Does the definition of unknown make measuring risk also unknown? Let’s assume a cloud account has been created on Amazon Cloud(AWS – Amazon Web Services) or elsewhere (Rackspace, Azure, or Google cloud) This cloud account will always be the Achilles heel of your Internet presence. I.e. if someone gets a hold of he main account … Read more
An interesting video from RSA Conference 2018: “There’s no such Thing as a Cyber-risk” So if you look at possible risk domains Computer Security (or Cybersecurity is not on there. Operations: errors – fraud – talent – employee engagement – safety Service Availability: capacity, resiliency, data integrity, intentional disruption Product delivery: pre-executions – release executions … Read more
This document was updated and created to protect CUI – Controlled Unclassified Information for all government entities. So if you want to have a contract with the government you better have a plan in place. Due to Executive order 13556 (Nov 4, 2010), Controlled Unclassified Information program to standardize unclassified information and designated the NARA … Read more
53 vulnerabilities in today’s Patch Tuesday There is a Dashboard set up by Morphus Labs 3 publicly disclosed and 17 critical. It is always important to keep up on your patching regimen, as today’s vulnerabilities become more and more dangerous in the future. But one has to assess the current and older vulnerabilities with what … Read more
Do you want to use the Internet? Computers? Tablets? Cellphones? There is no device created that is 100% secure with no risk. So now what? Risk management – is what we are supposed to do, where the risk of using something is lower than the value of using it. For example: using a computer for … Read more
