NIST Offers Cybersecurity Assessment Tool

NISTNIST has created a self assessment tool for companies and organization who are working through the NIST Cyber Security Framework (NIST-CSF).  This tool is called the Baldridge Cybersecurity Excellence Bulder and is designed to help companies implement the principles of the CSF.

According to NIST, organizations can use the Baldrige Cybersecurity Excellence Builder to:

  • Identify cybersecurity-related activities that are critical to business strategy ...
Continue Reading →
0

October is Cybersecurity Awareness Month

DHSFrom the Department of Homeland Security website:  “October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events ...

Continue Reading →
0

Detect and Defend Against Ransomware

maktub-lockerEncryption ransomware can be a devastating event if it happens to your or your company.  The three solutions are basically pay the money, restore from backup, or accept your losses and move on.  All are expensive, and some can be severe enough to drive a business out-of-business.Monday we gave you several ways to prevent, or at least prepare a response to a crypto-ransomware exploit.  Today we are going to look at ...

Continue Reading →
0

Smartphone and Tablet Security Solutions

smartphone-securityOn Wednesday we discussed the many, many ways your smartphone is vulnerable to attack.  Today we will look at solutions.  Smart mobile devices need to be secured just as you would a laptop or desktop computer  The small size and easy portability of smartphones and tablets make them easier to steal or lose.  Some of our recommendations:

  • Record the electronic serial number (ESN) of your phone or tablet. This is information you ...
Continue Reading →
1

Trust In Technology?

We have heard plenty of stories about people who blindly followed their GPS over a cliff or missing bridge to their doom.  Now this bit of research from Slate Magazine.

 “Researchers at Georgia Tech had 42 volunteers follow a seemingly autonomous robot into a conference room. However, the robot was actually guided by a hidden researcher, whose goal was to intentionally lead the test subjects astray in order to establish the bot’s unreliability.

WordPress Security Learning Center

WordPresslogoLast Friday we dove down the WordPress Security bunny hole to chase the Aethera botnet and the other attack platform that WordFence reported.  Today we are looking a their new WordPress Security Learning Center.

If you are a developer or security professional, you should check this site out, and take the time to fit the classes into your schedule.  If you are ...

Continue Reading →
0

Cybersecurity Jobs In Demand

CEH-logoIf you are in high school (or junior high) or college, attracted to technology, and looking for a career with a future, then you should give serious consideration to the field of Cybersecurity.  A recent press release from Cybrary reveals the results of  its Cyber Security Job Trends Survey for 2016.  Cybrary surveyed 435 senior level technology professionals, and the results indicated a pressing need for more skilled ...

Continue Reading →
0

What Is Social Engineering?

social-engineeringThis should really be called “anti-social” engineering.  A good definition is “social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.”

My article on Wednesday will give an example of phone based social engineering – the fake tech support ...

Continue Reading →
0

Twin Cities 2016 CISSP Study Group

I got this announcement yesterday and thought I’d post it here for interested cybersecurity professionals.

isc2-logo

The 2016 CISSP Study Group for (ISC)2 “Common Body of Knowledge Examination” is forming with the first session starting Feb 23, 2016.  The study group is scheduled to last until June 28.

Background:
The board of directors of both the Minnesota Chapter of ISSA and the Twin Cities Minnesota (ISC)2 Chapter agreed to sponsor a CISSP Study Group.  ...

Continue Reading →
0
Page 12 of 13 «...910111213