Is Your Supply Chain Secure?
In 2021, there were a number of major supply chain attacks that crippled multiple companies. Think back to the Kaseya attack in July, or, even before that, the SolarWinds attack that came to light in December 2020. In October 2021, Broward Health in Florida was compromised through a third-party supply ... Read More
A Deeper Dive Into the Value of Centralized Logging
In my previous blog post, I talked about the value of centralized logging, a high-level, non-complex overview of how centralizing your logs can help you determine if your security controls and defensive tools are working as expected. Now, let’s go a bit deeper and discuss some best practices regarding centralized ... Read More
How to Determine if Your Network Security is Working
In my previous blog post, I talked about the MITRE ATT&CK framework and how it can help you determine possible threats and threat actors’ techniques so that you can better focus your limited resources on the more likely threats. The next question you might have is, “Am I being attacked?” and ... Read More
Improving Cybersecurity With MITRE ATT&CK Framework
In my previous blog posts, I’ve talked about the NIST CSF and another framework from the nonprofit Center for Internet Security (CIS), which has a smaller set of controls to help companies and organizations secure their environments. Now, I want to talk about the MITRE ATT&CK framework. But let’s start ... Read More
Can you Become Ransomware-Proof? Part 2: CIS Controls
In my previous post, I talked about the NIST Cybersecurity Framework (CSF). Some of you, I am sure, Googled “NIST CSF” after reading it and found tons of information from NIST on the framework. Then, as you looked at the details, you might have felt intimidated by the five functions ... Read More
Can you Become Ransomware-Proof?
Wouldn’t it be great if you had enough confidence in your information security program that if a criminal gang attacked you, you would be able to defend yourself, keep your business going and notify the appropriate legal authorities and any vendor partners that might be impacted? With a mature information ... Read More