Does the NSA have a duty to disclose zero-day exploits?

By Michelle Drolet . 26 Sep 2016

The NSA should disclose all zero-day exploits. But it doesn’t.   To say the National Security Agency (NSA) prefers to lay low and shuns the limelight is an understatement. One joke said about the secretive group, widely regarded as the most skilled state-sponsored hackers in the world, is NSA actually stands for “No Such Agency.” … Continue reading Does the NSA have a duty to disclose zero-day exploits?

Information Security Summit 2016 Raises $5,000 for MassBay Cyber Security Scholarships

By Michelle Drolet . 31 Aug 2016

WELLESLEY HILLS, MA (August 2016) – Massachusetts Bay Community College is pleased to announce it has received a generous donation of $5,000 from this year’s annual Information Security Summit to support student scholarships in the field of cyber security. The Information Security Summit, held each year on MassBay Community College’s Wellesley Hills campus, was established … Continue reading Information Security Summit 2016 Raises $5,000 for MassBay Cyber Security Scholarships

Hired guns: The rise of the virtual CISO

By Michelle Drolet . 19 Aug 2016

When is the right time to rent yourself a CISO? The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety—and a widening gap in the skills required to identify and combat them. Having someone who knows how to lead the charge in identifying and analyzing threats, creating strategic security plans and … Continue reading Hired guns: The rise of the virtual CISO

7 Secrets of Offensive Security – SnoopWall & Towerwall Lunch & Learn Session on August 16, 2016

By Michelle Drolet . 8 Aug 2016

7 Secrets of Offensive Security Please join us for a complimentary Lunch & Learn session. Tuesday, August 16 11:00 am – 1:00 pm EST Sheraton Framingham Hotel, Framingham, MA *EARN CPE CREDITS   In this session you will learn: The 7 Secrets of Oensive Security. With all the breaches happening in the news, isn’t it … Continue reading 7 Secrets of Offensive Security – SnoopWall & Towerwall Lunch & Learn Session on August 16, 2016

Cybersecurity is only as strong as your weakest link—your employees

By Michelle Drolet . 28 Jul 2016

Stay on top of account management and assess staff security skills with CIS Controls 16 and 17   You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most … Continue reading Cybersecurity is only as strong as your weakest link—your employees

LinkedIn Data Breach Still Causing Problems

By Michelle Drolet . 21 Jun 2016

Failing to take basic security precautions with website passwords puts your data at risk   Do you remember back in 2012 when LinkedIn was hacked? Around 6.5 million user passwords were posted on a Russian blog. There was a mandatory password reset for affected users, and LinkedIn released a statement advising people to enable two-step … Continue reading LinkedIn Data Breach Still Causing Problems

8 Tips to Secure Those IoT Devices

By Michelle Drolet . 20 Jun 2016

Make sure the Internet of Things isn’t a route for hackers to get into your home or workplace   As more and more Internet-connected devices find their way into our homes and businesses, it’s important to remember that they represent a security risk. The Internet of Things (IoT) is growing rapidly, and in the rush … Continue reading 8 Tips to Secure Those IoT Devices

5 InfoSec concerns for colleges and universities

By Michelle Drolet . 14 Jun 2016

Higher education institutions are a prime target for cybercriminals, and IT needs resources to prevent attacks and provide a proper level of security   No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only … Continue reading 5 InfoSec concerns for colleges and universities

3 Ways to Protect Data and Control Access to It

By Michelle Drolet . 23 May 2016

Your company’s data is its crown jewels, and you must protect it all times. CIS Controls 13, 14 and 15 will help you.   Earlier we delved into disaster recovery and network security. Now it’s time to take a look at Critical Security Controls 13, 14 and 15, which cover data protection and access control. The … Continue reading 3 Ways to Protect Data and Control Access to It

Create a data recovery plan and secure your network

By Michelle Drolet . 22 Feb 2016

Following the Center for Internet Security’s best practices.   We discussed building malware defenses the last time out, but today we’re going to focus on Critical Security Controls 10, 11, and 12 covering data recovery, secure network configuration, and boundary defense. It’s unrealistic to think that you can completely avoid cyberattacks and data breaches, so … Continue reading Create a data recovery plan and secure your network

Tags