Category Archives: Security Program Assessment

Cybersecurity Policy Enforcement: Strategies for Success

Posted on by

Introduction Your organization has invested significant effort in formally documenting its approach toward cybersecurity to enhance accountability and awareness of security processes; however, operationalizing and enforcing this policy library can appear challenging. Failure to consistently enforce cybersecurity policies generally leads to a degradation of the environment, as individuals come to understand that they will not…

The post Cybersecurity Policy Enforcement: Strategies for Success appeared first on TrustedSec.

Continue reading Cybersecurity Policy Enforcement: Strategies for Success

The First Steps on the Zero Trust Journey

Posted on by

One of the most discussed concepts in the Information Security world in recent history has been Zero Trust. Although many vendors claim to have products for implementing Zero Trust, an organization must not view them as an instant solution to achieving Zero Trust. Zero Trust should be viewed as a philosophy comprised of many controls…

The post The First Steps on the Zero Trust Journey appeared first on TrustedSec.

Continue reading The First Steps on the Zero Trust Journey

What this KeePass CVE means for organizations searching for new password vaults

Posted on by

After the 2022 LastPass breach, many organizations began searching for alternative password vault solutions. KeePass, a legacy open-source option has risen to the top for many organizations evaluating their options. Others have been using this option already for years. A recent POC demonstrating who to abuse the Trigger feature was released and assigned a CVE….

The post What this KeePass CVE means for organizations searching for new password vaults appeared first on TrustedSec.

Continue reading What this KeePass CVE means for organizations searching for new password vaults

A LAPS(e) in Judgement

Posted on by

As security practitioners, we live in a time where there is an abundance of tools and solutions to help us secure our homes, organizations, and critical data. We know the dangers of unpatched applications and devices as well as the virtues of things like password managers and encrypted databases to protect our passwords and other…

The post A LAPS(e) in Judgement appeared first on TrustedSec.

Continue reading A LAPS(e) in Judgement

Building a Strong Foundation With the Information Security Accelerator

Posted on by

Bottom Line Up Front Common threats like malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions don’t have to spell disaster. Mid-market companies and small-to-medium businesses (SMBs) can cut through the confusion of how to build a solid security program. Our Information Security Accelerator service is designed to help your organization chart…

The post Building a Strong Foundation With the Information Security Accelerator appeared first on TrustedSec.

Continue reading Building a Strong Foundation With the Information Security Accelerator

Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience

Posted on by

One of the most common questions asked by business leadership is also one of the most challenging to answer: “How secure are we?” Now, some of you reading this may already be cringing or yelling at your screen that this question on its own shouldn’t have a simple answer with little actionable value. However, when…

The post Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience appeared first on TrustedSec.

Continue reading Maturity, Effectiveness, and Risk – Security Program Building and Business Resilience

Update: The Defensive Security Strategy

Posted on by

Original post:  https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are they occurring? While common issues are often leveraged, the mentality around them is…

The post Update: The Defensive Security Strategy appeared first on TrustedSec.

Continue reading Update: The Defensive Security Strategy

The Backup Paradigm Shift: Moving Toward Attack Response Systems

Posted on by

Black Hawk Down I’m guessing a lot of us in the IT and Security space have experienced the gut wrenching feeling of not receiving that ICMP ping reply you were expecting from a production system, be it a firewall, switch, or server. Was there a recent configuration change that happened prior to the last reboot?…

The post The Backup Paradigm Shift: Moving Toward Attack Response Systems appeared first on TrustedSec.

Continue reading The Backup Paradigm Shift: Moving Toward Attack Response Systems

Companies on High Alert for Unemployment Fraud

Posted on by

Proactive Measures to Thwart Unemployment Fraud In the past few months, the TrustedSec Incident Response team has responded to several incidents of unemployment benefit fraud. Due to the pandemic and nationwide lockdowns, there has been an extremely high volume of unemployment claims submitted across the United States, and with greater instances of fraud making it difficult…

The post Companies on High Alert for Unemployment Fraud appeared first on TrustedSec.

Continue reading Companies on High Alert for Unemployment Fraud

Yes, It’s Time for a Security Gap Assessment

Posted on by

For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely…

The post Yes, It’s Time for a Security Gap Assessment appeared first on TrustedSec.

Continue reading Yes, It’s Time for a Security Gap Assessment