1.888.749.9800

Blog

  • Permalink Gallery

    What are the five most critical steps to take during the first 48 hours post data breach?

What are the five most critical steps to take during the first 48 hours post data breach?

1. Protect – The first and most important (time sensitive) step is to protect your environment and prevent additional damage and/or data loss.  This could be as simple as disconnecting from any wired and wireless networks.  Also disconnect any local backup drives that could overwrite previously archived data.

2. Communicate – It is vital to […]

Cloud security and IoT are the new peanut butter and jelly

by Christine Parizo, writer, Tech Pro Research, October 2017

For enterprises using cloud services with IoT, it’s critical to adhere to as many security practices as possible. Experts weigh in on the best approaches to take.

The Internet of Things (IoT) adds another sticky layer to the question of cloud security. Most organizations think in terms of the devices themselves, rather […]

Fighting Cyber-Threats With Innovative Tech

by Samuel Greengard, business & technology reporter, Baseline, Oct. 24, 2017

Increasingly sophisticated and dangerous cyber-threats require more innovative security approaches, including advanced automation tools, AI and blockchain.

The complexities of today’s cyber-security environment aren’t lost on anyone. It’s increasingly difficult to spot threats, detect intrusions, and thwart hackers and cyber-thieves.

“A cruise through the latest headlines about breaches is sobering,” says […]

Can Additional Legislation Improve IoT Security

I was recently asked if increased legislation could help improve IoT security, and how it will affect the IT department. Here’s my response:

Legislation can absolutely help IoT security by ensuring that manufacturers follow common core principles, strategies and infrastructure. The Cybersecurity Improvement Act of 2017 is an example of how legislation can compel manufacturers to […]

Qualifying IT Security Risks

How should a small organization quantify risk when it comes to IT security?  

In my last post, I discussed how people with little or no IT security experience are often put in charge of IT security at small companies. I explained how they might approach telling their boss how things are going on the security […]

Tips to Maintain IT Security Equilibrium at a Small Company

Ask where somebody working in IT security at a small company got started, and there is a good chance it had nothing to do with IT security at all.

Considering the management infrastructure of the typical small organization, IT security is usually handed off to somebody who knows little about it, usually somebody from the IT […]

No Compromises with the Latest Cybersecurity Threats

by Samuel Greengard, business & technology reporter, ChannelProNetwork, Sept. 8, 2017

Business process compromise attacks represent a growing risk. But channel pros can help their clients address the problem.

AS THE DIGITAL AGE UNFOLDS, it’s increasingly clear that the weakest link in cybersecurity is humans. People click bad links, open infected files, and succumb to an array of other social engineering […]

Most Commonly Overlooked Components of Operational Security

I was recently asked to comment on the most commonly overlooked components of operational security. To get the correct answer, sometimes it helps to take a step back and make sure you are asking the right question. The question should be “How do you ensure that your security program satisfies your operational security requirements?” With that question, […]

  • Permalink Gallery

    What role should security analytics play in information security programs today?

What role should security analytics play in information security programs today?

No one can argue that analyzing the security state of your IT environment (in a comprehensive and integrated manner) and taking proactive measures to prevent security incidents is the right way to manage an IT operation.  

The problem with Security Analytics isn’t a failure of vision; everyone agrees that we should be able to take […]

  • Permalink Gallery

    The Future of Our Energy Grid: Vulnerabilities as it Shifts from Fossil Fuels to Renewable Sources

The Future of Our Energy Grid: Vulnerabilities as it Shifts from Fossil Fuels to Renewable Sources

Our electric grid is comprised of generation facilities, high voltage transmission networks, substations, renewable point generation sources, and low voltage distribution networks.

Protecting the electric grid from cyber-attacks is complicated by its enormous scale – upwards of 7,000 power plants, more than 150,000 miles of high voltage transmission lines, and more than 50,000 substations. Some are […]

  • Permalink Gallery

    Ethical hacking: At WPI, a search for computer vulnerabilities

Ethical hacking: At WPI, a search for computer vulnerabilities

by Kaitlin Milliken, Correspondent, Worcester Telegram, July 16, 2017

WORCESTER – Students participating in Worcester Polytechnic Institute’s Cyber Security Club stare at their laptop screens, typing long lines of code.

They hope to find vulnerabilities in software and hack into a computer system. Each task they complete earns points.

Alex Gaines, president of the club, anticipates […]

  • Permalink Gallery

    The Best IT Security Policies Reflect the Value of Simplicity

The Best IT Security Policies Reflect the Value of Simplicity

90 percent of what we do to help people get better security is focusing on straight-forward common sense and having consistent policies and procedures.

To be good at what we do, we always work to make things as simple as possible for our customers because we recognize human behavior, and it is so much easier to remember and do simple […]

What Comes First, the 27001 or the 27002 ISO Standards?

There is something quirky about the 27000 series of standards published by the International Organization for Standardization (ISO).

Perhaps it is presented deliberately this way as a lesson in due diligence. Perhaps it is just a random error. But the standards are in the wrong numerical order. Judging from our interactions with company IT organizations, this […]

  • Permalink Gallery

    Security Experts Share Top Tips for Protecting Unstructured Data

Security Experts Share Top Tips for Protecting Unstructured Data

by Nate Lord, Digital Guardian, May 22, 2017

19 security professionals and business leaders share their top tips for protecting unstructured data.

From the contents of emails to intellectual property, business plans, proprietary training documentation, and much more, most enterprises manage vast amounts of unstructured data containing valuable and sensitive information. The sheer volume of unstructured data created and managed by most […]

Tips to Protect Against Ransomware

Following the Wannacry outbreak, we were reading about another attack, called Adylkuzz. Both cyberthreats rely on a Windows bug that was patched on March 14 and only affect PCs that haven’t installed the latest version of Microsoft’s software updates.

In light of this news, I thought it would be timely to talk about some common sense recommendations […]