On of the more hopeful presentations from the Cyber Security Summit was presented by Tony Sager from the Center for Internet Security. Titled “Making Best Practices Common Practices: The CIS Controls,” Tony provided us with a road map for implementing secure practices in our networks.
There are 20 CIS controls. Tony said that implementing the first 5 (20%) would reduce your risk by 80%. You ...
Continue Reading →
On Monday we looked at the some of the primary attack vectors used by cyber-criminals. Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit. Many of these are significant twists on old exploits, or more sophisticated exploits.
Hey, when I spend several hundred dollars and two days of my time to attend a cybersecurity conference, a guy like me hopes he can milk a few blog articles out of it. Here is the third (so far.)
Most of these nuggets came from a keynote titled “2016 Cyber Attacks By The Numbers” presented by Kevin Thompson, a former CIA analyst and now a threat analysis for the cybersecurity firm FireEye. Very eye-opening.
In the last several days, we have seen big distributed denial of service (DDoS) attacks against DynDNS, an Internet services company that provides domain name services (DNS) to many companies including Twitter and PayPal. DNS is how web sites are found on the web, you enter a web address in your browser, and DNS finds the website you are looking for. When attacked in ...
NIST has created a self assessment tool for companies and organization who are working through the 
US-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident. There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert. There are many links on both the