The True Cost of a Security Breach

There have been many articles about the cost of a security breach. With the emergence of privacy regulations that assign penalties based on a business’ profit, or those that calculate a value for each compromised record, it is possible to calculate the cost of a breach based on those metrics ... Read More

The Cyber Assessment Framework: Guided Cyber Resilience

Remember how, just a few years ago, many organizations were striving to be cyber secure? Over the last years, it seemed that crowing about one’s cybersecurity posture became the very thing that mocked every organization that was the victim of a newsworthy compromise. Many organizations began augmenting their previously acclaimed security ... Read More

World Backup Day: Simplicity and Patience is Key

A few months ago, a popular cybersecurity news organization posted an urgent notice on social media seeking help to recover their data after their blog was deleted.  They announced that they had no backups and they were desperately trying to contact the site administrator to restore their blog collection.  This ... Read More

The New CIS Community Defense Model (CDM) Brings Security Within the Grasp of All Small Organizations

Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known ... Read More

National Computer Security Day: Tips for Securing Your Home Computers

Tuesday, November 30th, is National Computer Security Day.  Although this special day has been around since 1988, many people are not only unaware of it, but are still also unaware of some of the basic security required for protecting their computing devices. The rise of remote work has stretched the ... Read More

Comply 2 Connect (C2C) – A Solution to Quell the Rogues in Our Midst

Have you ever taken a personal device to work and connected it to the work network? Maybe you connected to the Wi-Fi with a mobile device. Perhaps you brought in a personal laptop and plugged into an open port to connect to the internet. These may seem like harmless activities, and some ... Read More

Don’t Warn Your Co-Workers About That Phishing Test

It is October 2021, and another Cybersecurity Awareness Month is upon us. With so much having occurred over the last year, we should all be experts in personal cybersecurity protection. After all, when our homes became our primary business location, it all became very personal. I once worked at a company that ... Read More
Cybersecurity Maturity Model Certification (CMMC) – A Model for Everyone

Cybersecurity Maturity Model Certification (CMMC) – A Model for Everyone

| | CMMC, Compliance, government
Data breaches have reached a fever pitch over the last few years. The rapid frequency of successful attacks coupled with the rising costs to businesses has raised attention at the highest levels of global governments. In the past, breaches were relatively “localized,” that is, they affected the targeted company only. However, ... Read More

Identity and Access Management – Who You Are & Where You Need to Be

Remember your first day on the job? You might groan just thinking about it, or maybe you are filled with the optimistic nostalgia of all the great things you set out to accomplish.  It’s all a matter of your current perspective.  One of the greatest apprehensions about that first day ... Read More
phishing MFA Microsoft Again Most Spoofed as Office 365 Phishing Evolves

Why so Much Resistance to MFA?

I was speaking with a doctor friend the other day. We were chatting about electronic medical records and how her office secured the patient information. She told me about all of the usual and expected safeguards such as passphrases, multifactor authentication (MFA) and two-factor authentication (2FA). She added that if ... Read More
Security Boulevard