1.888.749.9800

joe

Protect Your Network with these Three Steps

In addition to being a security consultant by trade, I am a Chief Warrant Officer for the Massachusetts Army National Guard, where I mentor incident handlers and senior leadership on offensive and defensive cyber warfare. In this position, I am regularly asked for advice on all things related to cyber. One recent query from a newly promoted […]

By |October 31st, 2018|Blog|Comments Off on Protect Your Network with these Three Steps

Crisis Management Centers and Cyber Security

I was asked to contribute to an article about 911 communications centers recently based on my experience with large crisis management centers (think the 2014 Boston Marathon bombing). Below are my responses to the questions:

What are the common vulnerabilities communication centers face?

24-hour crisis managements centers often have shared computers. I would expect that they conduct […]

By |September 24th, 2018|Blog|Comments Off on Crisis Management Centers and Cyber Security

Best Practices for Contracting with Cloud Service Vendors

I was recently asked about best practices for contracting with cloud service vendors – and thought this advice was worth sharing.

What is the best strategy if you decide to change vendors?

Always conduct a parallel transition. This will keep your data in place at your original vendor during the transition. This cost more but will protect […]

By |March 16th, 2018|Blog|Comments Off on Best Practices for Contracting with Cloud Service Vendors
  • Permalink Gallery

    The Shift that EternalBlue May Have Caused Within IT Leadership

The Shift that EternalBlue May Have Caused Within IT Leadership

For leaders in IT, 2017 has been the year of EternalBlue (the weaponized version of the vulnerability described in MS17-010), whether they know it or not.  EternalBlue allowed the trivial exploitation of Microsoft systems allowing an attacker to gain the highest level of system permissions.  This sort of vulnerability set the hacking community on fire and allowed […]

By |February 26th, 2018|Blog|Comments Off on The Shift that EternalBlue May Have Caused Within IT Leadership
  • Permalink Gallery

    What are the five most critical steps to take during the first 48 hours post data breach?

What are the five most critical steps to take during the first 48 hours post data breach?

1. Protect – The first and most important (time sensitive) step is to protect your environment and prevent additional damage and/or data loss.  This could be as simple as disconnecting from any wired and wireless networks.  Also disconnect any local backup drives that could overwrite previously archived data.

2. Communicate – It is vital to […]

By |November 16th, 2017|Blog, Security Breach|Comments Off on What are the five most critical steps to take during the first 48 hours post data breach?

The Dangers of Wireless Technology on the Road

How to Protect Your Data in Airports, Coffee Houses, and Hotels

In a recent interview, I was asked a series of questions about the dangers of wireless technology on the road. I’d like to share my responses here as to ways that travelers can protect their data when hooking up to “free” wireless technology in airports, […]

By |June 13th, 2016|Blog, Security Breach|Comments Off on The Dangers of Wireless Technology on the Road

Cyber Warfare Exercise: part two

There are only two certainties in a company’s life: Taxes and your network will be hacked.

I recently returned from the 15-day cyber warfare exercise hosted by the Massachusetts Army National Guard.  Attendees included soldiers and airmen from Vermont, New Hampshire, Maine, Massachusetts, Connecticut, and Rhode Island as well as personnel from private organizations such as […]

By |June 6th, 2016|Blog, Penetration Testing, Security Breach|Comments Off on Cyber Warfare Exercise: part two

Cyber Warfare Exercise

cyberwarriorIn the next few weeks I will be participating in an intensive 15-day cyber warfare exercise hosted by the Massachusetts Army National Guard.  This exercise is conceptualized around a cyber attack affecting critical infrastructure in the Northeast with an emphasis on public and private collaboration.

I will be working on a “Red […]

By |May 5th, 2016|Blog, Penetration Testing|Comments Off on Cyber Warfare Exercise
  • Permalink Gallery

    Data Loss Prevention (DLP) Technology is Maturing along with Customer Expectations

Data Loss Prevention (DLP) Technology is Maturing along with Customer Expectations

The following post on DLP is the combined effort of Joe Clapp and Paul Hill in response to a media query asking experts to weigh in on where they see the data loss prevention market going in 2016 and beyond.

The July 2015 Gartner Hype Cycle for Data Security indicates that Data Loss Prevention […]

By |October 29th, 2015|Blog|Comments Off on Data Loss Prevention (DLP) Technology is Maturing along with Customer Expectations