Personal: Family Goals for 2017

I won’t do this often, but this turned out to be a fun exercize with my family.  I was inspired by a friend of mine to have more family meetings. Specifically, a meeting to reflect on the last year and discuss how we did as a family, what we want to change and how we did as parents for the year. I am big fan of giving my children input… Read More »Personal: Family Goals for 2017

NIST Guide for Cybersecurity Incident Recovery

NIST, National Institute for Standards and Technology, just released a new guide for incident response and recovery for a cyber security incident. What is a Cyber Security Incident? According to NIST Special Publication 800-61, Computer Security and Incident Handling Guide, an event is any observable occurrence in a system or network. Events include a user connecting to a file share, a server receiving a request for a web page, a… Read More »NIST Guide for Cybersecurity Incident Recovery

Top Cyber Security Concerns for Non Profits

Of course there could be a number of items on this list, and many that are important.  These are the top cyber security concerns that I see for non profits right now (and any business of similar size).  Attackers look for easy targets.  Sure it is possible to compromise even the most hardened enterprise systems, but the amount of effort required goes up significantly as the defenses go up.  So… Read More »Top Cyber Security Concerns for Non Profits

Cyber Security and Non Profits

Running a non-profit is much like running a small business, and it also has many unique challenges.  In a small business, it is easy to justify overhead spending on IT equipment as a necessity to running the business even during times of fiscal struggle.  In a non-profit, when you have to weigh spending money on IT infrastructure against helping a young mother care for her child the decision is much… Read More »Cyber Security and Non Profits

Windows Event Forwarding/Collector Resources

[socialwrap align=”left”] [socialicon name=”fb” url=”” ][/socialicon] [socialicon name=”linkedin” url=”” ][/socialicon] [socialicon name=”twitter” url=”” ][/socialicon] [socialicon name=”google” url=”” ][/socialicon] [socialicon name=”rss” url=”” ][/socialicon] [socialicon name=”youtube” url=”” ][/socialicon] [socialicon name=”vimeo” url=”” ][/socialicon] [socialicon name=”pinterest” url=”” ][/socialicon] [socialicon name=”soundcloud” url=”” ][/socialicon] [socialicon name=”instagram” url=”” ][/socialicon] [socialicon name=”flickr” url=”” ][/socialicon] [socialicon name=”email” url=”” ][/socialicon] [/socialwrap] Depending on your SIEM you are going to have different requirements here.  For some SIEMs, there is no issue… Read More »Windows Event Forwarding/Collector Resources

Best Practice: Securing Windows Service Accounts and Privileged Access – Part 2

[socialwrap align=”left”] [socialicon name=”fb” url=”” ][/socialicon] [socialicon name=”linkedin” url=”” ][/socialicon] [socialicon name=”twitter” url=”” ][/socialicon] [socialicon name=”google” url=”” ][/socialicon] [socialicon name=”rss” url=”” ][/socialicon] [socialicon name=”youtube” url=”” ][/socialicon] [socialicon name=”vimeo” url=”” ][/socialicon] [socialicon name=”pinterest” url=”” ][/socialicon] [socialicon name=”soundcloud” url=”” ][/socialicon] [socialicon name=”instagram” url=”” ][/socialicon] [socialicon name=”flickr” url=”” ][/socialicon] [socialicon name=”email” url=”” ][/socialicon] [/socialwrap] In the first post I covered best practices for securing service accounts.  In this post, I am going to discuss… Read More »Best Practice: Securing Windows Service Accounts and Privileged Access – Part 2

Best Practice: Securing Windows Service Accounts and Privileged Access – Part 1

[socialwrap align=”left”] [socialicon name=”fb” url=”” ][/socialicon] [socialicon name=”linkedin” url=”” ][/socialicon] [socialicon name=”twitter” url=”” ][/socialicon] [socialicon name=”google” url=”” ][/socialicon] [socialicon name=”rss” url=”” ][/socialicon] [socialicon name=”youtube” url=”” ][/socialicon] [socialicon name=”vimeo” url=”” ][/socialicon] [socialicon name=”pinterest” url=”” ][/socialicon] [socialicon name=”soundcloud” url=”” ][/socialicon] [socialicon name=”instagram” url=”” ][/socialicon] [socialicon name=”flickr” url=”” ][/socialicon] [socialicon name=”email” url=”” ][/socialicon] [/socialwrap] I recently had a client ask me about our recommendations for securing service accounts within Active Directory.   We… Read More »Best Practice: Securing Windows Service Accounts and Privileged Access – Part 1

The Hitlist: Compliance

[socialwrap align=”left”] [socialicon name=”fb” url=”” ][/socialicon] [socialicon name=”linkedin” url=”” ][/socialicon] [socialicon name=”twitter” url=”” ][/socialicon] [socialicon name=”google” url=”” ][/socialicon] [socialicon name=”rss” url=”” ][/socialicon] [socialicon name=”youtube” url=”” ][/socialicon] [socialicon name=”vimeo” url=”” ][/socialicon] [socialicon name=”pinterest” url=”” ][/socialicon] [socialicon name=”soundcloud” url=”” ][/socialicon] [socialicon name=”instagram” url=”” ][/socialicon] [socialicon name=”flickr” url=”” ][/socialicon] [socialicon name=”email” url=”” ][/socialicon] [/socialwrap] This post is focused on compliance and cyber security.  What we mean is if your organization is attempting to… Read More »The Hitlist: Compliance

Heartbleed: What you need to know

[socialwrap align=”left”] [socialicon name=”fb” url=”” ][/socialicon] [socialicon name=”linkedin” url=”” ][/socialicon] [socialicon name=”twitter” url=”” ][/socialicon] [socialicon name=”google” url=”” ][/socialicon] [socialicon name=”rss” url=”” ][/socialicon] [socialicon name=”youtube” url=”” ][/socialicon] [socialicon name=”vimeo” url=”” ][/socialicon] [socialicon name=”pinterest” url=”” ][/socialicon] [socialicon name=”soundcloud” url=”” ][/socialicon] [socialicon name=”instagram” url=”” ][/socialicon] [socialicon name=”flickr” url=”” ][/socialicon] [socialicon name=”email” url=”” ][/socialicon] [/socialwrap] Summary Heartbleed is a serious vulnerability that can allow attackers to intercept secure communications.  Email, Websites, VPNs, and other… Read More »Heartbleed: What you need to know

Trustwave Global Security Report 2014

Cross posted from http://www.securit360.com/blog where I am a regular author. The Trustwave Global Security Report for 2014 was recently released.  There are a number of very useful and insightful statistics in this report, which we can corroborate, based on our assessments of numerous organizations’ networks.  We wanted to highlight a few of these statistics below: Top 10 Internal Network Penetration Test Vulnerabilities – which include weak passwords, shared accounts, and unencrypted storage… Read More »Trustwave Global Security Report 2014