Have you heard of the CIS Controls? Even though they’re not part of any specified GRC (Governance, Risk Management, Compliance) mandate, they could actually be used as the foundation for them all.
Before you chew through Compliance, consider trying the CIS Controls
Understanding the Essential Elements of a SecureOps Strategy
The traditional approach to security is desperately flawed. NNT’s SecureOps strategy is a progressive way to deal with solving the problem of cybersecurity by combining the essential prescribed security controls recommended by frameworks such as NIST and the Center for Internet Security (CIS) with advanced threat prevention and detection, closed-loop intelligent change control and continuous compliance monitoring technology.
Accomplish More with Less with the Basic CIS Controls
Data breaches are a common occurrence in the world we live in today. Whether its personal data that relates to an organizations’ customers or data referencing the inner workings of an organization’s infrastructure, when it falls into the wrong hands, the consequences are disastrous.
Financial Institutions Facing Increased Threats Post COVID-19 Lockdown
The finance industry has long been the ideal target for dangerous cyber criminals, holding a treasure trove of sensitive information and financial credentials of innocent victims, but in the wake of the post COVID-19 lockdown period, researchers have found that these institutions are seeing a marked spike in cyberattacks.
5 Steps to Effective Patch Management
Patch management is the process of analyzing the systems within your network for missing updates. This process shines a spotlight on the vulnerable systems within your network, allowing you to apply the necessary patches to those systems. This ensures that any vulnerabilities or bugs present in the software gets fixed.
How to Move from Compliance to Risk-Based Security
As technology continues to evolve, so does the potential for cybersecurity risks, and just as the technology industry is showing no signs of slowing down development, neither are cybercriminals.
How to Detect Open Ports, Protocols and Services
IT Services rely on an individual port assigned to them in order to receive and transmit information, therefore, it’s imperative that an organization keeps track of what ports are open within their IT environment, the function of the port and what services it’s associated with.
The Problem with Cyber Security is That No One Wants to Play Defense
When I’m not fighting the good fight against the dangerous world of cyber crime, you’ll often find me out on the field coaching youth soccer. In my experience as a coach, if you ask any group of kids new to the game of soccer “who wants to be a striker?” pretty much every hand will go up.
Cybersecurity Controls and Lessons from the COVID-19 Pandemic
Blogs are meant to be topical so there can only be one starting point for this one. We only deal in the business of compliance and cyber security so I can only really write about anything from this perspective.
Organization's Face Increased Attack Surface, Vulnerabilities in Response to COVID-19
Organizations across the world are on the front lines of the ongoing COVID-19 crisis, being forced to thwart off cyber criminals as the coronavirus pandemic continues to spread.