Uncategorized


16

Jan 2019

Should I Go Through HITRUST Certification Even If It’s Not Required?

The HITRUST CSF is a set of security controls designed to help organizations that work with sensitive healthcare data to become more secure. Since HITRUST is gaining traction, many organization decision makers are asking the question, “Should my company go through HITRUST certification even though we’re not required to do so?” This article explores what it means to be HITRUST certified and the benefits of...

Read More


07

Jan 2019

Introduction to the MITRE ATT&CK Framework

What is the MITRE ATT&CK Framework? MITRE’s Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) framework is a collection of information about advanced persistent threats (APTs) that commonly target enterprise networks. The goal of the framework is to collect all relevant and available information about these groups and organize it in a way that makes it accessible and usable for enterprise security teams. The framework was...

Read More


10

Dec 2018

Moving from Threat Intelligence Consumer to Producer

Most organizations are threat intelligence consumers, purchasing or collecting publicly available information about current cybersecurity threats. In this article, we discuss the value of becoming a threat intelligence producer and how an organization can do so with minimal in-house cybersecurity resources. What is Threat Intelligence? Threat intelligence is a term generally used to mean “any useful information for detecting and protecting against cyberattacks”.  Examples include...

Read More


02

Oct 2018

Why Sharing Credentials is Dangerous and How to Stop It

In many cases, sharing your access credentials to a computer or software doesn’t seem like that big of a deal. If you’re in a hurry or out of the office, sharing credentials can allow someone else to give you a hand by performing a simple task or checking something for you. If the other person has the same level of access as you (like having...

Read More


25

Sep 2018

Eight Considerations for Remote Worker Cybersecurity

Working from your desk in the corporate office is probably the safest way of doing business since you have both physical and technological protections provided by your organization.  However, this may not always be feasible for either personal or business reasons.  By taking the appropriate remote worker cybersecurity precautions, you can work from home or on the go without jeopardizing your personal security or that...

Read More


18

Sep 2018

Practicing Strong Password Security to Protect Yourself from Hackers

Having a weak password might not seem like a big deal, but it can be dangerous both personally and professionally.  In this post, we discuss what makes a password weak, how attackers take advantage of weak passwords, and how you can practice strong password security to protect yourself from hackers. What Makes a Password Weak? Everyone talks about the fact that strong passwords are a...

Read More


28

Aug 2018

Locked Out: Ransomware Prevention and Incident Response

A ransomware attack can be a debilitating event for an unprepared person or organization.  Depending on the type and value of the data stored on an infected computer, the impact of an incident can range from a minor hiccup in operations to the death of the company. The impact of ransomware on small to medium size businesses (SMBs) can be particularly devastating. In its Second Annual...

Read More


15

Aug 2018

Sticking Around: Common Windows Malware Persistence Mechanisms

Malware authors put a lot of time and effort into writing their malware and finding ways to get it installed and running on target machines. If users could get rid of malware for good by just closing it or restarting their computer, then these attackers would have put in a lot of work for minimal payoff. But hackers leverage malware persistence mechanisms to be sure...

Read More


09

Aug 2018

What do I do if my Network is Hacked?

7 Steps to Achieving Effective Information Security Incident Response Nobody wants to be hacked, but the only thing worse than having an incident is to have one and then botch the incident response procedures. An incorrect response could allow an attacker to gain further access to your network, fail to completely remove the infection, or render evidence of the incident inadmissible in legal proceedings. By...

Read More


02

Jul 2018

Two-Factor Authentication (2FA): Secure or Not?

Passwords are generally considered to be insecure.  With the sheer number of accounts that the average person has, remembering a password for each account requires weak passwords, password reuse, or the use of technology like a password manager.  Even if someone has good password hygiene, a data breach means that someone’s password could be exposed by circumstances completely outside their control. Two-factor authentication is a...

Read More



Page 1 of 512345