Author Archives: George Platsis

A Journey in Organizational Resilience: Privacy

Posted on by

Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is a relatively new tool. It was only first deployed in January 2020.  Even ISO only released […]

The post A Journey in Organizational Resilience: Privacy appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Privacy

Cybersecurity First: Becoming GOAT

Posted on by

As we close off Cybersecurity Awareness Month, let us examine how we can become the cyber GOAT: ‘greatest of all time’. Sure, there will be plenty this week on cybersecurity training, making security a priority, more investments into products and processes and all that fun stuff. But we’re not going to talk about that right […]

The post Cybersecurity First: Becoming GOAT appeared first on Security Intelligence.

Continue reading Cybersecurity First: Becoming GOAT

A Journey in Organizational Resilience: Training and Testing

Posted on by

We are far from a breach-free world. After all, even cybercriminals have shown their own form of resilience. For example, after a short hiatus, the ransomware group REvil came back in September 2021. Until the day we can leave our ‘cyber front door’ unlocked, any organizational resilience framework you employ needs to include a healthy […]

The post A Journey in Organizational Resilience: Training and Testing appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Training and Testing

Cybersecurity Careers: Awareness, Opportunities and Retention

Posted on by

This week, Cybersecurity Awareness Month focuses on cybersecurity careers and jobs in the industry, with a simple tagline: Explore. Experience. Share. Check out NIST’s workshops and toolkits for Career Week. For cybersecurity and IT workers, if you want to position yourself well, do some exploring. Get to know new territory outside of cybersecurity. The reason? […]

The post Cybersecurity Careers: Awareness, Opportunities and Retention appeared first on Security Intelligence.

Continue reading Cybersecurity Careers: Awareness, Opportunities and Retention

How to Fight Phishing: Don’t Get Fugu’ed!

Posted on by

Threat actors who deploy phishing and other attacks have an advantage: they don’t operate within any space of decent norms or legal jurisdiction. Accept that, and you quickly understand why the cybersecurity battle feels like fighting a tire fire with a garden hose. Attackers are coming up with new and smart ways to infect our […]

The post How to Fight Phishing: Don’t Get Fugu’ed! appeared first on Security Intelligence.

Continue reading How to Fight Phishing: Don’t Get Fugu’ed!

A Journey in Organizational Resiliency: Governance

Posted on by

From governance comes everything else. It would be reasonable if this journey in organizational resilience started with the governance theme. In fact, many important standards or cybersecurity frameworks begin with policy development. For example:  NIST SP 800-34: The first step in contingency planning is policy development. NIST Cybersecurity Framework: Part of the first step, Identify, […]

The post A Journey in Organizational Resiliency: Governance appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resiliency: Governance

A Journey in Organizational Resilience: Crisis Management

Posted on by

So far in this organizational resilience journey, we have focused mainly on the planning phase, or, as some call it, ‘left of the boom’. For a moment, let’s look at a ‘right of the boom’ (post-incident) theme: crisis management (CM), an important component of your cyber resilience planning. A good CM plan will be part of […]

The post A Journey in Organizational Resilience: Crisis Management appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Crisis Management

Cybersecurity Awareness: The Basics Are the Foundation

Posted on by

  It’s Cybersecurity Awareness Month and the Cybersecurity & Infrastructure Security Agency (CISA) put out their 2021 #BeCyberSmart message kit: Be Cyber Smart Fight the Phish! Explore. Experience. Share. Cybersecurity First.  What do these mean for your business? Let’s start off with the basics. Cybersecurity Awareness Tips: Stop Throwing Good Money After Bad More than […]

The post Cybersecurity Awareness: The Basics Are the Foundation appeared first on Security Intelligence.

Continue reading Cybersecurity Awareness: The Basics Are the Foundation

A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery

Posted on by

Moving along our organizational resilience journey, we focus on disaster recovery (DR), the perfect follow-up to business continuity (BC) The two go hand-in-hand, often referenced as BCDR, and both are key to your cyber resilience planning. If you recall from the previous piece, NIST SP 800-34 calls out a separate disaster recovery plan, as it […]

The post A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery appeared first on Security Intelligence.

Continue reading A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery

A Journey in Organizational Cyber Resilience Part 2: Business Continuity

Posted on by

Keeping a business up and running during a problem takes the right people for the job. When it comes to cyber resilience through tough times, many things come down to the human factor. We focused on that in the first piece in this series, but it also makes a big difference to the second topic: […]

The post A Journey in Organizational Cyber Resilience Part 2: Business Continuity appeared first on Security Intelligence.

Continue reading A Journey in Organizational Cyber Resilience Part 2: Business Continuity