We frequently hear about the cyber security talent shortage and technical skills gap. According to the ISACA “State of Cybersecurity 2018: Part 1: Workforce Development” study, lack of technical skills ranked as one of the top two challenges for security professionals and managers. Often, though, it’s easy to overlook or underestimate non-technical challenges. This can include… Read More
For many organizations, cyber security program and cyber security incident response plans (CSIRPs) also need to consider industrial control systems (ICS) when we look at the protection of critical services. Most often our discussions about Cyber Security Incident Response Plans (CSIRP) are focused on data security incidents. We know that across all industries, data contained in information… Read More
External penetration testing reconnaissance is a critical first step in a professional security assessment. By using the same methods and resources that attackers use to get into networks, along with open source intelligence, pen testers can get a much richer profile of an organization’s security strengths and weaknesses and conduct more successful and accurate assessments. In… Read More
Managed detection and response (MDR) has received a lot of attention lately. However, is it just marketing hype, or does it offer security professionals and buyers new hope? The field of cyber security is often known as the land of a thousand buzzwords, many of them overused. Machine Learning and Advanced Persistent Threats (APT) are just a few that… Read More
Pulling the plug on the Internet is often jokingly referred to as the best solution for network security. All kidding aside, anything you can do to make it harder for the bad guys to gain access to your network can have a positive impact on your overall security posture. That begs the question: with so many… Read More
Welcome to our third blog on incident response in the cloud. The first two posts primarily focused on the built-in capabilities from cloud service providers that can help your incident response efforts. We also discussed how to configure your Amazon Web Services (AWS) environment to take advantage of those features. Today, we are going to look at some tools that are… Read More