Archive for the ‘Cybersecurity’ Category

Beyond the Digital: Physical Protection in NIST 800-171

Tuesday, August 15th, 2023

Introduction In the realm of cybersecurity, there’s a common misconception that threats solely exist in the digital world. Yet, the physical realm is just as vulnerable. Servers, workstations, data storage devices, and even the personnel who operate them require protection from tangible threats. NIST’s (National Institute of Standards and Technology) Special Publication 800-171 acknowledges this […]

Human-Centric Security: Navigating the Personnel Security Domain in NIST 800-171

Tuesday, August 15th, 2023

Introduction Amidst the intricate web of cybersecurity systems and protocols, there’s an often-underestimated component: the human element. Personnel, be it employees, contractors, or partners, are simultaneously an organization’s most significant asset and vulnerability. Addressing this duality, NIST (National Institute of Standards and Technology) Special Publication 800-171 encompasses the Personnel Security domain, guiding organizations in safeguarding […]

Guarding the Gateways: Media Protection in NIST 800-171

Tuesday, August 15th, 2023

Introduction In our digital age, data is as valuable as gold. But unlike gold, which is often securely locked away, data travels. It moves from device to device, across networks, and is stored in various forms of media – hard drives, USBs, CDs, and more. This fluid nature of data makes its protection paramount, and […]

Maintenance in Cybersecurity: The Overlooked Guardian in NIST 800-171

Tuesday, August 15th, 2023

Introduction Amidst the chatter of advanced persistent threats, sophisticated malware, and state-sponsored cyberattacks, maintenance often takes a back seat. Yet, like a well-oiled machine, any digital system needs regular upkeep to ensure smooth, secure operation. NIST’s (National Institute of Standards and Technology) Special Publication 800-171 recognizes this with its Maintenance family, emphasizing the pivotal role […]

Responding with Precision: The Incident Response Family in NIST 800-171

Tuesday, August 15th, 2023

Introduction The digital realm is rife with risks. From cyber-espionage to data breaches, organizations today face an array of threats that can compromise their security and integrity. But being secure doesn’t just mean prevention; it also involves preparedness and response. Enter the Incident Response family of NIST’s (National Institute of Standards and Technology) Special Publication […]

Shining a Light on Security: Navigating NIST 800-171’s Audit and Accountability Family

Tuesday, August 15th, 2023

Introduction As cybersecurity threats intensify and diversify, it’s imperative for organizations to not just implement defensive strategies but also ensure their effectiveness. This need for assurance is where NIST’s (National Institute of Standards and Technology) Special Publication 800-171 becomes instrumental. Designed to protect Controlled Unclassified Information (CUI) in non-federal systems, one of its standout components […]

Appian Security: A Comprehensive Guide to Peace of Mind

Tuesday, August 15th, 2023

Security has always been a cornerstone of business operations, and in our digitally connected world, it’s more critical than ever. One platform that has been on the forefront of integrating robust security measures is Appian. Here’s a detailed look at Appian’s security, which offers a compelling blend of flexibility, agility, and assurance. Appian is a […]

Cybersecurity Vulnerability Assesments – A Key Element in Bolstering Defenses

Tuesday, August 15th, 2023

In the rapidly evolving digital landscape of the 21st century, cybersecurity has become a crucial concern for organizations across the globe. Data breaches and cyberattacks can result in substantial financial loss, compromise sensitive information, and tarnish reputations. To guard against these threats, cybersecurity vulnerability assessments are invaluable. They provide an organization with a comprehensive understanding […]

Cybersecurity Tabletop Exercises

Tuesday, August 15th, 2023

The Role-Playing Game Your Business Needs Cybersecurity Tabletop Exercises strengthen your business. In today’s rapidly evolving digital landscape, threats to cyber environments loom larger than ever before. Cyber-attacks are not just problems for tech giants; every business, big or small, is a potential target. But how do you prepare for threats that can mutate faster […]

NIST 800-172: Enhancing Security to Counter Advanced Cyber Threats

Tuesday, August 15th, 2023

Introduction In the rapidly evolving realm of cybersecurity, staying a step ahead of potential threats is paramount. The National Institute of Standards and Technology (NIST) plays a pivotal role in shaping cybersecurity guidelines to ensure data protection. Building on its established framework, NIST Special Publication 800-171, the institute introduced NIST 800-172, designed to enhance defense […]

Navigating the 110 NIST 800-171 Controls: Ensuring the Security of Controlled Unclassified Information

Tuesday, August 15th, 2023

Introduction The increasing importance of data security has ushered in various cybersecurity frameworks. Among the most prominent is the NIST Special Publication 800-171, which focuses on the protection of Controlled Unclassified Information (CUI) in non-federal systems. Boasting 110 controls spread across 14 families, this guideline offers a comprehensive approach to safeguarding sensitive data. A Deep […]

Managed Cybersecurity Provider

Tuesday, August 15th, 2023

Managed Cybersecurity Providers keep you secure. In today’s interconnected world, where data forms the backbone of many businesses, cybersecurity is no longer a luxury but a necessity. As cyber threats grow in number and sophistication, many organizations are turning to managed cybersecurity providers to safeguard their digital assets. But what is a managed cybersecurity provider, […]

NIST 3.13.12: The Keystone of Use Session Protection

Tuesday, August 15th, 2023

Introduction Cybersecurity, in our digitized era, is akin to a game of chess. As the opponent evolves, so too must the defenses. Among the various guidelines and controls stipulated by the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171, Control 3.13.12 stands out for its emphasis on session protection. This often-overlooked aspect […]

Updates, Failed Patches, & More Updates

Thursday, June 2nd, 2022

Just a few weeks ago, we asked how many more patch Tuesdays we had left before pieces of the cookie began to crumble a bit. Microsoft answered the question by issuing an out-of-band update when one of their patches recently failed, and left users unable to authenticate. For this specific situation, you must manually download […]

Learn More about XDR

Tuesday, May 24th, 2022

Being Human is hard, because no one gave us a handbook. How to process emotions, how to tap-in to Potential, how to have a BulletproofPC?  We don’t really understand ourselves as a species, and certainly don’t understand how our perspective frames our viewpoint…and how our viewpoint presents our experience. Take this idea, and apply it […]

Cybersecurity Tips: Big Mistakes Made By Small to Medium Size Business Owners

Friday, May 6th, 2022

The past two years have handed small and medium-sized businesses a whole host of problems, such as supply chain issues, recruiting woes, and staff retention difficulties. Unfortunately, while dealing with these urgent challenges, the vast majority of those companies have been failing to prepare for a threat that’s been grabbing headlines with increasing frequency at […]

Stringent Cyber Insurance Rules 

Sunday, May 1st, 2022

Businesses of every size and in every sector are at risk from growing cyber threats—those are just the facts. With awareness of the danger growing, more and more companies are looking at ways to protect themselves when they’re hit with a malware attack or data breach (and I do mean when, not if), which is […]

Russian Cyberwar: How Prepared is YOUR Business?

Thursday, February 24th, 2022

The growing crisis between Ukraine and Russia may seem a world away for most US businesses, but government agencies caution that cyber threats may be closer than you think. On Tuesday, February 22, just moments after President Biden announced new sanctions on Russian banks and elites in response to Putin’s decision to send troops to […]

Cryptocurrency Security

Thursday, February 10th, 2022

Cryptocurrency’s growth in popularity is now (finally!) being matched by its growth in accessibility. Until recently, those looking to buy, sell, or trade cryptocurrency would have to go through the tedious process of getting set up on a cryptocurrency exchange; a process so unexpectedly cumbersome that it deterred many would-be investors. Today, however, familiar money […]

Beware of the Backdoor Pathway

Tuesday, January 25th, 2022

As if there isn’t enough news of crisis in the Cyberworld, such as nation-state threats and career criminals using malware automations, now your problem could be safely incubating inside your own fence. Specifically, a WordPress backdoor that leads to the front door of your business where all the keys hang.  Introducing CVE-2021-24867. The trouble centers […]