eSymposium: Privacy and Security

Zach Holt

May 19, 2016 - Posted by Zach Holt to

Privacy and Security

These days, it’s difficult to discuss security without mentioning privacy. As the amount of data being collected on everything from social media to advertising to medical records shows no signs of stopping, commercial entities and malicious actors alike increasingly look to these information gold mines as sources of data ripe for the taking. The use of this information can be leveraged in a number of ways, from simple customer demographics to highly targeted advertising campaigns, or even something more malicious. After all, wouldn’t a mailing list of recently hacked retailers make for some potentially vulnerable users?

After pondering on that thought for a moment, it may come as no surprise that the average user is becoming increasingly concerned about their privacy. A recent study by the... read more >

Prevention Blog Series

Partner With Your Security Provider: A Fourth Step in Security

Loren Paquette

May 12, 2016 - Posted by Loren Paquette to Security Insight

Ounce of Prevention

I remember back in the day sitting in a classroom. The teacher would tell us to pick a partner and so we did. We picked our friend, or the person next to us, or the classroom dreamboat. It was simple then, because it wasn’t a terribly difficult task to complete.

As we got older, and hopefully wiser, we were asked to pick a partner to complete a task. This time, with more education behind us, we wanted a teammate that could help us complete the task the best. In other words, we wanted to win.

Security Partners want to help you win when securing your environment.

Through a process (whatever it may have been for your organization), you picked your security partner. There are some things you will need to take on together in order to get the best end result. Your partner needs to have the same information you have about your network. This allows a proper customized experience for your specific company and needs. A one-size-fits-all solution doesn’t work as... read more >

The Challenges with Physical Security - Hard Candy Shell, Soft on the Inside

#WarStoryWednesday

Michael Born

May 11, 2016 - Posted by Michael Born to Security Insight

Physical Security - Hard Candy Shell, Soft on the Inside

I recently had the pleasure of performing a combined Social Engineering and Physical Security Assessment over the course of a national holiday. While my story may not come close to what Solutionary Security Consultants' Tim Roberts or Brent White have enlightened you with, I must say this assessment certainly opens one’s eyes to the challenges that an organization, similar in size to the assessed business, faces when growing rapidly and trying to fit in an Information Security program.

Top Takeaways

While there are many lessons learned, two top takeaways stand out:

  1. Having the proper corporate structure is one of the most important components in standing up a successful information security program.
  2. Perceived security is just that – perceived. As my co-worker Andrew Weed put it: “This is like an M&M – a hard candy shell, soft on the inside.” To some extent he is correct. The amount...
read more >

Military to Civilian: Easing the Transition

Joining Forces

Aaron Perkins

May 05, 2016 - Posted by Aaron Perkins to Security Insight

Easing the Transition

I was especially excited to learn about how Solutionary is participating in the events marking the 5th Anniversary of Joining Forces. A nationwide initiative launched by First Lady Michelle Obama and Dr. Jill Biden, Joining Forces works with the public and private sectors to ensure that service members, veterans, and their families have the tools they need to succeed.

After nearly eight-and-a-half years on active duty, three combat deployments, an overseas tour, and countless training rotations, I know firsthand the challenges that come with transitioning from military life to the civilian sector.

As my military career drew to a close, I was excited about the endless possibilities and what I could achieve as a veteran in a predominantly civilian workforce. I knew the skills that I had learned in the Army –... read more >

eSymposium: Tackling Vulnerabilities

Zach Holt

May 03, 2016 - Posted by Zach Holt to Security Insight

Tackling Vulnerability Management

As an organization’s security posture grows, a number of responsibilities may fall under the umbrella of information security, whether it is under direct control of an information security program or delegated to another supporting IT department. One such responsibility is a vulnerable management program.

Vulnerability management is an important part of a matured information security program. At a high level, the objective of vulnerability management is to find and remediate all issues as they are identified. However, as you start examining the matter in-depth, you’ll find that you:

  • Need to have a process in place to determine priorities
  • Need to have more information than what a vulnerability scanner can provide
  • Won’t always be able to fix vulnerabilities; fix what you can and mitigate the rest

As with any good story, we’ll leave that last item for a bit and focus on the top two for now. After all,... read more >

(Buzzword) Bingo!

Buzzword Bingo Can Be More Distracting Than You Think

Jeremy Nichols

May 01, 2016 - Posted by Jeremy Nichols to Security Insight

Cybersecurity Buzzwords

Have you heard the story about the cyberespionage, nation-state APT adversary that used the dark web to purchase data-driven exploit code to build a zero day to bypass the next-generation firewall of company ABC because they weren’t hunting with a cloud-based, big-data correlation platform to identify and orchestrate threat-intelligence protection against the advanced malware on their BYOD IoT and hadn’t conducted a purple team exercise recently? Oh, you have? Me too. Ten times…today.

From a sales and marketing perspective, these buzzwords are worth their weight in gold. From a security perspective, the threats are very real and the corresponding detection and prevention technologies all have their place. I’m plenty guilty myself of using several of these buzzwords, and I’m sure I’ll catch some flak for picking on a lot of the terms that my colleagues use regularly.

All of that said, there is little that can be more... read more >

The Evolution of Ransomware

Think You've Seeen It All from Ransomware?

David Biser

April 26, 2016 - Posted by David Biser to Security Insight

The Evolution of Ransomware

We’ve all seen them. Recent headlines filled with reports of massive ransomware attacks against a multitude of targets. With healthcare organizations, financial institutions, and even the government falling prey, it would appear that none are safe. Many, many blogs and security posts have been issued warning businesses against this attack vector, seemingly to no avail!  So, you might ask: “Why should I continue reading this blog post?” The answer is simple. Ransomware is evolving!

That’s right – you haven’t seen the end of ransomware or its effects. Since so many businesses are learning to effectively recover from devastating ransomware attacks, cyber criminals are adopting new methods to continue their campaign. Recent research from Talos indicates that ransomware authors are changing their weaponry to be even more... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted Best Corporate Security Blog 2014
Solutionary is a leading managed security services provider. The Solutionary Minds blog is a place to learn about and discuss IT security and compliance topics.

Get the Solutionary Minds blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS