Managed Security Services Provider (MSSP)

Reach Out to Peers and Vendors to Build Your Security

Posted on April 25, 2023 by Sue Poremba

Cyberattacks don’t happen in a vacuum. While your organization may be specifically targeted by cybercriminals, the style of attack they are using isn’t unique to you. It’s one they will use over and over, especially if it is successful, and will sell on the Dark Web for other cyber criminals to buy, use and modify. […]

The post Reach Out to Peers and Vendors to Build Your Security appeared first on Security Intelligence.

Continue reading Reach Out to Peers and Vendors to Build Your Security→

What Should Customers Ask Managed Service Providers?

Posted on September 1, 2022 by George Platsis

Managed service providers (MSPs), sometimes called managed security services (MSS) or MSSP, play a very important role in protecting data and other digital assets and will continue to do so. Some of the benefits include, but are not limited to: Mostly predictable costs, including less burden on capital expenditure, and pay-as-you-go models Dedicated and informed […]

The post What Should Customers Ask Managed Service Providers? appeared first on Security Intelligence.

Continue reading What Should Customers Ask Managed Service Providers?→

A Journey in Organizational Resilience: Geopolitical and Socio-Economic Trends and Threats

Posted on December 13, 2021 by George Platsis

The last stop on our organizational resilience journey touches one of the issues organizations have the least control over: geopolitical and socio-economic trends and threats. However, they can be some of the most impactful on your organization. Today, the ubiquitous use of interconnected information systems to carry commerce exists on a scale that never did […]

The post A Journey in Organizational Resilience: Geopolitical and Socio-Economic Trends and Threats appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Geopolitical and Socio-Economic Trends and Threats→

A Journey in Organizational Resilience: The Data Life Cycle

Posted on November 15, 2021 by George Platsis

With so many efforts focused on restoring systems, applications and workloads, it is easy to miss an important piece: the data that makes business processes possible. A fully restored system is as good as offline if you don’t have the data required to work. Let’s face it: in the past, technology drove business capabilities. Today, […]

The post A Journey in Organizational Resilience: The Data Life Cycle appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: The Data Life Cycle→

A Journey in Organizational Resilience: Privacy

Posted on October 25, 2021 by George Platsis

Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is a relatively new tool. It was only first deployed in January 2020. Even ISO only released […]

The post A Journey in Organizational Resilience: Privacy appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Privacy→

A Journey in Organizational Resilience: Training and Testing

Posted on October 18, 2021 by George Platsis

We are far from a breach-free world. After all, even cybercriminals have shown their own form of resilience. For example, after a short hiatus, the ransomware group REvil came back in September 2021. Until the day we can leave our ‘cyber front door’ unlocked, any organizational resilience framework you employ needs to include a healthy […]

The post A Journey in Organizational Resilience: Training and Testing appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Training and Testing→

A Journey in Organizational Resiliency: Governance

Posted on October 11, 2021 by George Platsis

From governance comes everything else. It would be reasonable if this journey in organizational resilience started with the governance theme. In fact, many important standards or cybersecurity frameworks begin with policy development. For example: NIST SP 800-34: The first step in contingency planning is policy development. NIST Cybersecurity Framework: Part of the first step, Identify, […]

The post A Journey in Organizational Resiliency: Governance appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resiliency: Governance→

A Journey in Organizational Resilience: Crisis Management

Posted on October 4, 2021 by George Platsis

So far in this organizational resilience journey, we have focused mainly on the planning phase, or, as some call it, ‘left of the boom’. For a moment, let’s look at a ‘right of the boom’ (post-incident) theme: crisis management (CM), an important component of your cyber resilience planning. A good CM plan will be part of […]

The post A Journey in Organizational Resilience: Crisis Management appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Crisis Management→

A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery

Posted on September 27, 2021 by George Platsis

Moving along our organizational resilience journey, we focus on disaster recovery (DR), the perfect follow-up to business continuity (BC) The two go hand-in-hand, often referenced as BCDR, and both are key to your cyber resilience planning. If you recall from the previous piece, NIST SP 800-34 calls out a separate disaster recovery plan, as it […]

The post A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery appeared first on Security Intelligence.

Continue reading A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery→

How Privileged Access Management Fits Into a Layered Security Strategy

Posted on September 24, 2021 by David Bisson

In its early stages, privileged access management (PAM) involved protecting only the passwords used for privileged accounts. But it evolved beyond that single purpose in the years that followed. Nowadays, it includes other security functions like multifactor authentication (MFA), session monitoring, proxying and user behavior analytics (UBA). Take a look at how these connect for […]

The post How Privileged Access Management Fits Into a Layered Security Strategy appeared first on Security Intelligence.

Continue reading How Privileged Access Management Fits Into a Layered Security Strategy→