NIST is the National Institute of Science and Technology and CSF is the Cybersecurity Framework. There are manypdf’s (v1.1) on this topic, but the changes in versions are not my focus. Although I did cover this a small bit in a post from 2014: https://oversitesentry.com/cybersecurity-framework-by-nistnational-institute-of-standards-and-technology/ at that point NIST had the major points but not […]
Read more >Let’s list some of the problem areas: Ransomware Phishing Backups – Restore Remote Access Cloud Computing Awareness Issues – Training If you do not prepare for the future then it will create surprises when you least expect it or the future may make changes in ways that you will not appreciate. An example of this […]
Read more >The human factor is always underappreciated in helping decide on what can be done with our Computer Security. “Security Mental Model: Cognitive map approach” Tahani Albalawi, Kambiz Ghanzinour and Austin Melton paper: The computer security community has developed formal methods for providing security properties to systems and organizations. However, the human role has often […]
Read more >Ransomware hitting the unsuspecting small business that does not have all the Security pieces in place(SCMedia story:” Here are the most common ways businesses get compromised by ransomware“. Darkreading has a story:”Manufacturing Sees rising Ransomware Threat” What is considered a ‘small business’ ? The SBA considers several criteria (how many employees – less than 500) […]
Read more >NSA has a cybersecurity advisory It says that Pulse SecureTM, Palo Alto GlobalProtectTM, and Fortinet FortigateTM VPN(Virtual Private Network) products have vulnerabilities 3 of them VPN CVEs being currently exploited include but may not be limited to: CVE-2019-11510 and CVE-2019-1153 which allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure […]
Read more >