The week two theme of National Cyber Security Awareness Month (NCSAM), “Millions of Rewarding Jobs: Educating for a Career in Cyber Security,” focuses on ways to motivate parents, teachers and counselors to learn more about this field, and how to best inspire students and others to seek careers in it. In today’s blog, I’ll discuss the… Read More
For many organizations, cyber security program and cyber security incident response plans (CSIRPs) also need to consider industrial control systems (ICS) when we look at the protection of critical services. Most often our discussions about Cyber Security Incident Response Plans (CSIRP) are focused on data security incidents. We know that across all industries, data contained in information… Read More
In my previous blog, I wrote about security awareness programs and provided some high-level recommendations for how you can improve their effectiveness. In this article, I’d like to share some thoughts on how to test and measure how well those programs are doing. How do you know if you are making an impact? What can you actually… Read More
When was the last time you took a good look at your security awareness program? Was it last October during National Cyber Security Awareness Month (NCSAM)? As security professionals, we are regularly reminded that our end users are the weakest link. With so many priorities to juggle in your overall security program, it’s understandable that addressing the… Read More
Oftentimes, I find cyber security teams still operating in some dark back office, interacting with their non-technical colleagues as little as possible, and wondering why people just don’t get it when it comes to security. As security professionals, we frequently talk about the concept of “people, process, and tools,” but there may be a few… Read More
I have spent the most notable years of my career helping organizations improve their cyber security incident response plans. To do this effectively, we dive in, ask questions, consider scenarios, look at contingencies, and identify gaps. It has personally been very rewarding for me because planning is in my core – I rarely fly by the seat of my pants, and usually have multiple back up plans. But on August 25, 2017, I was blindsided by Hurricane Harvey.