NIST has created a self assessment tool for companies and organization who are working through the NIST Cyber Security Framework (NIST-CSF). This tool is called the Baldridge Cybersecurity Excellence Bulder and is designed to help companies implement the principles of the CSF.
According to NIST, organizations can use the Baldrige Cybersecurity Excellence Builder to:
US-CERT sent out an announcement in September about a new video from the FTC for people whose personal information may have been breached in a cyber incident. There are tips on reporting, and how to recover with tools such as a credit freeze or fraud alert. There are many links on both the CERT and the FTC websites to ...
I attended the (ISC)2 Security Congress in September, and one of the featured speakers was well known television journalist Ted Koppel. He gave a presentation about his new book Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath. You are probably wondering, as I was, what would make Ted Koppel an authority on this particular subject? The answer is ...
I recently read Dave Eggers book The Circle at the recommendation of a friend in the cybersecurity profession. While I don’t do book reviews in this blog very often, I thought I would throw in my two cents about this book.
I was recommended this book during a cybersecurity training class. I do want to say that this book looks unblinkingly at ...
Continue Reading →
Years ago I heard a story about someone on a job interview was asked by the hiring manager for the user ID and password to their Facebook account. My response, then and now, was “sure – but you first.” The idea being if you want to know that much about my personal life, then I want to know the same about you. Maybe ...
We were interviewed again by Sarah Westall on her web radio show Business Game Changers. Our discussion wove together different threads I have been following about cyber warfare and our lack of national preparedness. Since reading Ted Koppel’s book Lights Out and watching the documentary Zero Days, this has become a bigger issue for me, and maybe it should be for ...
Not trying to be rude here. Phishing has become the most prevalent form of cyber-attack, and the reason for that is that IT WORKS! It works because most people are very trusting and easily convinced, and are clicking on links and opening attachments without much concern. It also works because most people have not been trained how to recognize a potential phishing message, and how to verify if ...
From Miller Brothers Automotive:
A customer at Stingray Fishmongers marveled at the owner’s quick wit and intelligence.’Tell me, Simon, what makes you so smart?’ ‘I wouldn’t share my secret with just anyone, ‘Simon replies, lowering his voice so the other shoppers won’t hear.’ But since you’re a good and faithful customer, I’ll let you in on it. Fish heads. You eat enough of them, you’ll be positively brilliant.’ ‘You sell ...
Continue Reading →
Back on August 31 I received an email from the Department of Homeland Security about a set of FTC recommendations for people using rental cars. I have experienced this issue myself. Basically, it is simple and relatively convenient to connect a smartphone to the smart vehicle’s infotainment system in order to enjoy hands free phone calls, stored musical tracks, and the phone’s navigation application. The problem is that the ...
