Tickets predate the well-known ticket tracking software. Long ago, the process of tracking issues by index cards were taken from analog to digital processes However, the usefulness of ticketing has waned in the past decade or so — except in organizations that jealously maintain the culture of quality ticketing. The capabilities of ticketing systems can… Read More
9 AWS Secrets You Need to Know Before Moving to the Cloud
Cloud security is a hot topic lately, and for good reason. As more businesses have migrated to the cloud, there have been more data breaches. In our recent webinar, Flying Blind: 2017 Cloud Configurations Gone Wrong, cloud security experts John Hawley and Mike Piscopo detailed several of the worst misconfiguration disasters we’ve seen this year. Among the data breach incidents we… Read More
3 Steps You Can Take Now to Lower Your Security Risk
Managing risk across an organization requires a lot of different things: setting strategy, determining tolerance, defining metrics. These are critical in your overall risk management efforts, and even more so in information security. But where do you begin? There’s no denying it can feel like a daunting task. It’s hard to make sure that information… Read More
The Skills and Qualifications Every Successful Penetration Tester Must Have
Any time I’m asked to speak about my experience in the cyber security field, whether I’m at a trade show or speaking to candidates interested in breaking into the industry, I invariably get the question about what it takes to be a pen tester. In this blog, I’ll touch on some of the most important qualities… Read More
Why You’ll Never Succeed at Selecting an MSSP (Without These Questions)
Managed security services providers (MSSPs) have risen in popularity. The new report, “Security Advisory Services Market by Service Type – Global Forecast to 2022,” indicates that the security advisory services market is expected to grow nearly 20 percent annually from USD $5.77 billion in 2017 to USD $13.57 billion by 2022. There are several factors driving an… Read More
Avoid These Common Incident Response Assumptions and Planning Mistakes
Last week, I took part in one of SecureWorld Seattle’s panels, “Manage the Damage – The Current Threat Landscape.” This panel focused on the topic of developing, fine-tuning, and practicing incident response plans to be better prepared for a breach. The moderator, Jean Pawluk, and the crowd in attendance, asked some thought-provoking questions about common incident response challenges that businesses face…. Read More