Normally I talk about how to setup your work network to be more secure. Today, I want to talk about your personal security. Not physical security, but virtual security. Most people do not want to tinker with their home network. I don’t blame you, neither do I. I just want my home network to work… mostly because if it breaks, then all the kids will come running wondering why the sky is falling.
But for personal technology, there are some practical steps that will help make you more secure.
While I’m sure we can learn something, I think we can all agree defense is boring. The same is true for security. Your defensive security, that blocked someone from potentially getting into your network, is a lot less impressive than saying you hacked NASA.
But to win the Super Bowl the Patriots defense needed to be one step ahead. Yes, Tom Brady is who everyone talks about, but if the defense hadn’t done their job, they would not have won the game.
So, I’m going to spend the rest of this time talking defense. The unsung heroes.
While I am not a big fan of the “Top 10” things that we expect to see next year, I do think looking forward with a security focus is a good endeavor. While this time of year is always full of next year’s predictions, you really should be looking at the next six months every month. That way things won’t surprise you. But without further ado, here are my predictions for next year.
It was 2:30am one weekday night when my smoke alarms started going off at home. They are all connected together, so the whole house was a nice alarm bell. It was a weird fall night when it was warm outside and very foggy. We have had a lot of work done in the house, and I assumed it was a malfunction because of the dust that had been kicked up and the humidity outside. I disconnected the alarm that started this noise and got the family back into bed.
Are you aware that October is National Cybersecurity Awareness month? With the day to day security headlines year-round you may be thinking to yourself “I am sick of hearing about security”. As we come to the end of the month, bear with me for just a second as I let you in on a little security gem. While there are many different security solutions that exist, some cheap and many expensive, yet arguably one of the most important ones is free. It is a phrase coined by the National Cybersecurity Alliance, “When in Doubt, Throw It Out”. When at home or work, if you receive a piece of physical junk mail that that claims you have one a free trip to the Moon, what do you do? Most likely, you throw it out in the trash as you know it is not true.
Having a month dedicated to cybersecurity is a little bit of a misnomer. It indicates that there are some months where you don’t think about cybersecurity. Granted I think about security daily, as that is my job, but I hope most of you are also aware of it and think about it more than one month out of the year. However; since we do have a month dedicated to it, I thought this would be a good time to discuss some basic statistics provided in Verizon’s 2018 Data Breach Investigations Report. As the report says, “data breaches aren’t just a problem for security professionals”.
Second Annual List Honors Leading MSSPs & Cybersecurity Companies That Safegaurd Customers’ Digital Assets
MSSP Alert, published by After Nines Inc., has named Thrive 60th on the Top 100 MSSPs list for 2018. The list and research identify and honor the top 100 managed security services providers (MSSPs) that specialize in comprehensive, outsourced cybersecurity services.
The Top 100 MSSP rankings are based on MSSP Alert’s 2018 readership survey combined with aggregated third-party research. MSSPs featured throughout the list and research proactively monitor, manage and mitigate cyber threats for businesses, government agencies, educational institutions and nonprofit organizations of all sizes.
Over the course of this three-part series, we have explored security measures to help keep your organization better protected from cyber criminals. In part one, we examined the importance of patching, and in part two,we explored advanced email security. In this final part of the series we will cover security awareness training that should be implemented in every business.
I still talk with people in the security industry that confuse a vulnerability scan with a penetration test. These are very different yet complimentary tools.
A vulnerability scan can be run against your external IP range, as well as your internal IP range. If you run it against your external IP range you will see what the hackers see when they look at your network from the outside. If there are any known vulnerabilities, the scanner should pick it up and report it to you. This would be the first step in getting your network more secure.
IT executives and leaders are charged with building scalable, reliable, and secure environments. As more sensitive, regulated, and business-vital documents and transactions are digitized, even traditional businesses must embrace cybersecurity as a way of life. With this comes a mandate to develop and deploy a security program, which necessarily must include a component for continuous improvement. Security threats are constantly evolving, and threat or security fatigue can increase the pressure on security teams to keep up. Adding structure to the continuous improvement process can help relieve some of that pressure to “stay on top of everything” all the time.