The Critical Security Controls – Control 6

Control 6: – A framework for an offense-informed defense   We’ve covered Controls 1 through Control 5 of the 20 Critical Security Controls. This blog will focus on Control 6 and will complete our coverage of the “Basic Controls”, those which represent the most basic of cyber “hygiene”. The 20 Critical Controls use an offense-informs-defense…

The Critical Security Controls – Control 5

Control 5:   A framework for an offense-informed defense.  As we discussed in our earlier blog posts on the 20 Critical Security Controls, they provide an offense-informs-defense framework through which an organization can effectively defend against cyberattacks.  In this installment, we’re examining Control Five.  This control is one of the ‘Basic control’ and represents the…

The Critical Security Controls – Control 4

Control 4:  A framework for an offense-informed defense.    As we discussed in our earlier blog posts on the 20 Critical Security Controls, they provide an offense-informs-defense framework through which an organization can effectively defend against cyberattacks.  In this installment, we’re examining Control Four. This control is a ‘Basic control’ and represents one which every…

The Critical Security Controls – Control 3

Control 3: A Framework for an Offense-informed Defense As we discussed in our earlier blog posts on the 20 Critical Security Controls, they provide an offense-informs-defense framework through which an organization can effectively defend against cyberattacks.  In this installment, we’re examining Control Three. This control is a ‘Basic control’ and represents one which every organization,…

RSA: and it Begins

RSA Day 1:        4-16-18 Each year, the cybersecurity world converges on San Francisco for a week to collectively advance the state of security. Over 50,000 professionals come together to make the RSA Conference one of the largest gatherings of its kind. The unique value of this gathering is derived both through the…

The Critical Security Controls – Control 2

Control 2:  A Framework for an Offense-informed Defense As we discussed in our earlier blog post the 20 Critical Security Controls provide a framework in which an organization’s defense can be informed by offensive techniques. We’ve related this to how law enforcement have used successful financial crimes to inform the defense of the financial sector.…

The Critical Security Controls – Control 1

Control 1:  A Framework for an Offense-informed Defense   As we discussed in our earlier blog post concerning the cybersecurity landscape and making sense of it, the banking industry has evolved and adapted their business in fundamental ways to mitigate the threats naturally encountered in day-to-day operations. This ranges from architectural changes of bank branches,…

Cyber security = Cyber Defense = Cyber-chaos

Breaking through the noise: Cyber security = Cyber Defense = Cyber-chaos   It seems that every professional association, organization, or group has their own definition of CyberSecurity and a corresponding checklist to implement foolproof IT security. If it were really that easy, we assert that Target, JP Morgan, CIA, DOE, DOJ, and nearly every major…