CSC 3 – Continuous Vulnerability Management Computer networks are very similar to modern buildings; they are combination of numerous highly complex systems. Each constituent system introduces some level of vulnerability and therefore risk into the larger system as a whole. Control 3 requires the use of a standards-based vulnerability scanner to evaluate each computer system…
DetailsCritical Security Controls – What’s installed, running, and able to run on your business computers Control 2 advances the framework into the inventory and control of Software installed and running on the computer assets within an organization. CSC 2 – Inventory and Control of Software Assets Software is what delivers the value through the complex…
DetailsThe Critical Security Controls (CSC) 1 – Modern cybersecurity is much like the early banking industry There is nearly no area of the banking business which has been unchanged by security threats over the years. The agents of the FBI and U.S. Secret Service persuaded successful bank robbers to help inform the defense of these…
Details20 Critical Security Controls (20 CSC) SANS combined government-derived information security and real-life attacks in businesses of all sizes to inform appropriate defense. This created SANS original list of 10, which later became 20 critical security controls. These 20 Critical security controls are becoming more important everyday. Using these 20 CSC’s will make your organization…
DetailsManaged Service Providers: Never have to worry about an issue again with 24×7 monitoring. Managed service providers use remote monitoring and management tools to keep an eye on the performance and overall health of the IT infrastructure that powers your business operations. MSPs should be 24×7 and should quickly respond to any issue that…
DetailsDisaster Recovery: Don’t let a negatively impacting event affect your organization Disaster Recovery is the ability to preserve an organizations data and systems through a negatively impacting event. With the onset of cloud computing, disaster recovery has become more efficient and affordable than ever. Today it is possible to back up data in minutes vs.…
DetailsCyber-Killchain The process of a cyber-killchain is much like the process of an everyday burglar. These burglars take multiple steps before they actually rob your home, car, or business. The killchain is the common steps that are used by these cyber-burglars. This being the case, it’s important for defenders to pay attention and use the…
DetailsRANSOMWARE: CYBER-THUGS WANT YOUR BITCOIN Ransomware is a malicious software created by cyber-thugs who got picked on when they were young. These cyber-thugs are an organization that can’t get any money from their country so they prey on the US. Most RW variants are coming out of Russia, Ukraine, North Korea, China and India. Extorting…
DetailsControl 6: – A framework for an offense-informed defense We’ve covered Controls 1 through Control 5 of the 20 Critical Security Controls. This blog will focus on Control 6 and will complete our coverage of the “Basic Controls”, those which represent the most basic of cyber “hygiene”. The 20 Critical Controls use an offense-informs-defense…
DetailsControl 5: A framework for an offense-informed defense. As we discussed in our earlier blog posts on the 20 Critical Security Controls, they provide an offense-informs-defense framework through which an organization can effectively defend against cyberattacks. In this installment, we’re examining Control Five. This control is one of the ‘Basic control’ and represents the…
Details
