Prevention Blog Series

Partner With Your Security Provider: A Fourth Step in Security

Loren Paquette

May 12, 2016 - Posted by Loren Paquette to Security Insight

Ounce of Prevention

I remember back in the day sitting in a classroom. The teacher would tell us to pick a partner and so we did. We picked our friend, or the person next to us, or the classroom dreamboat. It was simple then, because it wasn’t a terribly difficult task to complete.

As we got older, and hopefully wiser, we were asked to pick a partner to complete a task. This time, with more education behind us, we wanted a teammate that could help us complete the task the best. In other words, we wanted to win.

Security Partners want to help you win when securing your environment.

Through a process (whatever it may have been for your organization), you picked your security partner. There are some things you will need to take on together in order to get the best end result. Your partner needs to have the same information you have about your network. This allows a proper customized experience for your specific company and needs. A one-size-fits-all solution doesn’t work as... read more >

The Challenges with Physical Security - Hard Candy Shell, Soft on the Inside


Michael Born

May 11, 2016 - Posted by Michael Born to Security Insight

Physical Security - Hard Candy Shell, Soft on the Inside

I recently had the pleasure of performing a combined Social Engineering and Physical Security Assessment over the course of a national holiday. While my story may not come close to what Solutionary Security Consultants' Tim Roberts or Brent White have enlightened you with, I must say this assessment certainly opens one’s eyes to the challenges that an organization, similar in size to the assessed business, faces when growing rapidly and trying to fit in an Information Security program.

Top Takeaways

While there are many lessons learned, two top takeaways stand out:

  1. Having the proper corporate structure is one of the most important components in standing up a successful information security program.
  2. Perceived security is just that – perceived. As my co-worker Andrew Weed put it: “This is like an M&M – a hard candy shell, soft on the inside.” To some extent he is correct. The amount...
read more >

Military to Civilian: Easing the Transition

Joining Forces

Aaron Perkins

May 05, 2016 - Posted by Aaron Perkins to Security Insight

Easing the Transition

I was especially excited to learn about how Solutionary is participating in the events marking the 5th Anniversary of Joining Forces. A nationwide initiative launched by First Lady Michelle Obama and Dr. Jill Biden, Joining Forces works with the public and private sectors to ensure that service members, veterans, and their families have the tools they need to succeed.

After nearly eight-and-a-half years on active duty, three combat deployments, an overseas tour, and countless training rotations, I know firsthand the challenges that come with transitioning from military life to the civilian sector.

As my military career drew to a close, I was excited about the endless possibilities and what I could achieve as a veteran in a predominantly civilian workforce. I knew the skills that I had learned in the Army –... read more >

eSymposium: Tackling Vulnerabilities

Zach Holt

May 03, 2016 - Posted by Zach Holt to Security Insight

Tackling Vulnerability Management

As an organization’s security posture grows, a number of responsibilities may fall under the umbrella of information security, whether it is under direct control of an information security program or delegated to another supporting IT department. One such responsibility is a vulnerable management program.

Vulnerability management is an important part of a matured information security program. At a high level, the objective of vulnerability management is to find and remediate all issues as they are identified. However, as you start examining the matter in-depth, you’ll find that you:

  • Need to have a process in place to determine priorities
  • Need to have more information than what a vulnerability scanner can provide
  • Won’t always be able to fix vulnerabilities; fix what you can and mitigate the rest

As with any good story, we’ll leave that last item for a bit and focus on the top two for now. After all,... read more >

(Buzzword) Bingo!

Buzzword Bingo Can Be More Distracting Than You Think

Jeremy Nichols

May 01, 2016 - Posted by Jeremy Nichols to Security Insight

Cybersecurity Buzzwords

Have you heard the story about the cyberespionage, nation-state APT adversary that used the dark web to purchase data-driven exploit code to build a zero day to bypass the next-generation firewall of company ABC because they weren’t hunting with a cloud-based, big-data correlation platform to identify and orchestrate threat-intelligence protection against the advanced malware on their BYOD IoT and hadn’t conducted a purple team exercise recently? Oh, you have? Me too. Ten times…today.

From a sales and marketing perspective, these buzzwords are worth their weight in gold. From a security perspective, the threats are very real and the corresponding detection and prevention technologies all have their place. I’m plenty guilty myself of using several of these buzzwords, and I’m sure I’ll catch some flak for picking on a lot of the terms that my colleagues use regularly.

All of that said, there is little that can be more... read more >

The Evolution of Ransomware

Think You've Seeen It All from Ransomware?

David Biser

April 26, 2016 - Posted by David Biser to Security Insight

The Evolution of Ransomware

We’ve all seen them. Recent headlines filled with reports of massive ransomware attacks against a multitude of targets. With healthcare organizations, financial institutions, and even the government falling prey, it would appear that none are safe. Many, many blogs and security posts have been issued warning businesses against this attack vector, seemingly to no avail!  So, you might ask: “Why should I continue reading this blog post?” The answer is simple. Ransomware is evolving!

That’s right – you haven’t seen the end of ransomware or its effects. Since so many businesses are learning to effectively recover from devastating ransomware attacks, cyber criminals are adopting new methods to continue their campaign. Recent research from Talos indicates that ransomware authors are changing their weaponry to be even more... read more >

Prevention Blog Series

Patch Your Network: A Third Step in Security

Loren Paquette

April 21, 2016 - Posted by Loren Paquette to Security Insight

Ounce of Prevention

This blog is a continuation of the Prevention blog series. The first blog, "Four Tips to Secure Your Network," discussed prevention and four tips to use to immediately help secure your network. The second blog, "Scan Your Network: A First Step in Security," was the first of four steps to assist with security, and discussed ways to scan your network. The third blog, "Secure Your Network: A Second Step in Security," covered the second step with ways to secure your network. This fourth blog will discuss the third step and how to patch your network. Links to the other blogs will be provided as they are... read more >

<< Newer Entries | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)