U.S. Government Issues Security Alert for Virtual Private Network Security

Virtual Private Network Security
Last month I blogged about Virtual Private Network security risks ( or VPN security risks ) from state sponsored hacking group. Last week, the U.S. Computer Emergency Readiness Team (US-CERT) published an alert respecting Enterprise VPN Security. With so many organizations turning to remote work and leveraging VPN as key security tool, US-CERT wanted to provide some key guidelines...

Building Team Awareness of the Latest Cybersecurity Risks

Building Team Awareness of the Latest Cybersecurity Risks
On Sunday, a foreign group endeavored to hack the Department of Health and Human Services in an effort to spread disinformation about a nationwide quarantine. A Czech hospital managing patients infected with COVID-19 was recently hit with ransomware. Phishing campaigns impersonating Johns Hopkins, CDC and the World Health Organization have gotten so excessive that the WHO...

Getting Started: Building the Foundations of Cybersecurity for Small to Medium-Sized Businesses

Cybersecurity
Cybersecurity has become a significant concern for all businesses. Most businesses have, at least, attempted to put in measures to secure their systems. While at it, small to medium-sized businesses or enterprises (SMEs) have shown lesser concern for the need for cybersecurity compared to larger firms. Often belittling the probability of attacks, SMEs risk their cyber infrastructure even more....

Good Cloud Security Management Starts with Security Policy Monitoring and Deployment of Appropriate Cloud Security Solutions

Cloud Security Solutions / tools
Cloud security solutions providing automated policy auditing and enforcement are easy ways to manage the significant risk posed by policy deviations.  This article will illustrate how policy contributes to cloud security, highlight the challenges of policy auditing and enforcement that can potentially be resolved with cloud security solutions, and suggest a strategy for baselining...

People, Process, and Technology: The Trifecta of Cybersecurity Programs

Cybersecurity program
Introduction Ensuring that your company’s systems are protected against cyberattacks depends on the proper functioning of each element of your cybersecurity program.  Those core elements are people, process, and technology.  It starts with your team or your “human firewall”, since this can be your weakest link if you neglect it.  Both your people and your...