The True Cost of a Security Breach
There have been many articles about the cost of a security breach. With the emergence of privacy regulations that assign penalties based on a business’ profit, or those that calculate a value for each compromised record, it is possible to calculate the cost of a breach based on those metrics ... Read More
The Cyber Assessment Framework: Guided Cyber Resilience
Remember how, just a few years ago, many organizations were striving to be cyber secure? Over the last years, it seemed that crowing about one’s cybersecurity posture became the very thing that mocked every organization that was the victim of a newsworthy compromise. Many organizations began augmenting their previously acclaimed security ... Read More
World Backup Day: Simplicity and Patience is Key
A few months ago, a popular cybersecurity news organization posted an urgent notice on social media seeking help to recover their data after their blog was deleted. They announced that they had no backups and they were desperately trying to contact the site administrator to restore their blog collection. This ... Read More
The New CIS Community Defense Model (CDM) Brings Security Within the Grasp of All Small Organizations
Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known ... Read More
National Computer Security Day: Tips for Securing Your Home Computers
Tuesday, November 30th, is National Computer Security Day. Although this special day has been around since 1988, many people are not only unaware of it, but are still also unaware of some of the basic security required for protecting their computing devices. The rise of remote work has stretched the ... Read More
Comply 2 Connect (C2C) – A Solution to Quell the Rogues in Our Midst
Have you ever taken a personal device to work and connected it to the work network? Maybe you connected to the Wi-Fi with a mobile device. Perhaps you brought in a personal laptop and plugged into an open port to connect to the internet. These may seem like harmless activities, and some ... Read More
Don’t Warn Your Co-Workers About That Phishing Test
It is October 2021, and another Cybersecurity Awareness Month is upon us. With so much having occurred over the last year, we should all be experts in personal cybersecurity protection. After all, when our homes became our primary business location, it all became very personal. I once worked at a company that ... Read More
Cybersecurity Maturity Model Certification (CMMC) – A Model for Everyone
Data breaches have reached a fever pitch over the last few years. The rapid frequency of successful attacks coupled with the rising costs to businesses has raised attention at the highest levels of global governments. In the past, breaches were relatively “localized,” that is, they affected the targeted company only. However, ... Read More
Identity and Access Management – Who You Are & Where You Need to Be
Remember your first day on the job? You might groan just thinking about it, or maybe you are filled with the optimistic nostalgia of all the great things you set out to accomplish. It’s all a matter of your current perspective. One of the greatest apprehensions about that first day ... Read More
Why so Much Resistance to MFA?
I was speaking with a doctor friend the other day. We were chatting about electronic medical records and how her office secured the patient information. She told me about all of the usual and expected safeguards such as passphrases, multifactor authentication (MFA) and two-factor authentication (2FA). She added that if ... Read More
