Top Ten Recommended Steps for an Incident Response
There may be an occasion when a governmental authority, or your own ISP, will contact your organization and state that one of your organization owned IPs is talking to known bad IPs.
Your first instinct is probably to stop the communication. Your second instinct may be to poke around the system(s) to figure out why there was communication to the bad IPs.
Although these are understandable steps, the poking actions could be altering artifacts that are critical to finding which and why these programs, services and processes are doing the communicating.
If your company does not have an incident response plan with a team or expertise to execute a plan, I highly recommend having at least one manager and one technical employee trained to properly gather, preserve, track and store forensic evidence.
These employees should be the very first contacted in the case of a possible ... read more >
Five Recommended Steps for Protecting your Data
When you are at home, how do you protect yourself from intruders?
You likely lock your doors. You probably arm your home alarm system. You may exercise your Second Amendment right and have a firearm handy.
How do you protect the sensitive information within your company from intruders?
You probably use anti-virus and anti-malware solutions. You may have a spam filter in place to block unwanted emails. And, more than likely, you have an Intrusion Prevention System (IPS) or Intrusion Detection System (IDS).
But how secure is your firewall?
In effect, your firewall is the gateway to your environment. Having poor firewall practices can be like leaving your front door open, or locking a screen door.
To minimize the threat from intruders, here are five recommendations to improve your... read more >
Stronger Passwords Are Less Vulnerable
Another day ending in “y”; another data breach.
It almost seems like this is becoming old news. Nearly every day, we are hearing about a new data breach, whether it's credit cards or passwords.
Early reports have stated that nearly five million Gmail passwords were leaked on a Russian Bitcoin site. It's reported that some were older passwords, and as few as 100,000 may still be valid, though that is little comfort if you are one of those 100,000.
The Challenges for Developing a Holistic Infosec Program
Over the years I have worked in various organizations and industries. The one thing that has stayed consistent is how employees and executives view information security (infosec).
Infosec is either feared or loathed.
Organizations where it is feared may include government or heavily regulated industries. While in others, infosec is loathed and viewed as a necessary evil, as well as a drain on resources. Unfortunately, this fear and loathing has caused organizations to overlook security for too long.
Security professionals voice concerns about business operations and stand on soap boxes preaching for the need to protect information. They conduct risk assessments and propose new security controls, but in response are told things like "we are not a bank," "no one wants our data," "security controls are too expensive," "security controls stand in the way of the business" or "encryption... read more >
And You Better Not Forget It
Tell me you’ve watched “The Godfather".
If you have not watched it by now, quite frankly, I do not know what to say, other than keep that little gem to yourself. I have watched "The Godfather” and have spent many rainy and snowy Detroit weekends watching the entire saga back-to-back. There is a great deal of wisdom in this iconic piece of Americana, if you have an ear and a mind for it. A lot of it discreetly revolves around intelligence.
When you think about it, you can see there is a distinct security posture in each of the five families and intelligence collection is critical in order to make strategic, operational and tactical decisions. Above all, you never let people know what you are thinking outside of the family.
So, I’m gonna make you an offer you can’t refuse, because you need to understand this.
The words “intelligence”,... read more >
Leaked Celebrity Photos are an Invasion of Privacy, Making the Internet Less Safe
So, most people do not want to get malware on their computers, right?
Most users do not want to visit hostile sites and get compromised, get their information stolen and act as a leak into their organization’s infrastructure.
You would think so.
But since last Sunday, August 31, consider the impact that just a couple little searches are going to have on the security of the Internet.
Go Google “Jennifer Lawrence nude” and “Kate Upton nude."
Well, actually, DON'T DO THAT!
No, just don’t. Here are three good reasons those searches are not a good idea:
- The nude pictures were stolen. As far as we know, they...
The Five Biggest Documentation Pitfalls to Avoid
Do you worry about the process of going through a PCI assessment?
If you have gone through a PCI assessment, you know that “fun” is not an adjective that adequately describes it. There are several components of a PCI assessment. One of those components is a review of the security program documentation. The success of this part of the assessment is depends on the quality of the documentation, almost as much as it does the quality of the Qualified Security Assessor (QSA).
Documentation requirements in the PCI DSS are plentiful, and you may think you have everything settled in your existing documentation. Are you surprised each assessment cycle when your QSA comes back with a lengthy list of not in place items? The documentation requirements have not changed in the PCI DSS since version 2.0 was... read more >