Collaborate Disseminate
It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud. Software-as-a-Service (SaaS), as well as cloud-based servers from Amazon or Micr… Continue reading What Cloud Migration Means for Your Security Posture
“Worldwide spending on information security products and services will reach more than $114 billion in 2018, an increase of 12.4 percent from last year, according to the latest forecast from Gartner, Inc. In 2019, the market is forecast to grow 8… Continue reading Security Evolution Is Not Good Enough. It’s Time for a Security Revolution!
The U.S. Government is constantly working to improve its ability to respond to the growing threat of cyber-attacks facing the national power grid. Towards that end, the Federal Energy Regulatory Commission (FERC) approved the revised critical infrastru… Continue reading Revised Critical Infrastructure Protection Reliability Standard CIP–003–7: What Are the Changes?
When we think of industrialization and the industrial revolution, images of smoke stacks, purpose-built machinery, and automation come to mind. Some examples are the Jacquard Machine, as pictured below. This machine simplified the process of manufactur… Continue reading BSides Idaho Falls Preview: The Industrialization of Red and Blue Teaming
This article describes one of the recent frauds used by cybercriminals to steal funds from people’s credit cards. Unfortunately, it is a simple one to pull off, so peruse the details below and make sure you don’t get on the hook. The malici… Continue reading Beware of the New Way Crooks Can Drain Your Credit Card Account
As part of this two-part series, let’s now look to another exhibit demonstrating of how people act as the first, last and best data and privacy defense. Exhibit B: Potentially Unwanted Leaks If you have some technical literacy, you may have heard… Continue reading You: The First, Last and Best Data Protection and Privacy Defense – Part 2
Organizations receive mass amounts of data daily regarding cyber security risks. Too many companies set their cyber security defense strategy based on news stories, vendors and/or a “whack a mole” approach. My discussion reviews a unique cy… Continue reading BSides Idaho Falls Preview: Cyber Security Defense Maturity Model
My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, I was advising entities across North Ame… Continue reading NERC CIP Audits: Top 8 Dos and Don’ts
Good security engineers are hard to come by. What is a company to do? Not all companies can afford outrageous salaries to acquire one, much less a full team of security professionals. Even if those few companies can afford it today, how do they retain … Continue reading How to Cultivate Security Champions at the Workplace
In World War I, the space between the most-forward trenches in a battle was called No Man’s Land – a place you didn’t want to be. I learned it as a tennis term. In tennis, you want to play at the net or behind the baseline. The middle… Continue reading Selecting a Security Leader: Don’t Get Caught in No Man’s Land