Blog

Delicious content for your skill-up pleasure.
Cybersecurity Insurance Basics

Cybersecurity Insurance Basics

The Department of Homeland Security (DHS) defines cybersecurity insurance [1] as guaranteed coverage for a variety of cyber incidents. This topic can go pretty deep but this post will briefly cover cybersecurity insurance basics. The types of cyber incidents this...

read more

Eighty percent of the intrusions of your networks today can be handled by patches, anti-virus and user actions. We spend 90 percent of our time on the 80 percent of the issues that could be handled by good hygiene.

Read more

Brigadier General Paul Nakasone on Intrusions

Quote by Brigadier General Paul Nakasone, Deputy Commander, U.S. Army Cyber Command

read more
Your Trolling Definition is Wrong

Your Trolling Definition is Wrong

It's always good to keep your door open to constructive criticism when creating documents or anything else for that matter. Sometimes you get amazing feedback and sometimes you just get noise. I'm sure you've experienced both ends of the feedback spectrum. In the...

read more

Security breaches usually entail more recovery efforts than acts of God. Unlike proverbial lightning, breaches of security can be counted on to strike twice unless the route of compromise has been shut off.

Read more

FedCIRC on Security Breaches

Quote by FedCIRC

read more
Exploring Regulated Information: PCI Data

Exploring Regulated Information: PCI Data

PCI is the Payment Card Industry. The most common standard they provide is the PCI Data Security Standard (PCI DSS). The information this standard protects is considered PCI data. The basic premise is that all cardholder data and sensitive authentication data must be...

read more
Exploring Regulated Information: HIPAA Data

Exploring Regulated Information: HIPAA Data

HIPAA is the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA data is the information that would be covered under this act. Under this act is Protected Health Information (PHI) and ePHI which is only allowed to be viewed...

read more

The methods that will most effectively minimize the ability of intruders to compromise information security are comprehensive user training and education. Enacting policies and procedures simply won’t suffice. Even with oversight the policies and procedures may not be effective: my access to Motorola, Nokia, ATT, Sun depended upon the willingness of people to bypass policies and procedures that were in place for years before I compromised them successfully.

Read more

Kevin Mitnick on Importance of User Training and Education

Quote by Kevin Mitnick

read more
Exploring Regulated Information: CJIS Data

Exploring Regulated Information: CJIS Data

Next in line for the Exploring Series is exploring regulated information. That is information that is governed by law and punishable by fines or other sanctions if there are data breaches or compliance issues. This is a measure to get organizations to protect data...

read more

Merged Projects

Helping you study and earn IT and security certifications. Stick around for what comes next, the job!

You're your own best tech. Learn the basics of IT troubleshooting here.

Helping you raise your income when you're underpaid and underappreciated so you have more money to reinvest in yourself.

Pin It on Pinterest