I posted article on Ciscopress.com about responding to Cyber threats. Here is a summary introduction of the article and the first part from it. The entire article can be read at Ciscopress.com/articles HERE.
Are you ready to take on the latest cyber threats? Research shows that many organizations are not, because they’re unprepared for what happens when common defenses fail to prevent a breach. Joseph Muniz, co-author ofSecurity Operations Center: Building, Operating, and Maintaining Your SOC, explains how to build a security strategy around the assumption that your defenses WILL fail. By implementing this approach, your organization can shorten the time of exposure when you’re compromised, limiting losses from a breach. Without this type of visibility, you probably won’t know that you’re compromised until the damage is already done.
The Center for Internet Security (CIS) released a new version of their critical security controls white paper. You can download it for free HERE. Topics include best practices for network access control, having a inventory of authorized and unauthorized software, system configuration, vulnerability assessments, administrating role based access controls, email and web best practices, breach detection and so on. This is a really good document to evaluate your current state of security as well as learn some methods to improve your security posture. Continue reading →
A common saying is ” Amateurs Hack Systems, Professionals Hack People”. Social engineering is the art of manipulating people into performing actions or divulging confidential information. People fall for social engineering tricks based on their instinct to be helpful and trusting. The typical attacker never comes face-to-face with a victim using deception through email, social networks or over the phone. Continue reading →