SANS Ouch! Newsletter – Securely Using the Cloud

The SANS Ouch! newsletter has always been one of my favorite sources of security awareness content. Whether you simply need a reminder of good sound security practices or you are brand new to a topic, the guest writers always seem to do a great job of presenting timely content in an approachable format.

This month is no different. Understanding the Cloud and how to best approach selection and use of a service is both topical and important. I would certainly echo the advice presented in this article. I would particularly dwell on the recommendation to utilize some form of two-step or multi-factor authentication for any service chosen if available. I would take the added step of recommending you not choose a service if MFA was not an option.

Enjoy the read!

https://www.sans.org/newsletters/ouch/securely-using-the-cloud/

SANS Security Awareness Report Highlights the Rising Era of Awareness Training

It thrills me to be able to post an article with this title.  I honestly do not believe there is anything more important and more impactful to the overall security of any organization than effective user awareness training.  An increase in effective training is an increase in overall security.

I have been a student of and an advocate for the SANS Institute for many years.  Lance Spitzner and his team do a marvelous job spreading the word of awareness and safety online.  This report is a good resource and a worthwhile read.  Enjoy!

https://blog.knowbe4.com/sans-security-awareness-report-highlights-the-rising-era-of-awareness-training

SANS Institute in IoT Botnet Warning

Threats associated with the “Internet of Things” are very real and a serious concern.  Take a moment and simply count in your head the number of devices active on the Internet in your home – your computers, laptops, gaming consoles, smartphones, handheld games, printers, camera systems, doorbells, thermostats, kitchen appliances – the list goes on and on.  All of these devices are potential bot nodes or network entry points.

Think about the firewall at the edge of your DSL or cable modem.  Is it secure?  Is it properly configured?  How often do you connect to it and verify the active connections and associated devices?  Take the time to secure your home network just as you would your physical doors and windows.  You may have a “door” standing wide open that you never considered.

http://www.infosecurity-magazine.com/news/sans-institute-in-iot-botnet/

https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/