CIS Controls Version 7 Launch Event | March 19th 2018

SecurityEverAfter 2018-03-29 21:17:00

I recently posted the below on the SANS Internet Storm Center.The CIS Controls serve as a “prioritized set of actions to protect your organization and data from known cyber attack vectors.”. Embraced by several organizations as outlined in the Case Studies section, significant improvements to their cyber security programs are ... Read More

SecurityEverAfter 2018-02-22 19:41:00

I recently posted the below on the SANS Internet Storm Center.The Center for Internet Security (CIS) has been working diligently to update the CIS Controls (formerly known as the Critical Security Controls). A compelling feature of the CIS Controls is their regular updates that reflect the current cyber threats that ... Read More

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises

I recently posted the below on the SANS Internet Storm Center.Recently the Center for Internet Security (CIS) released the CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises (SMEs). The Implementation Guide is directly mapped to the CIS Critical Security Controls and is focused on actionable steps that can be taken ... Read More

What is the State of Your Union?

Regularly the President of the United States delivers the State of the Union address. This practice "fulfills rules in Article II, Section 3 of the U.S. Constitution, requiring the President to periodically give Congress information on the "state of the union” and recommend any measures that he believes are necessary ... Read More

An Occasional Look in the Rear View Mirror

I recently posted the below on the SANS Internet Storm Center.With two new drivers in my home, I am training them to occasionally look in the rear view mirror of their car as an effective way to increase their situational awareness when driving. What if this principle were applied to ... Read More

What Can You Learn On Your Own?

I recently posted the below on the SANS Internet Storm Center.We are all privileged to work in the field of information security. We also carry the responsibility to keep current in our chosen profession. Regularly I hear from fellow colleagues who want to learn something, but do not have a ... Read More

KNOW before NO

I recently posted the below on the SANS Internet Storm Center.A good friend told me that an engaged information security professional is one who leads with the KNOW instead of the NO. This comment struck me and has resonated well for the last several years. It has encouraged me to ... Read More

Distraction as a Service

I recently posted the below on the SANS Internet Storm Center.Have you noticed that some security projects never seem to get finished? Despite the best of intentions, often times they linger, sometimes for years. I believe that distractions play a role in security projects being delayed and ultimately never being ... Read More

What’s On Your Not To Do List?

I recently posted the below on the SANS Internet Storm Center.In our craft, there are more than ample opportunities to occupy our time. There are so many things you CAN do. How can you ensure focus on the things that actually make the biggest impact? I suggest that often times ... Read More

Unauthorized Change Detected!

I recently posted the below on the SANS Internet Storm Center.How do you detect what has changed in your environment? Is it possible to think beyond the alerts you get from your tools and consider what changes that you absolutely need to know about when they occur? When systems in ... Read More
Loading...