NIST has created a self assessment tool for companies and organization who are working through the NIST Cyber Security Framework (NIST-CSF). This tool is called the Baldridge Cybersecurity Excellence Bulder and is designed to help companies implement the principles of the CSF.
According to NIST, organizations can use the Baldrige Cybersecurity Excellence Builder to:
US-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident. There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert. There are many links on both the CERT and the FTC websites to ...
From the Department of Homeland Security website: “October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events ...
Encryption ransomware can be a devastating event if it happens to your or your company. The three solutions are basically pay the money, restore from backup, or accept your losses and move on. All are expensive, and some can be severe enough to drive a business out-of-business.Monday we gave you several ways to prevent, or at least prepare a response to a crypto-ransomware exploit. Today we are going to look at ...
On Wednesday we discussed the many, many ways your smartphone is vulnerable to attack. Today we will look at solutions. Smart mobile devices need to be secured just as you would a laptop or desktop computer The small size and easy portability of smartphones and tablets make them easier to steal or lose. Some of our recommendations:
We have heard plenty of stories about people who blindly followed their GPS over a cliff or missing bridge to their doom. Now this bit of research from Slate Magazine.
“Researchers at Georgia Tech had 42 volunteers follow a seemingly autonomous robot into a conference room. However, the robot was actually guided by a hidden researcher, whose goal was to intentionally lead the test subjects astray in order to establish the bot’s unreliability.
Last Friday we dove down the WordPress Security bunny hole to chase the Aethera botnet and the other attack platform that WordFence reported. Today we are looking a their new WordPress Security Learning Center.
If you are a developer or security professional, you should check this site out, and take the time to fit the classes into your schedule. If you are ...
Continue Reading →14Share
MARContinue Reading →
If you are in high school (or junior high) or college, attracted to technology, and looking for a career with a future, then you should give serious consideration to the field of Cybersecurity. A recent press release from Cybrary reveals the results of its Cyber Security Job Trends Survey for 2016. Cybrary surveyed 435 senior level technology professionals, and the results indicated a pressing need for more skilled ...
17Share
FEB
This should really be called “anti-social” engineering. A good definition is “social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.”
My article on Wednesday will give an example of phone based social engineering – the fake tech support ...
Continue Reading →8Share
FEBI got this announcement yesterday and thought I’d post it here for interested cybersecurity professionals.
The 2016 CISSP Study Group for (ISC)2 “Common Body of Knowledge Examination” is forming with the first session starting Feb 23, 2016. The study group is scheduled to last until June 28.
Background:
Continue Reading →
The board of directors of both the Minnesota Chapter of ISSA and the Twin Cities Minnesota (ISC)2 Chapter agreed to sponsor a CISSP Study Group. ...28Share
JAN
