REAL Tech Support

It's interesting how many healthcare and dental practices still treat multi-factor authentication (MFA/2FA) as optional.

We lock the front doors. We control access to medication. We verify patient identities. Yet the systems holding patient records, insurance information, financial data, and internal communications are often protected by nothing more than a password.

The problem isn't that passwords are bad. The problem is that passwords were never designed to carry the entire burden of security on their own.

Cybercriminals aren't spending hours trying to "hack" into your systems anymore. They're logging in with credentials they purchased, stole, or tricked someone into giving away. To them, a username and password is often an invitation, not a barrier.

That's why 2FA has become one of the simplest and most effective security controls available today.

For a busy dental or medical practice, implementing 2FA isn't about adding another IT project to your plate. It's about recognizing that patient trust depends on more than clinical care. It also depends on protecting the systems that keep your practice running.

Most practice owners I speak with don't worry about technology because they love technology. They worry about it because they can't afford disruptions, compliance headaches, or distractions that pull their team away from patients.

The healthcare industry has spent years digitizing records, streamlining workflows, and improving patient experiences. Security needs to evolve alongside that progress. For practices throughout the Ohio Valley and beyond, protecting patient information isn't just good cybersecurity—it's part of delivering quality care.

If your team can still access critical systems with only a username and password, it may be time to ask a simple question:

Would you trust a lock on your front door if everyone had a copy of the key?

For more REAL-Cyber.com/words-of-wisdom

For years, cybersecurity advice has focused on protecting the network, securing endpoints, and training users not to click suspicious emails.

But what if the real battleground has quietly moved somewhere else?

According to Verizon's 2026 Data Breach Investigations Report, attackers are increasingly targeting the browser because that's where modern work happens. Cloud apps, Microsoft 365, patient management systems, banking portals, AI tools, and email all live inside a browser window now.

Think about your dental practice for a moment.

Your team may never touch a server. They may never log into a VPN. But they spend hours every day inside web-based applications handling patient records, insurance information, scheduling, and communications.

That's exactly why attackers are shifting their focus.

Modern phishing attacks aren't just stealing passwords anymore. They're stealing active browser sessions, bypassing MFA, abusing browser extensions, and impersonating trusted cloud services.

The uncomfortable question:

If your cybersecurity strategy is still focused primarily on antivirus, firewalls, and email filtering, are you protecting where your team actually works?

The browser has become the new endpoint.

For healthcare and dental practices, that means security awareness, browser controls, MFA, extension management, and cloud security are no longer "nice to have" discussions—they're patient data protection discussions.

Cybercriminals follow opportunity.

Today, opportunity lives in the browser.

For more REAL-Cyber.com/words-of-wisdom

Question today for my network:

I have found over the course of my professional (and admittedly sometimes personal life) that I fall prey to the "curse of knowledge". In no way sure that is a scientifically accepted term but basically refers to the phenomenon whereby you learn a new skill, gain a new insight, integrate some new understanding and then almost immediately assume that everyone around you already knows and you find it difficult to remember what it was like to not know....

That being said I want to encourage my peers in a way I have to encourage myself constantly. MOST of what you are learning at the cutting edge of any discipline, be it professional or personal, is not COMMON knowledge, it just isn't. Take pride in your hard work, the effort you spent to be where you are and who you are. You are not late to the party, you are not ubiquitous or expendable or mundane.

You are in fact (yes you reading this, and getting increasingly uncomfortable because ...insert cultural, childhood, religious hangups ;) ) unique, valuable, worthy, contributing.....

Just FYI :)

Does anyone else experience this in technical fields way too often? Like if you have! Comment to share how you experience this!

Everyone says “turn on MFA” like it’s some magical force field.

But what happens when the attacker stops trying to bypass MFA… and starts manipulating the person behind it instead?

That’s exactly what’s happening with MFA prompt bombing (also called MFA fatigue attacks). Attackers flood users with push notifications until someone finally clicks “Approve” out of frustration, confusion, or because a fake “IT support” call convinced them it was legitimate.

And yes — this worked against Cisco. The attackers gained VPN access after repeated MFA prompts and social engineering wore the employee down.

This is the uncomfortable reality businesses need to understand:

Cybersecurity controls fail when they rely entirely on exhausted humans making perfect decisions under pressure.

For dental practices, healthcare offices, and SMBs, this matters more than most people realize.

Your front desk staff is already juggling:

Patients waiting
Phones ringing
Insurance headaches
Scheduling chaos
Compliance requirements

Now imagine their phone starts blowing up with MFA prompts every few minutes.

At some point, somebody clicks the button just to make it stop.

That’s not stupidity.
That’s predictable human behavior.

The bigger issue? Many organizations still treat MFA as the finish line instead of one layer in a larger security strategy.

A few practical reminders:

Push notifications alone are no longer enough
Number matching and phishing-resistant MFA are becoming essential
Compromised passwords are often the real starting point
User training still matters because attackers target psychology, not just systems

Convenience is always fighting security.
Attackers know it.
They’re designing attacks around it.

The question isn’t whether your business uses MFA.

The question is:
Would your team recognize an MFA fatigue attack before it’s too late?

For more REAL-Cyber.com/words-of-wisdom

Most dental practices don’t think they’re a target for cybercrime… until they are.

This week, INTERPOL announced the takedown of more than 50 servers tied to malware and phishing operations used to steal credentials, spread ransomware, and compromise businesses worldwide.

That’s the good news.

The bad news? These attacks continue because small and mid-sized businesses are still viewed as the easiest entry point.

And dental practices check every box attackers look for:

Sensitive patient data
Busy staff juggling phones, patients, and email
Limited internal IT resources
Systems that can’t afford downtime

One phishing email clicked at the front desk can quickly become:

Locked patient records
Scheduling disruptions
HIPAA headaches
Reputation damage patients don’t forget

Cybersecurity in healthcare isn’t just about compliance anymore. It’s about operational survival.

Because when systems go down in a dental office, productivity stops immediately. Patients notice. Revenue stalls. Stress skyrockets.

The practices that handle this best aren’t necessarily the biggest. They’re the ones that take a proactive approach before something happens:

Staff phishing awareness training
Multi-factor authentication
Secure backups
Routine patching and monitoring
A real response plan when something goes wrong
Technology should support patient care—not become the reason it gets interrupted.

Small practices may not have enterprise budgets, but they absolutely need enterprise-level awareness.

For more REAL-Cyber.com/words-of-wisdom

Friday Post

This one is left field but relevant.

Does anyone else get the feeling we are living in an obviously contrived market? (cough, fake, cough, vague, cough, empty, cough, soulless?)

Well, I do.

The business culture feels odd. There is simultaneously, and seemingly, innovation, change, product launch, feature announcement, mergers, acquisitions, restructures, joint ventures, ground breakings, and.......nothing really getting actually BETTER for our clients, like really better?

I have a theory. You won't like it. Its gross, and lots of other things, but its Friday so you get to read it and I get to not look at LinkedIn for 2 days :)

Here goes:

In 2019 a simple (gemini) search (that's so funny to me) tells us:

"In 2019, US venture capital firms raised a total of $46.3 billion across 259 vehicles, representing the second-highest annual total in the decade preceding that year, despite a decline from 2018 levels. While fundraising was lower than 2018, the median fund size grew to $78.5 million, highlighting a trend toward larger funds."

Cool. Remember how great business was then? I mean really solid.

Fast forward:

"As of early 2026, the US venture capital landscape is experiencing a rapid rebound, with over $80 billion in new capital raised in Q1 alone, positioning 2026 to potentially be the strongest fundraising year since 2021. A massive pipeline of over $160 billion in additional capital is actively being raised, with AI mega-deals driving the majority of investment.

Available "Dry Powder": The total value of the US venture ecosystem reached a record $9.4 trillion by March 31, 2026, with AI-related companies dominating at roughly $5.8 trillion."

We don't have the time and I don't have the energy to discuss where all this "liquidity" came from......believe me we don't have the time.

Sufficive to say, there is a metric sh*t ton of cash in the market right now. Good right? No, it sucks.

Here is why:

When companies raise capital funds they MUST shift from focusing on clients to focusing on returns. The mandates shift, they don't have a choice. You went from building and working for BETTER...

For more REAL-cyber.com/words-of-wisdom

Think your front desk staff would ever approve a fake remote support request?

Most practice owners say no.

That’s exactly why attackers keep winning.

A hacking group known as “KongTuke” is now using Microsoft Teams to impersonate IT support staff and trick employees into granting remote access to company systems. Not phishing emails. Not suspicious attachments. A normal-looking Teams message. And once access is granted, the damage moves fast.

Healthcare and dental practices are especially vulnerable because staff are busy, multitasking, and trained to prioritize responsiveness.

One rushed click during a hectic Monday morning schedule can turn into:

Locked patient records
Cancelled appointments
HIPAA exposure
Insurance and billing disruptions
Days of operational downtime
Here’s the part most practices overlook:

Cybersecurity isn’t just about firewalls anymore.
It’s about human behavior under pressure.

If your team uses Microsoft Teams, Zoom, Slack, or remote support tools, ask yourself:

Does staff know how to verify IT requests?
Are remote access approvals restricted?
Could a fake “support technician” fool someone during a busy day?
Do you have protections in place if an account gets compromised?
Attackers are adapting because businesses are adapting.

And healthcare practices don’t get to pause patient care while sorting out a breach.

The practices that stay safest are the ones that assume attackers will eventually get creative — and train accordingly.

For more REAL-cyber.com/words-of-wisdom

“73 seconds to breach. 24 hours to patch.”

That’s the cybersecurity gap nobody wants to talk about.

Attackers aren’t waiting for your next IT meeting. They’re using AI to scan, exploit, and move through systems faster than most organizations can even identify there’s a problem.

One recent campaign reportedly hit over 2,500 devices across 106 countries in minutes. No Hollywood hackers. No nation-state magic. Just automation running faster than defenders can respond.

And here’s the uncomfortable reality for healthcare and dental practices:

Most offices still think “we passed compliance” means “we’re secure.”

It doesn’t.

HIPAA compliance doesn’t stop ransomware.
A patched firewall doesn’t guarantee protection.
And annual security reviews are basically snapshots in a world where threats evolve hourly.

The question practices should be asking is:

“What could get through our defenses today — and how fast would we know?”

Because when systems go down in a dental or healthcare office, it’s not just an IT issue anymore:

Appointments stop
Patient trust erodes
Staff productivity tanks
Compliance exposure skyrockets
Cybersecurity is shifting from reactive defense to continuous validation.

Not just checking boxes.
Not just installing updates.
Actually testing whether your protections work before attackers do.

The organizations that adapt to this shift early will have a massive advantage over the ones still relying on “set it and forget it” security.

The speed of attacks changed.
Defense strategies have to change with it.

For more REAL-Cyber.com/words-of-wisdom

Another week. Another “this platform is trusted by thousands of organizations” cybersecurity story.

This time, it’s Instructure’s Canvas platform.

Hackers reportedly exploited a vulnerability that allowed them to deface login portals across hundreds of schools and universities during finals week.

And here’s the uncomfortable part:

Most organizations still treat cybersecurity like an IT problem instead of a business continuity problem.

If a learning platform goes down during finals week, chaos follows.

If a dental practice management system goes down on a Monday morning?
Patients can’t be checked in.
Schedules disappear.
Insurance verification stops.
Staff panic starts immediately.

Different industry. Same operational reality.

The bigger lesson here isn’t just “patch your systems.”

It’s this:

Modern businesses are deeply dependent on third-party platforms they don’t fully control.

Cloud software.
Vendor integrations.
Patient portals.
Scheduling systems.
Remote access tools.

When one weak link gets exploited, everyone connected to it feels the blast radius.

That’s why cybersecurity today is less about building a giant wall and more about preparing for the moment something inevitably fails.

Because eventually, something will.

The organizations that recover fastest are usually the ones that already asked:
• What happens if this vendor gets breached?
• How quickly can we operate manually?
• Who has access to what?
• Are we monitoring unusual behavior?
• Do we actually have an incident response plan… or just a PDF nobody reads?

Cybersecurity isn’t paranoia anymore.

It’s operational resilience.

And attackers know exactly when your business can least afford downtime.

For more REAL-Cyber.com/words-of-wisdom

Your cybersecurity strategy is only as strong as the vendors connected to it.

That’s the uncomfortable lesson from the recent Itron breach. Hackers didn’t just access an internal corporate network — they reportedly gained access to systems tied to utility customers operating critical infrastructure.

Think about that for a second.

Water systems. Energy grids. Smart infrastructure.

All connected through trusted third parties.

For years, businesses treated vendor risk like a compliance checkbox:
✔️ Send questionnaire
✔️ Review SOC report
✔️ File paperwork away

Meanwhile, attackers evolved.

Modern cyberattacks aren’t always about smashing through your firewall anymore. Sometimes it’s easier to compromise a vendor that already has the keys to the building.

And this problem isn’t limited to utilities.

Healthcare practices rely on cloud imaging vendors, patient communication platforms, payment processors, and remote IT tools every single day. One weak link can become everyone’s problem.

That’s why “we trust our vendor” is not a cybersecurity strategy.

The real questions are:

What access do vendors actually have?
How quickly can access be revoked?
Are integrations segmented or wide open?
What happens if THEIR environment gets compromised tomorrow?

Because attackers already know something many businesses still ignore:

Third-party risk IS operational risk now.

The companies that survive the next wave of cyber threats won’t necessarily be the ones spending the most money.

They’ll be the ones asking harder questions before the breach happens.

For more REAL-Cyber.com/words-of-wisdom