by myCREcloud | Nov 4, 2021 | Uncategorized
Some of the biggest names in the technology industry are interested in having the US government invest in a “national research cloud” to centralize and share data sets and artificial intelligence with small tech companies and academic researchers.
The concept of a National Research Cloud (NRC) is to democratize education, research, and innovation. This would open the doors to smaller, less affluent universities and tech companies that would not have access to this data otherwise. The National Research Cloud has been received by bipartisan support in both the House and the Senate. and lawmakers in both houses have proposed bills that would create a task force of government to develop a path forward toward implementing an NRC. Last summer, some of the U.S.’s largest universities came together to express their interest. Universities, including Stanford and Ohio State, have openly expressed their approval of such a program.
by myCREcloud | Jan 13, 2022 | Uncategorized
At myCREcloud we are committed to providing our clients with a holistic approach to cloud computing. Taking a holistic approach to cloud implementation means considering the people, processes and technology involved. This approach will ensure that myCREcloud has a positive impact on your business for years to come.
A Holistic Approach
Place careful focus needs to be placed on the who, the what and the how of cloud in order to get to the benefits of a successful cloud.
Three key factors
- The Who: People To be able to implement the successfully, we must think about the users. Who are they? What type of cloud services do they need? The requirements of both business and technical users must be considered – a developer is likely to have far broader and more complex cloud service requirements than a sales user. IT engineers also need to consider the level of empowerment they will deliver to their end users – and whether their cloud management platform is flexible enough to support that empowerment.
- The What: Process Now, the fun really begins; defining what processes must be implemented to drive user satisfaction and ensure the cloud matches the business. The processes around ensuring myCREcloud conforms to the same security, auditing and regulatory and operational compliance standards of traditional IT – and that these management elements can be automated during cloud provision – must be defined. Additionally, defining processes related to managing the performance of cloud services and the capacity of cloud resources across both private and public clouds are essential, so that cloud availability and cost can be optimized.
- The How: Technology At myCREcloud, we believe that the cloud needs to integrate across existing IT systems and processes, including processes such as change management and testing. For peace of mind around future proofing, keep in mind that the cloud works across a broad range of underlying resources – from physical to virtual servers to different storage and network providers to converged infrastructures.
by myCREcloud | Nov 12, 2025 | Company
The dinosaurs never saw their end coming. The same is true for businesses that don’t understand what an extinction-level cyberthreat can do to their business and its future.
Cyber incidents have become routine, and all businesses, regardless of their size, are at risk. From AI-powered ransomware to supply chain compromises, today’s cybersecurity threats are smarter and harder to predict. What’s even scarier is that they’re evolving faster than traditional defenses can keep up.
In this blog, we’ll break down the top extinction-level cyberthreats every business leader should know. You’ll gain the clarity and insight you need to make smarter security decisions and stay one step ahead of what’s coming next.
The threat landscape: What you’re up against
Not all cyberthreats are created equal. Some are disruptive, but others can incapacitate your business entirely. These are extinction-level events, and they demand serious attention.
AI-powered ransomware
For cybercriminals, ransomware is a profitable enterprise, and with AI, they can do more harm than before. Gone are the days when attackers would cast their nets wide, trying to bait anyone who would fall for their scam. Today’s scams are highly sophisticated. Cybercriminals now use AI to analyze targets, identify weak points and lock down entire networks in hours.
Why it matters for leaders: With AI, cybercriminals can launch complex attacks at lightning speed, faster than human teams can detect or respond. The result? Disrupted operations, lost revenue and damage to your reputation and customer trust.
Advanced Persistent Threats (APTs)
APTs are silent operators. They infiltrate systems and quietly observe for weeks or months, collecting valuable data before making their move. Often, APTs are launched by organized criminal syndicates or nation-states, which means they have the resources and patience to wait for the perfect moment to strike.
Why it matters for leaders: APTs undermine trust. They can stay silent and quietly steal sensitive client data, intellectual property or trade secrets without you even realizing it until the damage is permanent.
Supply chain attacks
Supply chain attacks exploit the fact that businesses are all interconnected. You might have strong internal security, but what about your vendors, software providers or partners? One weak link in your ecosystem can open the door to an extinction-level threat.
Why it matters for leaders: Your business security is only as strong as its weakest link. It’s no longer enough to secure just your network; it’s equally important for you to know how your partners protect theirs.
Data breaches
A data breach isn’t just a security incident; it’s a trust crisis. Breaches often start with something as simple as a weak password, a misplaced laptop or an employee falling for a phishing email. Attackers can use these vulnerabilities to access customer records, financial information or employee data.
Why it matters for leaders: The aftermath of a breach is costly. Regulators impose fines, customers walk away and your competitors can use the incident to gain an edge while you scramble to recover from the security event.
Internet of Things (IoT) exploits
Smart IoT devices make life easier, but they also open the door to cyberattacks. From cameras to printers, many connected gadgets have weak security settings and are rarely updated, making them easy targets for criminals looking to infiltrate your network.
Why it matters for leaders: IoT devices are part of your workplace environment. Without visibility into IoT devices, businesses can become easy targets and attackers can exploit the hidden vulnerabilities to launch a company-wide breach.
Deepfakes and social engineering
We are moving into a world where, at times, we can’t trust our eyes and ears. Deepfakes and AI-driven scams make it easier for attackers to impersonate senior leaders, employees or partners. Criminals can use a convincing video call or voicemail to trick you into revealing critical company information.
Why it matters for leaders: As deepfake scams become more convincing, you’ll have to move beyond employee training. Policies and processes will have to evolve so that a convincing voice or video alone isn’t enough to authorize critical actions.
Cloud misconfigurations
The cloud has changed a lot of businesses. While it brings flexibility, it also brings risks. Simple mistakes like misconfigurations or permissions set too broadly can expose sensitive data to anyone who goes looking. A single mistake can land all your critical data in the wrong hands within hours.
Why it matters for leaders: Moving to the cloud doesn’t absolve you of your responsibilities; rather, it calls for increased monitoring. Misconfigurations are one of the easiest attack vectors for criminals, making regular cloud audits and automated safeguards essential to your defense.
Survival belongs to the prepared
Your business operates in a landscape where extinction-level threats aren’t science fiction. They are a real and growing danger for which we must all prepare. The difference between businesses that fall and those that thrive often comes down to preparation.
The good news is you don’t have to face these threats on your own. By leaning on a trusted IT partner like us, you gain:
· A clear view of your vulnerabilities
· Proactive monitoring that stops threats before they escalate
· Tested backup and recovery strategies that minimize downtime
· Strategic planning to ensure your tech evolves with the threat landscape
If you’re ready to evolve your cybersecurity strategy, we’re here to help. Schedule your no-obligation consultation today and take the first step towards resilience.
by myCREcloud | Sep 25, 2025 | Company
Cyber insurance is a type of insurance that protects businesses from financial losses that can result from a cyberattack. While it’s an essential tool for businesses of all sizes, there are some facts you should be aware of before purchasing a policy.
Just because you have cyber insurance, it doesn’t mean you are guaranteed a payout in the event of an incident. This is because you may not have the correct coverage for certain types of cyberattacks or you might have fallen out of compliance with your policy’s security requirements. As a result, it is critical to carefully review your policy and ensure that your business is adequately protected.
Learn from the past
Here are three real-life examples of denied cyber insurance claims:
Cottage Health vs. Columbia Casualty
The issue stemmed from a data breach at Cottage Health System. They notified their cyber insurer, Columbia Casualty Company, and filed a claim for coverage.
However, Columbia Casualty sought a declaratory judgment against Cottage Health, claiming that they were not obligated to defend or compensate Cottage Health because the insured didn’t comply with the terms of their policy. According to Columbia Casualty, Cottage Health agreed to maintain specific minimum risk controls as a condition of their coverage, which they then failed to do.
This case reminds organizations of the importance of reading their cyber policy, understanding what it contains and adhering to its terms.
BitPay vs. Massachusetts Bay Insurance Company
BitPay, a leading global cryptocurrency payment service provider, filed a $1.8 million insurance claim, but Massachusetts Bay Insurance Company denied it. The loss was caused by a phishing scam in which a hacker broke into the network of BitPay’s business partner, stole the credentials of the CFO of BitPay, pretended to be the CFO of BitPay and requested the transfer of more than 5,000 bitcoins to a fake account.
Massachusetts Bay Insurance stated in its denial that BitPay’s loss was not direct and thus was not covered by the policy. Massachusetts Bay Insurance asserted that having a business partner phished does not count as per the policy.
Although BitPay is appealing the denial, this case emphasizes the importance of carefully reviewing insurance policies to ensure you understand what scenarios are covered. This incident also highlights the importance of employee security awareness training and the need to reach out to an IT service provider if you don’t have a regular training policy.
International Control Services vs. Travelers Property Casualty Company
Travelers Property Casualty Company requested a district court to reject International Control Services’ ransomware attack claim. The company argues that International Control Services failed to properly use multifactor authentication (MFA), which was required to obtain cyber insurance. MFA is a type of authentication that uses multiple factors to confirm a user’s identity.
Travelers Property Casualty Company claims that International Control Services falsely stated on its policy application materials that MFA is required for employees and third parties to access email, log into the network remotely and access endpoints, servers, etc. They stated that International Control Services was only using the MFA protocol on its firewall and that access to its other systems, including its servers, which were the target of the ransomware attack in question, were not protected by MFA.
This case serves as a reminder that when it comes to underwriting policies, insurers are increasingly scrutinizing companies’ cybersecurity practices and that companies must be honest about their cybersecurity posture.
Travelers Property Casualty Company said it wants the court to declare the insurance contract null and void, annul the policy and declare it has no duty to reimburse or defend International Control Services for any claim.
Don’t be late to act
As we have seen, there are several reasons why businesses can be denied payouts from their cyber insurance policies. Sometimes, it could be due to a naive error, such as misinterpreting difficult-to-understand insurance jargon. In other cases, businesses may be maintaining poor cybersecurity hygiene.
An IT service provider can help you avoid these problems by working with you to assess your risks and develop a comprehensive cybersecurity plan. Feel free to reach out for a no-obligation consultation
by myCREcloud | Oct 6, 2025 | MSP, Resources
It’s crucial to keep all software and hardware up to date to maintain optimal security. If you don’t, cybercriminals can easily infiltrate your network and the chances for downtime increase significantly. However, many businesses don’t realize that expired software/hardware can actually be one of the most prominent security risks hindering their success.
If you are among those who continue to use unsupported software and hardware until it literally doesn’t work anymore, remember that it could be a severe hurdle to your organization’s daily operations and reputation.
We know there are many myths surrounding End of Service or End of Life that create a great deal of confusion for businesses like yours. This blog is intended to help you clear things up.
Debunking the myths
Without further ado, let’s debunk the most popular myths.
Myth #1: If it’s not broken, don’t fix (or replace) it
The adage “if it ain’t broke, don’t fix it” is popular, but it would not be wise to follow it when it comes to software and hardware. The truth is that if you fail to update your software and hardware when the time comes, you expose your network to security vulnerabilities, bugs and other issues.
There are several reasons to keep your software and hardware up to date. Newer software and hardware versions are usually more stable and less prone to crashes and bugs. Moreover, new updates frequently include security patches that keep you safe from cyberattacks. Finally, updates may include new features and enhancements that can make your life easier.
Next time you’re tempted to skip an update, remember you could be kickstarting a chain of events that’s not good for your organization.
Myth #2: End of Life means the product will no longer exist
Although the product will still be available, it will no longer receive security updates, new features or tech support from the manufacturer. This means that it will become increasingly vulnerable to security risks and may be unable to keep up with your workload.
It also implies your IT team will find it harder to keep your IT network and devices secure from cyberthreats. If you’re using a piece of hardware or software that has reached the end of its life cycle, you should consider upgrading to a newer model or investing in a new software license.
Myth #3: End of Service means I can still use the product until it breaks
While the software or hardware might still physically work, being in End-of-Life and End-of-Service state means there’s no longer a team of people working to not only improve the product but also look after, communicate, create and release patches should a new security vulnerability arise.
This could leave you prone to attacks, as well as unable to use new features and capabilities that are released. Knowing the End-of-Service dates for your software and hardware can help you plan ahead and ensure you’re not left in the dark when support ends.
Join hands for success
It’s probably your top priority to keep your software/hardware up to date so your business doesn’t suffer avoidable consequences. However, it can be too much to handle if you try to do it alone. This is where an IT service provider can be of assistance.
We can support you by offering vital guidance and expertise so you can decide what steps to take to keep your IT systems running smoothly and securely. If you’re interested in learning more, feel free to reach out for a consultation.
