More Sophisticated Attacks = We Must UP CyberSecurity

This is the problem in all of these stories – somehow the client computer was infected. (how can we stop it in the best manner possible)?   There are plenty of stories streaming of the sophisticated nature of the Cyber criminals: http://www.csoonline.com/article/2892442/malware-cybercrime/the-cybercrime-economy-personified.html “The ready availability of free cybercrime applications invites participation in the cybercrime economy … Read more

Is Your Cyber Risk Manageable?

Have you done everything you could to manage the level of risk that you need to have? On Feb 4th I said  Risk Management failed us: http://oversitesentry.com/risk-management-does-not-work/ So how can I  help you understand the new level of cyber risk today? In the past it was good enough to run a firewall (which keeps out most … Read more

Block All Traffic From China improves your Defense

What if you could block all China originating traffic? As you see there was a Forbes Internet attack survey done for Q2 2014. China  was the top source of attack traffic (43% of global Internet attack traffic).  Image reference Link: http://www.statista.com/chart/2801/china-is-the-worlds-top-source-of-internet-attack-traffic/ . What if you could just block all this traffic? How could you do it? It … Read more

Federal Laws May Affect Cybersecurity Legal

Security Magazine has the story: http://www.securitymagazine.com/articles/86057-understanding-the-new-federal-cyber-laws The CEA(Cybersecurity Enhancement Act 2014) is the most significant of the December bills both in breadth and likely in significance. Where NIST(National Institute of Standards and Technology) has setup a Cybersecurity framework which is very flexible for companies to follow.  NIST Feb 12,2014 Cybersecurity Framework document. The interesting paragraph … Read more

Vulnerabilities Can Be Exploited

(Sunday reflections and current news) Specifically the Seagate NAS  Business Storage Line Today’s Internet Storm Center has the story. This is the method the attackers can use to hack the devices(From ISC): “It appears to be trivial to exploit the devices and a metasploit module and an exploit are publicly available.” PII(Personally Identified Information) was bought … Read more