more common ways that phishing attacks can impact the business:

Financial Loss
Phishing attacks often result in direct financial losses due to funds being stolen, fraudulent payments being made, and ransoms being paid. Cybercriminals often use phishing emails to trick employees into transferring money to fraudulent bank accounts, and attackers may impersonate legitimate vendors or clients to request fake payments. Worse, phishing emails can be used to deliver ransomware, locking up or encrypting critical systems or data until a ransom is paid.

For small businesses, even a single financial loss can be catastrophic.

Data Breaches
Phishing can lead to the compromise of sensitive business information or customer data, such as customer personal information or payment details, employee credentials or other private information of the employee, or business trade secrets and other proprietary business data. Data breaches can easily result in legal liabilities, fines, and damage to the business reputation.

Reputational Damage
When a phishing attack exposes sensitive customer information or disrupts services, it erodes customer trust. This can lead to clients taking their business elsewhere and makes attracting new customers harder. It could also impact vendor relationships, causing partners to view the business as a weak link in the supply chain.

Operational Disruption
Cyber-attacks, including phishing attacks, can disrupt business operations and cause numerous problems. Ransomware or malware delivered through phishing emails can render IT systems unusable, causing loss of productivity. If employees lose access to critical tools, files, or data, there will be delays in work and projects. Businesses also must divert time and resources to recover from attacks, taking away from regular business operations and revenue-generating activities.

Why Small Businesses Are Often Targeted
Small businesses are rich targets for cyber-attacks, especially phishing, because they often have weaker defenses compared to larger enterprises. Often made up of a few trusted employees, small businesses are attacked in ways that exploit trust and personal familiarity. Due to many small businesses having weaker cyber-defenses, attackers can find high payoffs in financial rewards or valuable data with a single successful phishing attack.

Noobeh Helps Businesses Protect Themselves
Every business should teach their employees how to recognize and report phishing emails, and MFA (multi-factor authentication) should protect all accounts, but human beings can only do so much, so it makes sense to implement tools that can put additional intelligence behind your services and defend your systems to help keep the problem from ever getting to your users.

Our team at Noobeh recommends and provisions Microsoft Defender for Office 365 to block phishing emails and messages with malicious links and content. Advanced email security helps reduce inbox spam and blocks messages from spoofed senders, which helps prevent users from interacting with bad emails and potentially exposing protected information.

Email protection is only part of the needed coverage. Noobeh also recommends having strong endpoint protection solutions to detect and prevent phishing-related malware and other attacks. Microsoft Defender for Endpoints does this, working seamlessly with our remote monitoring and management and your other Microsoft services to provide a higher level of protection for the business.

By understanding the risks and taking proactive measures, small businesses can minimize the impact of phishing attacks and protect their operations, reputation, and customers.

jm bunny feet Make Sense?

July 9, 2024

Cybersecurity and Small Business

Small businesses face many challenges as they grow and expand, and chief among them is the growing threat of cyber-attack. As the company grows, its value to cybercriminals grows, too. Implementing comprehensive cybersecurity measures is essential to maintaining customer trust and safeguarding important business data against these threats.

There is a belief among small business owners that their operations are too small or insignificant to be attractive targets for cybercriminals. Cybercriminals, on the other hand, more often view small businesses as easy targets. Why is this? Largely because the bad guys know that the smaller companies aren’t spending on cybersecurity services and tools and aren’t always keeping their workers informed about ways they can participate in keeping things safe.

To help protect the business from cybersecurity threats, it is crucial to invest in some key security measures. Longer and more complex passwords, regular software patching and updating, and periodic training for employees on how to identify phishing attempts and what to do with suspicious emails is a good start. Cybersecurity efforts should scale with the business, and this requires strategic planning that is aligned with the goals and objectives of the business.

The best cybersecurity approaches are built on a secure foundation, and this is what helps to support business growth and expansion. For every business, there are four cornerstones of a solid cybersecurity foundation.

Identifying potential cyber threats and understanding the business risk they represent.
Enforcing strong password protection and role-based access controls.
Following best practices in cybersecurity.
Managing documentation and vital business information securely.

Cybercriminals know that smaller businesses generally have limited cybersecurity resources, making small businesses prime targets for phishing and malware. What is the potential impact of falling for a phishing email, or what happens if there is a ransomware attack? Each type of threat carries different levels of risk, and growing businesses should be aware of the potential financial, legal and reputational impacts when evaluating their approach.

Businesses can help their users become part of the cybersecurity plan by regularly training them on phishing methods and ways to avoid ransomware or malware. When users know more about emerging threats and how to recognize and report suspicious things, they become valuable assets in the improvement of cybersecurity of the business.

The first line of defense in cybersecurity is the username/password challenge. Many systems today use an email address as the username or user ID, which means it really isn’t much of a challenge to guess. This leaves it to the password to keep the account secure, so a strong and unique password is necessary.

Making another challenge to the authentication adds another layer of protection to the account. Referred to as 2FA or MFA (two-factor authentication or multi-factor authentication), users may be required to respond to an in-app message, provide a code received via SMS or other, or provide a code from an authenticating application to satisfy the login requirements. This additional challenge to the user identity makes it harder for cybercriminals to gain unauthorized access.

Ensuring the protection of sensitive business information requires controlling what users have access to once they are in the system. If someone were to gain unauthorized access, having appropriate role-based access controls in place would limit their ability to get sensitive data. This is often another area of vulnerability for smaller businesses that don’t implement strict document controls or structures, opting instead for an open self-service model that leaves data available to whomever can get logged in.

With businesses changing frequently, it is important to not just create a framework to limit user access, but to keep user and role-based access reviewed and updated regularly. Software and systems also need to be updated regularly. Known software vulnerabilities should be patched and security updates installed on devices, and policies enforcing updates and antivirus/malware detection should be implemented.

We understand that businesses must enhance their cybersecurity strategies to combat the growing number and type of cyber threats, and it can be challenging just figuring out what to do first. Working with a variety of technologies and specialists, we can help secure your digital environment and keep you better-protected from the bad guys.

jm bunny feet Make Sense?

March 11, 2024

Cybersecurity and Retail Should Always Go Together

Retail cybersecurity is a critical concern for every business in the retail industry, which is why cybersecurity and retail should always go together. Retailers are prime targets for cyberattacks due to the valuable customer data they collect, which usually includes personally identifiable information (PII) and credit card numbers. Retailers can handle large volumes of customer data, which becomes an attractive target for cybercriminals seeking to profit from selling it on the dark web.

Recent statistics from various sources suggest that more than 24% of cyberattacks specifically target retailers, making it one of the most heavily targeted industries. Roughly one third of retailers cite cybersecurity concerns as their primary obstacle in transitioning to e-commerce, with cost and technology barriers coming close behind.

For the bad guys, however, it is all about the money. Almost all retail cyberattacks are driven by financial motives. When consumer data is compromised, most of the information exposed consists of payment information and personally identifiable data which can fetch a good price on the dark web.

Retail cybersecurity threats occur because the environment tends to have a lot of elements. The hybrid nature of many retail businesses introduces additional risk, where brick-and-mortar stores are combined with e-commerce platforms and services.

NFC (Near Field Communications) vulnerabilities exist in some payment systems, and many Point of Sale (POS) systems still do not use point-to-point encryption for their communications. Even if communication streams are encrypted, it makes little difference if the software has known vulnerabilities or if insecure plugins or add-ons are being used.

Cloud-based storage and mobile apps increase the presence of stored data online, which increasingly leads to new threat vectors like cloud-based botnets and more.

The key is for businesses to prioritize security and invest in platforms and solutions that will help protect customer and business data. Critical in this effort is the implementation of IT best practices in regularly updating operating system and application software, limiting the access users have for installing or modifying software on their devices, and always monitoring the systems for vulnerabilities.

Like cybersecurity and retailers, Noobeh and secure IT go together. We help retail and other businesses proactively address cybersecurity challenges so they can protect both their business and their customers. Noobeh cloud services helps retailers secure their business servers and systems, delivering scalable, high availability and highly agile solutions that keep business and finance operations running.

Noobeh provides services for Microsoft 365 and Microsoft Azure platform and deploys solutions for manufacturing, inventory management, multi-channel commerce, EDI, financial and more. Get together with Noobeh and find out how we can help your business operate more securely and with better, more agile and resilient IT.

jm bunny feet Make Sense?

February 8, 2024

Prey or Empowered? Small Businesses and IT Security

Now more than ever, small businesses need to be vigilant with their information technology security. Small businesses may not be the big fish in the sea, but there are plenty of them out there to catch. Small businesses tend to make the best targets because they often fail to perform security audits, they may not be willing to invest in the resources needed to protect themselves, and they frequently don’t even carry the right insurance coverages. To hackers, small businesses are easy prey.

“Don’t think you are too small to be affected,” says Erik Knight, the founder and CEO of SimpleWAN. “Every place you have an employee or office is a potential entry point. Take it seriously; if you have something worth taking, a hacker will try to take it.”
https://www.forbes.com/…

There are a few things every business can do to improve the security and privacy of their data. It isn’t an option any longer; these are essential elements in an overall security strategy that can make the difference between staying in business and not.

Use strong passwords, not easy-to-guess words, phrases or sequences (1234 is not a strong password). Passwords should be unique, more than 8 characters in length, and have a mix of numbers, letters, and special characters.

Keep software updated. Whether it is the operating system on your computer or the software you use to write letters, having up-to-date software matters. Developers don’t just upgrade software to fix bugs or introduce new features; software often gets updated because of security issues or vulnerabilities.

Keep networks and connected devices secure to make sure that the computers and connections aren’t introducing weaknesses into your system. Not only are password controls and software updates needed, but firewall security and good anti-virus/anti-malware solutions are also a must. Keeping an eye on the server matters, but the connecting points and end points are where many vulnerabilities exist.

Set up two-factor or multi-factor authentication to further secure logins. 2FA and MFA is like having ID besides just your driver’s license to prove you are who you say you are. Your password, like your DL, is just one factor; you need one more thing to prove your identity for 2FA, like a code from your phone or maybe your fingerprint. The point is that there should be more than just a username and password to access important data.

Restrict use of personal email or social media on work devices. This gets a little trickier with smaller businesses, as many don’t or can’t support providing users with all company-owned devices. There are tradeoffs to allowing users to bring their own devices (byod) versus using company-owned devices. When mobile devices are part of the mix along with desktop and portable computers, it becomes even more complicated and the risk potential increases.

Use encryption for data in transit and data at rest. Encryption is like scrambling the data and then unscrambling it when you access it. In transit, data may be encrypted by a VPN so that it is protected over the wire (in motion) as it is sent and received on the network. RDP is also encrypted, but this remote access method’s main purpose is to keep the data from leaving the server in the first place. At rest, like when it is sitting on a hard drive or other storage location, data can also be encrypted. To open the file or file system, you need a key to decrypt it.

Keep all data backed up and create a way to rapidly recover your server and systems in the event of failure or compromise. Backups are great right up until you find they are as damaged or unrecoverable as your main system, so make sure to have a policy of testing your backups periodically. There are many ways to back up and protect your data, including external drives and cloud storage. If data gets lost or corrupted, you want to be able to restore it from a backup. Regularly audit your backup and data security practices to help identify weaknesses that make the business vulnerable.

Educating employees on the importance of cyber security is among the most important steps a business can take to protect itself. Keeping passwords secure and secret, knowing how to spot a phishing email and what to do and not do with it, not clicking on suspicious links in emails, not sharing personal or confidential information online, and what to do in the event of a breach are all things that should be regularly discussed with workers and supported by written policies.

Managed Azure cloud servers from Noobeh help you keep your business information more secure. Our services demand high levels of security and privacy, and we help our customers keep their data and systems safer and more secure by handling some of the requirements for them.

Strong password policies and MFA is our standard setup, and software updates and patching are part of the service.
Working on the cloud server keeps data on the server and not traversing the network or downloading to individual PCs, so information stays secure and separate from whatever a user runs on their local devices.
Data on the Azure virtual machines is encrypted at rest, and additional encryption is available to add more layers of protection. Data in motion is encrypted, but very little data actually traverses the wire.
Servers and data are backed up regularly with snapshots and file level backups, allowing for simple file restores as well as comprehensive system recovery.

For small businesses, Noobeh has the solution for creating a more secure and better protected IT environment where applications and data can be available to those who need them without compromising the investments already made in training and process development. Moving software and data to a private cloud server allows companies to continue using the software they rely on, just in a better way. Instead of being easy prey to hackers, our customers benefit from higher levels of IT administration, management and protection that empowers them to work the way they need to – any time, anywhere.

jm bunny feet Make Sense?

October 11, 2023

QuickBooks Desktop Enterprise 2024 Security Improvements: Now with 256-bit encryption

Intuit’s release of QuickBooks Enterprise and other desktop editions for 2024 have a variety of new features, and among them is an improved level of security for your business data. Upgrading from 128-bit encryption, QuickBooks Desktop 2024 now has AES 256-bit encryption.

256-bit encryption is the strongest and most robust encryption standard commercially available. It’s widely used because it’s virtually impenetrable to brute-force attacks. 256-bit encryption is an encryption technique that uses a 256-bit key to encrypt and decrypt data. Plain text is converted to a cipher, and the encryption key is required to decrypt the data and return it to readable plain text.

256-bit encryption is used in most modern encryption algorithms, protocols, and technologies, including AES in wireless security, processor security, file encryption, and SSL/TLS.

According to Intuit, “You can be confident your data is protected with our enhanced security using industry-leading AES 256-bit encryption. QuickBooks safeguards your reputation by protecting critical customer and vendor data, such as business financials, banking information, and credit card details.

This means we translate your information into a code that only we can read to make sure only you and Intuit have access to your information. The type of encryption we use is called AES-256 (Advanced Encryption Standard with 256-bit keys) and it ensures the highest level of cryptographic security.”

With a series of robust security steps and a complex 256-bit decryption key, AES 256-bit standard is nearly impossible to break using brute-force methods and has been approved for the handling of confidential data by the U.S. Government.

A brute force attack is when a hacker tries different combinations until they arrive at the correct combination – the key. The larger the key size, the more difficult it becomes to break the encryption. We’re talking about 256-bit keys. There are 984,665,640,564,039,457,584,007,913,129,639,936 (that’s 78 digits) possible combinations. Even if you use Tianhe-2 (MilkyWay-2), which was the 4th fastest supercomputer in the world in 2022, it will take millions of years to crack 256-bit AES encryption.

In case you’re interested: The fastest supercomputer in the world, ranked in June 2023, is Frontier, an HPE Cray EX system run by the US Department of Energy, Frontier incorporates 3rd Gen AMD EPYC™ CPUs representing 8,730,112 cores that have been optimized for high-performance computing (HPC) and AI with AMD Instinct™ 250X accelerators and Slingshot-11 interconnects. Its HPL benchmark was 1.194EFLOPS (EXA – 1 quintillion – floating point operations per second). (via networkworld.com). Frontier is faster than Tianhe-2, so breaking the key could take a little less time.

Breaking encryption with no known flaws is kind of like guessing a password. If you make enough guesses, you might eventually get the password right. With strong encryption, this can take a long time. AES-256 is the most secure version of AES and is virtually unbreakable by brute force based on current computing power. It’s also considered quantum-resistant, which means that quantum computers aren’t expected to crack the cipher.

How long would it take to crack 128-bit encryption using a brute force attack? Most security professionals would answer “1 billion years”, but that’s just an estimate. A machine that can crack a DES key in a second would take about 149 trillion years to crack a 128-bit AES key. According to researchers, with the right quantum computer, AES-128 would take about 2.6110^12 years to crack, while AES-256 would take 2.2910^32 years. For reference, the universe is currently about 1.38×10^10 years old, so cracking even an AES-128 encryption with a quantum computer could take hundreds of times longer than the universe is believed to have existed.

While Intuit is improving the security of the information it stores and transmits between its systems, your company should be equally concerned with the security and protection of all your business applications and data. Using strong password policies, multi-factor authentication, and SSL for secure web app access, Noobeh’s QBonAzure services provide layers of protection on top of the $20Bn in security investments made by Microsoft.

We take data security seriously, providing solutions to address access, security, privacy and protection for business applications and data. When your QuickBooks Enterprise deployment needs a solid foundation that offers agility and performance as well as strong platform security, we have that.

Visit MendelsonConsulting.com/cloud to learn more.

jm bunny feet Make Sense?