Category

Cloud Computing
Endpoint detection & response (EDR) is a cybersecurity solution consisting of multiple tools (including AI) that monitor for potential security threats and address them head on. This technology works by constantly collecting information from endpoint devices connected to an organization’s network such as desktops, servers, laptops, or tablets. By “information,” we are mostly referring to...
Read More
Here we go over the steps and preplanning that need to be taken after a cybersecurity incident to get your business back to operational and restore public trust.    Moving into the final stage of the NIST cybersecurity framework, we now enter the “Recover” function. The activities involved in this function would take place after an...
Read More
This NIST framework function will tell you everything you need to do to respond to a cybersecurity incident including the strategic planning and specific areas to focus on.  Continuing through the primary functions of the NIST cybersecurity framework, we get to “Respond.” After the “Identify” function where you had determined the risks, vulnerabilities, and elements...
Read More
The NIST Security Framework is the ultimate roadmap for which the United States government outlines how businesses can develop their cybersecurity program to account for the threat landscape that is forever evolving. The framework is long and detailed but can be more easily understood when the recommended best practices and security measures are broken down...
Read More
Existing and new challenges, from supply chain hacks to 5G rollouts, will continue to test the expanded role of security teams. CISOs faced a number of challenges in 2020, not the least of which was COVID-19 and the mass migration from onsite to remote work. Maybe for the first time, corporate leadership saw just how...
Read More
Insider Risk is defined as  “The risk an insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems”. A lot of organizations struggle with insider risk because the very nature of the risk comes from those who you trust with your systems and authorizations. From...
Read More
Cybersecurity compliance isn’t something you can accomplish easily. There are an overwhelming number of acronyms, controls, and laws that leave many scratching their head. Compliance requirements vary and can be imposed by law, non-government regulatory bodies, and even private industry groups. Cybersecurity Compliance involves meeting various “conditionals” or controls to protect the confidentiality, integrity, and...
Read More
Abstract – This article discusses the importance of understanding and level of effort required for mitigating risks that third-party cloud services (software-as-a-service, infrastructure-as-a-service, and platform-as-a-service) represent to an organization. Depending on the service, it may not be possible to conduct a thorough, direct assessment of the services, which is necessary to ensure securing the organization’s...
Read More
An incident response plan is a“set of instructions to help IT staff detect, respond to, and recover from network security incidents. These types of plans address issues like cybercrime, data loss, and service outages that threaten daily work.” Generally, an Incident Response plan is created before any incidents occur. Although, most companies have taken a...
Read More
According to Gartner, Software Defined – Wide Area Network (SD-WAN) does the following:  “SD-WAN solutions provide a replacement for traditional WAN routers and are agnostic to WAN transport technologies. SD-WAN provides dynamic, policy-based, application path selection across multiple WAN connections and supports service chaining for additional services such as WAN optimization and firewalls.” Software Defined –...
Read More
1 2 3 6