BlogDelicious content for your skill-up pleasure.
The Department of Homeland Security (DHS) defines cybersecurity insurance  as guaranteed coverage for a variety of cyber incidents. This topic can go pretty deep but this post will briefly cover cybersecurity insurance basics. The types of cyber incidents this...
Eighty percent of the intrusions of your networks today can be handled by patches, anti-virus and user actions. We spend 90 percent of our time on the 80 percent of the issues that could be handled by good hygiene.
Quote by Brigadier General Paul Nakasone, Deputy Commander, U.S. Army Cyber Command
It's always good to keep your door open to constructive criticism when creating documents or anything else for that matter. Sometimes you get amazing feedback and sometimes you just get noise. I'm sure you've experienced both ends of the feedback spectrum. In the...
Security breaches usually entail more recovery efforts than acts of God. Unlike proverbial lightning, breaches of security can be counted on to strike twice unless the route of compromise has been shut off.
Quote by FedCIRC
Early this week I got a chance to use one of my Christmas presents, a $50 gift card to Outback Steakhouse. I shared dinner with someone special and the night went pretty smoothly. We got the bill for $46.39 and I handed our waiter the gift card. He returned the...
If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders.
Quote by Dan Farmer, System Administrators Guide to Cracking
“Do I want to know why you’re so informed about spyware?” she asked. Nikolaos gave her a charming, dazzling smile. “No, my dear. You do not.”
Quote by Molly Ringle, Persephone’s Orchard
PCI is the Payment Card Industry. The most common standard they provide is the PCI Data Security Standard (PCI DSS). The information this standard protects is considered PCI data. The basic premise is that all cardholder data and sensitive authentication data must be...
We didn’t install the [Code Red] patch on those DMZ systems because they were only used for development and testing [Shortly after spending 48 hours straight removing Code Red worm from internal corporate servers in 2001].
Quote by Anonymous client, Secure Coding Principles and Practices by Mark G. Graff & Kenneth R. van Wyk
HIPAA is the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA data is the information that would be covered under this act. Under this act is Protected Health Information (PHI) and ePHI which is only allowed to be viewed...
The methods that will most effectively minimize the ability of intruders to compromise information security are comprehensive user training and education. Enacting policies and procedures simply won’t suffice. Even with oversight the policies and procedures may not be effective: my access to Motorola, Nokia, ATT, Sun depended upon the willingness of people to bypass policies and procedures that were in place for years before I compromised them successfully.
Quote by Kevin Mitnick
Next in line for the Exploring Series is exploring regulated information. That is information that is governed by law and punishable by fines or other sanctions if there are data breaches or compliance issues. This is a measure to get organizations to protect data...
Helping you study and earn IT and security certifications. Stick around for what comes next, the job!
You're your own best tech. Learn the basics of IT troubleshooting here.
Helping you raise your income when you're underpaid and underappreciated so you have more money to reinvest in yourself.