Yes, you need to understand technology and cybersecurity architecture. No, it doesn’t matter what your business is about – you need to understand this if you want your business to succeed. No, it’s not “fair”. No, there’s not enough time in a day. ...
This past month, I put together a new utility, SyslogTally, because I needed to easily and quickly answer a question pertaining to how frequently various scripts were being used in my environment. Original Need This question about script usage frequency first arose...
Once upon a time, I needed to get a quick and dirty file integrity checking process in place for Windows systems so that we could meet a customer compliance requirement that was growing more and more popular. FIM – File Integrity Monitoring At the time, we were...
Lately, we have been hearing a steady refrain concerning cybersecurity: “It is impossible to guarantee security. Breaches are inevitable.” Is it really so because it is asserted with authority and confidence? Is it so because it is oft repeated? Inevitably, we are...
Back in September 2012, I wrote two articles for Point2Security on how to effectively handle breach notifications: The Who of Post-Breach Communication Post-Breach Communication: The Importance of How & When Sadly, to many organizations are doing something...
Despite the significant uptick in information security events on display thus far in 2011, and despite the diversity and caliber of organizations that are being breached, it seems that too many organizations are failing to learn the lessons of the victims. More than...