IaaS and the Shared Responsibility Model

  A note to vendors: Infrastructure as a Service (IaaS) != secure/compliant applications, it can, but doesn’t by default. Why are people putting their servers and applications in IaaS providers like AWS and Azure? They can get a cheap, fast and secured data center to host their servers/applications. But that doesn’t mean they get the ... Read More

NIST Guide for Cybersecurity Incident Recovery

NIST, National Institute for Standards and Technology, just released a new guide for incident response and recovery for a cyber security incident. What is a Cyber Security Incident? According to NIST Special Publication 800-61, Computer Security and Incident Handling Guide, an event is any observable occurrence in a system or network. Events include a user ... Read More

Top Cyber Security Concerns for Non Profits

Of course there could be a number of items on this list, and many that are important.  These are the top cyber security concerns that I see for non profits right now (and any business of similar size).  Attackers look for easy targets.  Sure it is possible to compromise even the most hardened enterprise systems, ... Read More

Cyber Security and Non Profits

Running a non-profit is much like running a small business, and it also has many unique challenges.  In a small business, it is easy to justify overhead spending on IT equipment as a necessity to running the business even during times of fiscal struggle.  In a non-profit, when you have to weigh spending money on ... Read More

Windows Event Forwarding/Collector Resources

Depending on your SIEM you are going to have different requirements here.  For some SIEMs, there is no issue with EPS and only the number of devices.  In that case, this will immediately reduce your licensing needs by allowing you to watch Events from Servers and/or workstations from a single (or few) devices.  You can ... Read More

The Hitlist: Compliance

This post is focused on compliance and cyber security.  What we mean is if your organization is attempting to become compliant to an industry standard or regulation, these are things that will have to be considered and more than likely implemented across the board for things such as PCI-DSS, HIPAA, ISO27k, FISMA and more.  Here ... Read More

Heartbleed: What you need to know

Summary Heartbleed is a serious vulnerability that can allow attackers to intercept secure communications.  Email, Websites, VPNs, and other trusted security technologies are at risk – passwords and encryption keys can be breached.  You most likely have something that is affected.  What to do Update anything using OpenSSL, see below for more information. Check to see ... Read More

Trustwave Global Security Report 2014

Cross posted from http://www.securit360.com/blog where I am a regular author. The Trustwave Global Security Report for 2014 was recently released.  There are a number of very useful and insightful statistics in this report, which we can corroborate, based on our assessments of numerous organizations’ networks.  We wanted to highlight a few of these statistics below: Top 10 ... Read More