On of the more hopeful presentations from the Cyber Security Summit was presented by Tony Sager from the Center for Internet Security. Titled “Making Best Practices Common Practices: The CIS Controls,” Tony provided us with a road map for implementing secure practices in our networks.
There are 20 CIS controls. Tony said that implementing the first 5 (20%) would reduce your risk by 80%. You ...
Continue Reading →NOV

On Monday we looked at the some of the primary attack vectors used by cyber-criminals. Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit. Many of these are significant twists on old exploits, or more sophisticated exploits.
In the last several days, we have seen big distributed denial of service (DDoS) attacks against DynDNS, an Internet services company that provides domain name services (DNS) to many companies including Twitter and PayPal. DNS is how web sites are found on the web, you enter a web address in your browser, and DNS finds the website you are looking for. When attacked in ...
NIST has created a self assessment tool for companies and organization who are working through the
US-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident. There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert. There are many links on both the