According to one round up of cybercrime stats for 2020, phishing and cloud-based attacks are up over 600 percent. To leverage these (and other) attacks, hackers scan for any and all vulnerabilities to exploit. So, if you’re wondering how to prevent cyber attacks on businesses, a robust vulnerability management program should be one of the first places you start.
Blog
-
NIST 800-171 Security Baseline
For companies looking to contract with the United States Department of Defense (DoD), it’s imperative to make sure your cyberdefenses are up to par. A big part of that is implementing the controls from Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (SP 800-171), published by the National Institute of Standards and Technology (NIST). And understanding the NIST 800 171 controls is the first step toward compliance.
-
What is the NIST SP 800-171 Revision 2?
The protection of controlled unclassified information (CUI) in non-federal systems and organizations is as important as the security of the federal government data and information. This is because a threat to CUI in non-federal systems could disrupt the proper running of federal government business. The NIST SP 800 171 Revision 1, also called the NIST SP 800-171 Rev. 1 was created to tackle this issue. To further strengthen the confidentiality of the data in CUI, the NIST SP 800-171 Revision 2, a revision of the NIST 800-171 Rev. 1, was published in February 2020.
-
What is a Data Privacy Impact Assessment
Reaching a level of “privacy by design and default” does not have to be an uphill battle for your organization. By implementing the tools and outlined by the GDPR, ascending to higher levels of data protection becomes achievable.
-
Basics of the CIS Hardening Guidelines
Physical protection brings to mind video cameras, combination locks, and motion detectors, all designed to prevent intruders from breaching a facility. Likewise, IT and cybersecurity professionals rely on system hardening to reduce the number of “unlocked” doors that malicious actors can exploit. The Center for Internet Security (CIS) seeks to make the hardening process understandable and encourage its use throughout multiple industries.
-
What are the 19 HITRUST Domains?
Learning about the 19 HITRUST domains is essential to mastering data protection. It may sound technical and complex, but we will walk you through the HITRUST Common Security Framework (CSF).
-
Overview of CIS Security Controls Version 7
The Critical Security Controls for Effective Cyber Defense is a brainchild of the Center for Internet Security (CIS). More popularly known as the Critical Security Controls Version 7, 20 guidelines are based on the latest database of experts about cyberattacks.
-
Are Your Internet Security Standards CIS CSC Compliant?
News reports have never run out of distressing stories about Internet security standards. Credit card breaches, identity theft, privacy threats, denial of service, intellectual property theft, and data losses are just a few of the notorious cybercrimes committed online. (more…)
-
Conducting a Quantitative Risk Analysis Assessment
Risks are part of everyday life, particularly in industries and businesses. But with the right analytics and mindset, risks can be managed, minimized, and mitigated. One such effective solution is the use of Factor Analysis of Information Risk or FAIR, a highly specialized form of quantitative risk analysis and quantitative risk assessment. (more…)
-
Pros and Cons of Factor Analysis of Information Risk
Risks are inevitable. But it doesn’t have to cause damage to company operations all the time. If these situations can be analyzed, they can be managed. This is the reasoning behind FAIR or Factor Analysis of Information Risk. But is it for your organization? Let’s weigh it with these FAIR pros and cons.