Critical Security Controls v7 RELEASED

I have previously posted on the Critical Security Controls, which many still incorrectly called the "SANS Top 20" and the like, tho SANS hasn't been managing them for some time. The current org that manages them is the Center for Internet Security, which has overseen them since around 2015. They ... Read More

March Updates on Frameworks & Standards

Last month I posted some information on several information security framework/standards being updated and sense then there have been updated on all of them. So here we go:NIST CSF v1.1. The second draft was released at the end of 2017, and we just wrapped up the comment period on this ... Read More
Report on BSides Tampa 2018

Report on BSides Tampa 2018

On Saturday, February 17th, I was in Tampa for the 5th Security BSides Tampa Conference. This was my third time attending, and my third time speaking. I spoke on the topic of the new "SOC for Cybersecurity" report. I'll do a separate posting on this report, giving resources.This conference had ... Read More

Report: The State of Cybersecurity in Florida

Just recently The Florida Center for Cybersecurity released their 2017 report, The State of Cybersecurity in Florida.So what IS The Florida Center for Cybersecurity? It's a statewide agency located at USF in Tampa that works with all State University System of Florida institutions, industry, the military, government, and the community ... Read More

Report on ISACA South Florida’s WOW Event

The South Florida Chapter of ISACA has been holding an annual one-day conference each year in February known as the WOW! Event. In 2018, they held their 11th conference on Friday, February 16th at FIU's Koven Conference Center at their Biscayne Bay campus.This year's theme was "The InfoSec of Things: ... Read More
Report on SecureMiami 2018

Report on SecureMiami 2018

On Saturday, February 10, 2018, DigitalEra hosted their second "annual" security event, Secure Miami at FIU, co-located with Brew Miami. Their first event was in December of 2016.Attendance was pretty good at this event, with about 350 registered to attend. This year they moved it to the larger Graham Center ... Read More

Framework/standard updates coming

Well, it's early 2018 and there are several information security framework/standards being updated:NIST CSF v1.1. The second draft was released at the end of 2017, and we just wrapped up the comment period on this. I believe the plans are to review and hopefully come out with the final release ... Read More
Healthcare Industry Cybersecurity Task Force report- June 2017

Healthcare Industry Cybersecurity Task Force report- June 2017

Recently a report came out from the "Health Care Industry Cybersecurity Task Force". This group was formed by Congress as part of the Cybersecurity Act of 2015. The task force is made up of a diverse group from the healthcare industry, taking a look at the state of cybersecurity and ... Read More

Upcoming Conferences in early 2018

There are several local security conferences coming up in my general area, some of which I'll be speaking at.Here are the ones over the next few months:* SecureMiami 2018, co-located with BrewMiami. Organized by DigitalEra, this is the second time for this half day event at the main campus of ... Read More
Cyber Resilience- what I've found (Part 1)

Cyber Resilience- what I’ve found (Part 1)

A year or so ago I came upon the idea of "cyber resilience", which is a general concept of 'hardening' or toughing, or making more resilient, our IT/cyber systems. I started seeing the terms used a lot, and many of the times I've seen it has been in use of ... Read More
Loading...