Tag: cyber security awareness

  • Government backed cybersecurity agency CISA down to just 38% of its optimal staffing levels after funding cuts, what it means for your business

    Government backed cybersecurity agency CISA down to just 38% of its optimal staffing levels after funding cuts, what it means for your business

    CISA which stands for Cybersecurity & Infrastructure Security Agency is a federally recognized and funded cybersecurity agency that works to protect the United States from cyber threats, their mission statement reads:


    We lead the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.”


    CISA collects, analyzes, and shares threat intelligence so organizations can act before damage occurs. This includes vulnerability alerts, Known Exploited Vulnerabilities (KEV) catalog updates, and joint advisories with partners like the FBI and NSA. The goal is simple: shorten the time between “threat discovered” and “defenses updated.”


    Now due to federal cuts initiated by the Trump administration they’re operating at just 38% of their necessary staffing levels, these cuts included staff that worked under programs such as the counter-ransomware initiative and one that oversaw efforts to promote secure software development. Many of their employees were also reassigned to other agencies such as the Department of Homeland Security as funding and efforts are shifted to the administration’s immigration crackdowns.


    CISA has also been without a permanent director since Trump took office, leaving the agency both without the necessary manpower and crucial leadership guidance. While the agency continues to exist, it’s hard to ignore that these cuts may have a real time effect on our country’s national security. Business owners in particular should be wary of an increase in potential threat as bad actors may take advantage of this gap.


    Cuts to government programs such as these can trickle down to business owners, the effects will not be immediate but sustained cuts to CISA can quietly increase cyber risk, slow federal support, and shift more responsibility (and cost) onto businesses and their MSPs. These are four trickle down affects you should be aware of:

    1. Slower and shallower threat intelligence

    CISA is one of the primary pipes pushing timely threat intelligence to the private sector. If funding drops, you often see:


    • Fewer or slower vulnerability advisories
    • Less frequent updates to the Known Exploited Vulnerabilities catalog
    • Reduced joint analysis with FBI and NSA
    • Less sector-specific guidance

    Business impact:
    Owners and MSPs get less early warning. That increases dwell time for attackers and raises breach probability over time.


    2. Reduced free security services

    Many organizations (including SMBs, schools, local governments, and some private entities) rely on CISA’s no-cost services such as:

    • Cyber Hygiene scanning
    • Vulnerability disclosure coordination
    • Remote penetration testing (for eligible businesses)
    • Phishing campaign assessments

    If budgets tighten, these programs are often first on the chopping block or become capacity-constrained, leaving you optionless when you need their support.


    Business impact:

    • Fewer free scans available
    • Longer wait times
    • More reliance on paid security assessments
    • MSPs must fill the gap

    3. Weaker critical infrastructure resilience

    CISA plays a coordination role across sectors like healthcare, energy, water, and transportation. Funding cuts can mean:

    • Fewer field advisors
    • Less regional engagement
    • Reduced ICS/OT security work
    • Slower cross-sector coordination

    Business impact:

    Even if you think of yours as “just a small business,” you depend on these sectors. Increased fragility upstream can mean:

    • More outages
    • More supply chain disruptions
    • Higher cyber insurance pressure
    • More third-party risk exposure

    This is the second-order effect many owners miss.

    4. Slower incident response support at scale


    For large or multi-organization incidents, CISA helps coordinate national response. With fewer resources:

    • Surge capacity drops
    • Federal assistance may triage more aggressively
    • Recovery guidance may lag during major events

    Business impact:

    Most business owners do not call CISA directly. But during widespread campaigns (think mass exploitation events), weaker federal coordination can mean:

    • Longer active threat windows
    • More widespread compromise
    • Slower ecosystem-wide containment

    The bottom line, cuts such as these carry consequences, some that you can anticipate and some that you can’t.  Either way, it’s of the utmost importance that in 2026 you have protections in place that specifically cover your business from threat actors, regardless of what protections may be in place nationwide. All Valley Techlogic plans include cybersecurity protections (including 24/7 threat detection and monitoring) by default. Learn more today through a consultation.



  • The biggest risk to your business might be a past employee, our guide to offboarding a past employee properly
  • Starting next month, you’ll need photo ID to fully access Discord and users are not happy
  • The Verizon outage that left more than a million without cell service yesterday is fixed, but what caused it?
  • Microsoft 365 Business Premium with Copilot Included? This new SKU makes integrating AI into your business more affordable and accessible

    • This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • Hacking group Scattered Spider is making waves for disrupting retailers and corporate America despite recent arrests

    Hacking group Scattered Spider is making waves for disrupting retailers and corporate America despite recent arrests

    Scattered Spider, otherwise known as UNC3944 gained notoriety during the infamous attack on MGM (which we reported in in 2023) which was estimated to have cost the company around $100 million dollars. The group has kept up its momentum while targeting financial institutions in particular such as PNC Financial Group, Synchrony Financial, Truist Bank and more.

    It’s estimated the cost of cyber crime has risen to $793 billion per month with groups like Scattered Spider contributing to this bottom line. The group has also been in the news for its unusual makeup, with most arrests being teenagers to young adults. This is not the hardened group of long-time professional hackers most people think of when they think of breaches on this scale.

    A set of recent arrests were made of two 19-year-old men, a 17-year-old boy and a 20-year-old woman in the UK, with the bad actors being charged with blackmail, money laundering and ties to a criminal organization as of writing. One of the alleged leaders of the group, 23-year-old Tyler Buchanan, was also arrested in May of this year and has been extradited to California to face charges where he faces up to 47 years behind bars.

    Ransomware/Malware-as-a-service (RAAS/MAAS) becoming more ubiquitous means that someone doesn’t even have to be extremely tech savvy to pull a cyber attack, expanding the reach of bad actors looking for financial gain from attacks on anyone convenient. It has never been more true than it is now in 2025 that no one is safe from cyber threats. Your business Isn’t too small or too remote to be a target.

    The group has also focused on tactics that are more social engineering than directly technical, with phishing being a primary driver as we saw in the MGM attack. Here are 5 ways hacking groups like Scattered Spider are pulling off cyber attacks:

    1. Social Engineering and Impersonation

    Scattered Spider is notorious for tricking employees into giving up credentials. They often:

    • Impersonate IT or help desk personnel
    • Call or message employees to reset passwords or approve MFA prompts
    • Use public info (like LinkedIn profiles) to craft believable stories
    1. SIM Swapping

    They hijack a victim’s mobile number by convincing the phone carrier to transfer it to a SIM card they control. Once they do this, they can:

    • Bypass MFA (multi-factor authentication)
    • Receive SMS-based codes for password resets
    1. Exploiting Identity & Access Management (IAM) Systems

    They target systems like Okta or Microsoft Azure AD to escalate privileges and gain access across an organization. Once inside:

    • They move laterally across systems
    • Create persistent backdoors
    1. Abusing Remote Access Tools

    Scattered Spider leverages legitimate tools like:

    • Remote desktop software
    • VPNs and virtual desktop infrastructure (VDI)
      They often enter using stolen credentials and hide in plain sight by mimicking normal user activity.
    1. Ransomware Deployment & Data Theft

    After gaining sufficient access, they:

    • Exfiltrate sensitive data
    • Deploy ransomware (often in partnership with ransomware-as-a-service groups like ALPHV/BlackCat)
    • Threaten double extortion: demanding payment to both unlock systems and not leak data

    At Valley Techlogic, we help businesses of all sizes stay protected against advanced threats from hacking groups like Scattered Spider by combining proactive cybersecurity strategies with enterprise-grade tools. Our team monitors for suspicious activity, implements strong identity and access controls, and trains your staff to recognize social engineering attempts, closing the gaps these groups exploit. With layered protection and rapid response capabilities, we keep your systems secure and your data safe. Get started with a Valley Techlogic service plan today to protect your business from future threats.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.