Learning from Equifax Breach

I wish I could say that this post would be something new – like buy “xyz” product and perform handstands or something and all your problems are solved. Unfortunately The Equifax breach likely happened due to unpatched systems. As even Equifax itself admitted¹:   So as we discuss this problem many times, how can a … Read more

Keep Up on Security News

It is good to keep up on the latest security news so that you can review what vulnerabilities are being created with new bugs. Keeping up on the latest vulnerabilities allows you to keep the Risk analysis up to date (Risk = likelihood * impact). Because as new events happen, your risk profile changes. We … Read more

Cybersecurity!! Or Else!

Mr. Business owner/manager if you do not take Cybersecurity seriously then it will bite you but how exactly?   Spend money on cybersecurity or you will eventually get attacked… I know that is hard to understand fully As discussed before The Psychology of Security (Oversitesentry post from 8/22/14) Believe it or not on a regular basis … Read more

More Security or More Business? is it Us vs Them?

When we say We need to be more secure in cyberland, does that mean small business needs to change what they do to be more secure? ISACA says we need governance: Governance and management for Enterprise business should use the COBIT 5 principles Principle 1: Meet stakeholder needs Principle 2: Covering the enterprise from end-to-end … Read more

Who is Responsible For Cybersecurity?

I am talking about the reality that someone must be responsible so we can hold their feet to the fire. We don’t want to get to the point of too many directions of responsibility, as then when a breach does happen it is dangerous to see what will happen from there? So the CISA (Certified … Read more