Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
I’m delighted to share that I will be speaking for the first time at SecTor this year. The talk will be in Theatre 1 at 1:15pm on October 5th. In the session Neither Pointless Nor Boring: Pop It And Lock It Down With CIS Controls, I will be discussing the latest version of CIS Controls. […]
Continue ReadingThe Center for Internet Security (CIS) controls are a relatively short list of high-priority, highly effective defensive actions that provide a “must-do, do-first” starting point for every enterprise seeking to improve its cyber defense. Initially developed by the SANS Institute and known as the SANS Critical Controls, these best practices are indispensable to organizations both […]
Continue ReadingPenetration testing is something that more companies and organizations should be considering a necessary expense. I say this because over the years the cost of data breaches and other forms of malicious intrusions and disruptions are getting costlier. Per IBM Security’s “Cost of a Data Breach Report 2021,” the average cost of a breach has […]
Continue ReadingWe all know that it is a question of when you will be compromised and not if you will be compromised. It is unavoidable. The goal of CIS Control 17 is to ensure that you are set up for success when that inevitable breach occurs. If an organization is neither equipped nor prepared for that […]
Continue ReadingEnterprises today rely on partners and vendors to help manage their data. Some companies depend on third-party infrastructure for day-to-day operations, so understanding the regulations and protection standards that a service provider is promising to uphold is very important. Key Takeaways from Control 15 Identify your business needs and create a set of standards that […]
Continue ReadingPart of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known vulnerabilities using catalogs of offensive […]
Continue ReadingEarlier this year, I wrote about what’s new in Version 8 of the Center for Internet Security’s Critical Security Controls (CIS Controls). An international consortium of security professionals first created the CIS Controls back in 2008. Since then, the security community has continued to update the CIS Controls to keep pace with the evolution of […]
Continue ReadingIn this episode, Curtis Dukes, executive vice president and general manager of the Center for Internet Security (CIS), explains the need for their Community Defense Model. He also details their process for designing their models as a non-profit organization. Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcastRSS: https://tripwire.libsyn.com/rssYouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3 Every cybersecurity practitioner knows that there are some guidelines that are […]
Continue ReadingNetworks form a critical core for our modern-day society and businesses. People, processes, and technologies should be in place for monitoring, detecting, logging, and preventing malicious activities that occur when an enterprise experiences an attack within or against their networks. Key Takeaways for Control 13 Enterprises should understand that their systems and networks are never […]
Continue ReadingNetworks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points. Unfortunately, many devices are shipped from manufacturers with “default” […]
Continue Reading