Category

NIST
“Seeing Yourself in Cyber”  Since the 2004 declaration by the President of the United States and Congress, we dedicate each October as Cybersecurity Awareness Month. The annual campaign is sponsored through a conjoined effort between the Cybersecurity & Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) — providing support from both the federal...
Read More
Truly popularized in the mid-2000s, multi-factor authentication (MFA) has been security practitioners’ go-to response whenever someone asks, “what can I be doing right now to protect my data and accounts?” It’s often listed as a default best practice to defend against many cyber attacks and attack vectors such as phishing, business email compromise (BEC), keystroke...
Read More
Florida state agencies and local governments are now subject to new cybersecurity requirements and prohibitions that went into effect on July 1, 2022. These new amendments to Florida’s State Cybersecurity Act (“the Cybersecurity Act”) impose practically impossible-to-meet notification requirements on state and local governmental entities and prohibit them from making ransom payments. Stepping back to...
Read More
As we continue our journey on what it means to practice holistic cybersecurity and its comprehensive methodology, we can now go into the process of getting your business to that point. Everything about going holistic and fully implementing a robust security strategy such as Zero Trust starts with “Identity.” Identification is merely the process of...
Read More
Philosophically, the term “holistic” describes the interconnectedness of parts that represent a whole. The medical community refers to treating someone in their entirety using ALL factors, not just managing one particular symptom. These conceptual descriptions of the word also parallel how a holistic approach is used in cybersecurity.  Holistic cybersecurity utilizes ALL types of solutions...
Read More
Cyber insurance has increasingly become one of the most valuable insurance coverages sought out by organizations of all shapes and sizes. As cyber-related threats continue to evolve and multiply, the insurance offers a financial umbrella for those who fall victim to attempted and successful breaches.  Cyber insurance consists of two major components; first-party and third-party...
Read More
Endpoint detection & response (EDR) is a cybersecurity solution consisting of multiple tools (including AI) that monitor for potential security threats and address them head on. This technology works by constantly collecting information from endpoint devices connected to an organization’s network such as desktops, servers, laptops, or tablets. By “information,” we are mostly referring to...
Read More
Here we go over the steps and preplanning that need to be taken after a cybersecurity incident to recover your business back to operation and restore public trust.    Moving into the final stage of the NIST cybersecurity framework, we now enter the “Recover” function. The activities involved in this function would take place after an...
Read More
This NIST framework function will tell you everything you need to do to respond to a cybersecurity incident including the strategic planning and specific areas to focus on.  Continuing through the primary functions of the NIST cybersecurity framework, we get to “Respond.” After the “Identify” function where you had determined the risks, vulnerabilities, and elements...
Read More
As we continue our journey with NIST, Here we show you what it means to “protect” while providing our readers with industry best practices towards your security program. A cybersecurity program’s “Protect” function is often the most thought-about area that organizations consider when looking to enhance their security program. It’s also the second of five...
Read More
1 2