David Bisson – Page 3 – WindowsTechs.com

SASE and Zero Trust: What’s the Connection?

Posted on November 12, 2021 by David Bisson

Many organizations find themselves in a tricky spot today when it comes to digital transformation. With many looking to zero trust, how does Secure Access Secure Edge (SASE) fit in? On the one hand, the events of 2020 helped to speed up many digital adoption projects. A 2020 report from McKinsey found that more than […]

The post SASE and Zero Trust: What’s the Connection? appeared first on Security Intelligence.

Continue reading SASE and Zero Trust: What’s the Connection?→

Non-Traditional Cybersecurity Career Paths: How to Find Your Own Way

Posted on November 12, 2021 by David Bisson

In two previous blog posts, I shared the non-traditional cybersecurity career paths of more than a dozen professionals and how their previous life experiences shaped their security work. It’s been an honor helping to tell these individuals’ stories. We conclude this blog series with a final installment in which these same cybersecurity professionals share advice […]

The post Non-Traditional Cybersecurity Career Paths: How to Find Your Own Way appeared first on Security Intelligence.

Continue reading Non-Traditional Cybersecurity Career Paths: How to Find Your Own Way→

Zero Trust: What NIST’s Guidelines Mean for Your Resources

Posted on November 8, 2021 by David Bisson

In May, The White House released an executive order on improving the nation’s cybersecurity. The order came with various directives for Federal Civilian Executive Branch agencies. Among other efforts, the order focused on the federal government’s advance toward zero trust architecture (ZTA). It framed this journey as one “which shall incorporate, as appropriate, the migration […]

The post Zero Trust: What NIST’s Guidelines Mean for Your Resources appeared first on Security Intelligence.

Continue reading Zero Trust: What NIST’s Guidelines Mean for Your Resources→

Non-Traditional Cybersecurity Career Paths – One Experience Informs Another

Posted on November 4, 2021 by David Bisson

In a previous article, I shared the stories of how more than a dozen cybersecurity professionals found their way into the industry. Their non-traditional cybersecurity career paths help to illustrate how personnel of all different education backgrounds and life experiences can become part of the same community. There’s no single certification, degree, qualification, job, age, […]

The post Non-Traditional Cybersecurity Career Paths – One Experience Informs Another appeared first on Security Intelligence.

Continue reading Non-Traditional Cybersecurity Career Paths – One Experience Informs Another→

Non-Traditional Cybersecurity Career Paths: Entering the Industry

Posted on October 21, 2021 by David Bisson

There are lots of ways organizations can work to address the cybersecurity skills gap. Working with young people, providing skilling for students and implementing zero trust helps. So does amplifying gender diversity and promoting respect in the workplace. Organizations can use all these strategies to fill their open positions and meet their cybersecurity needs. But […]

The post Non-Traditional Cybersecurity Career Paths: Entering the Industry appeared first on Security Intelligence.

Continue reading Non-Traditional Cybersecurity Career Paths: Entering the Industry→

How to Report Scam Calls and Phishing Attacks

Posted on October 14, 2021 by David Bisson

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. […]

The post How to Report Scam Calls and Phishing Attacks appeared first on Security Intelligence.

Continue reading How to Report Scam Calls and Phishing Attacks→

What Happens to Victims When a Ransomware Gang Vanishes?

Posted on October 5, 2021 by David Bisson

Not long after launching a major supply chain attack in July 2021, the REvil ransomware gang went offline. The group’s infrastructure, including its surface and dark web portals used for ransom negotiations and data leaks, shut down on July 12, according to Bleeping Computer. Russian digital crime forum XSS banned Unknown, a user believed to […]

The post What Happens to Victims When a Ransomware Gang Vanishes? appeared first on Security Intelligence.

Continue reading What Happens to Victims When a Ransomware Gang Vanishes?→

Harassment and the Skills Gap: Improving Retention in the Security Community

Posted on October 5, 2021 by David Bisson

Everyone wants to work with people who respect them. With the cybersecurity talent gap growing, employers need to show they truly value employees in order to keep them. Along with pay and benefits, a key way to do that is to show respect. That includes work policies that prevent harassment in the company culture. The skills […]

The post Harassment and the Skills Gap: Improving Retention in the Security Community appeared first on Security Intelligence.

Continue reading Harassment and the Skills Gap: Improving Retention in the Security Community→

Using Vendor Management to Defend Against Supply Chain Attacks

Posted on September 30, 2021 by David Bisson

Supply chain attacks are growing more common. According to the Identity Theft Resource Center (ITRC), there were just 19 supply chain attacks in the final quarter of 2020. In the following quarter, that volume grew to 27 attacks — an increase of 42%. Those incidents in Q1 2021 affected 137 U.S. groups and a total […]

The post Using Vendor Management to Defend Against Supply Chain Attacks appeared first on Security Intelligence.

Continue reading Using Vendor Management to Defend Against Supply Chain Attacks→

DevSecOps: How Engineers Benefit From Cybersecurity Education

Posted on September 27, 2021 by David Bisson

Digital security incidents involving operational technology (OT) can have big impacts on the physical world. Why are these OT security incidents happening? A lack of understanding of how the different elements of DevSecOps fit together can contribute. This also shows the importance of crossover between engineering and cybersecurity. In March 2021, for instance, Fortinet found […]

The post DevSecOps: How Engineers Benefit From Cybersecurity Education appeared first on Security Intelligence.

Continue reading DevSecOps: How Engineers Benefit From Cybersecurity Education→