Threat Intelligence

Defense Acquisition Chief Puts Down Marker on Cybersecurity

As part of the Department of Defense’s Better Buying Power initiative, Undersecretary of Defense for Acquisition, Test, and Logistics Frank Kendall is adding increased cybersecurity requirements for new weapon systems acquisitions. Kendall pointed to the vulnerability of digital systems vital to defending...  [Read More]

Small Business Website Addresses Vulnerable to Hacking

Both Google and Lenovo had website hacks this week – one of Google’s many international sites and Lenovo’s major site were victims. This type of hack can be easily executed on small business sites also. Imagine, if the criminals can get to...  [Read More]

The Categories of Insider Threat: Part 2

Last week’s blog discussed two of the four levels of insider threat. I wrote about pure insider threat and insider associate levels. This week, I will discuss the other two levels of insider threat – inside affiliate and outside affiliate – and...  [Read More]

My Insurance/Credit Card/Store Just Got Hacked, What Should I Do?

It seems hardly a week goes by before the morning news brings the announcement that another major company has suffered a data breach. This week it is the health care company Anthem that has been breached. In this instance some 80 million...  [Read More]

The Categories of Insider Threat

Understanding the various levels of insider threat can assist companies in their efforts to implement the proper security controls within the organization. There are four levels of insider threat, and they all depend upon the levels of access someone has to the...  [Read More]

Would You Want This on the Front Page of the Newspaper?

We have all heard the warnings about social media…how ‘bad actors’ troll places like Facebook and MySpace searching for information that they leverage for some gain. So what should or shouldn’t you post on those ‘social pages’? Perhaps more importantly…what are your...  [Read More]

The Business Side of Cybersecurity

You may not recognize a SQL Injection attack from a Distributed Denial of Service problem or a Point of Sale breach. You may have no detailed understanding of the inner workings of your IT infrastructure that was started 30 years ago and...  [Read More]

Using Multifactor Authentication to Enhance Access Control

The role of the Chief Information Security Officer (CISO) is expanding just as threats to company data are growing more prevalent. Attacks are occurring more often, and it falls to leaders to set cyber priorities as a key business mandate. Weak or...  [Read More]

Do You Trust Your Co-workers: Using Background Checks to Combat the Insider Threat

Many organizations believe that once they hire a new employee or contractor, the person is automatically part of a trusted group of people within the organization. This new hire is given access to sensitive company information that an ordinary person would never...  [Read More]

Hanging Out in The Underground!

Recently, things have not been going so well in cyber space. There have been a lot of cybersecurity breaches in the banking and business communities. One of the major breaches that has just occurred and is still on-going is the Sony Entertainment...  [Read More]