October is Cybersecurity Awareness Month and as such I am going to make an effort to post as many awareness and training tips and tricks as I can throughout the month. This great article from the team over at Tripwire provides some sound advice – let the phishing test run its course! Enjoy the read and share what you learn. We are all in this cybersecurity battle together!
Take note as you finalize your patching cycle for February and verify that all patching is complete.
https://www.tripwire.com/state-of-security/vert/tripwire-ppi-february-2018/
Endpoint management has always been an important component of an effective IT security strategy, but it is becoming more and more immediately relevant given the recent leveraging of IoT devices in DDOS attacks and snooping.
http://www.infosecurity-magazine.com/news/just-33-of-orgs-have-endpoint/
I fully realize that the article linked in this post is effectively an ad for Tripwire Enterprise. I get it. For the record, TE is a fantastic product and personal favorite among FIM/Change Management solutions. That is not why I am posting and linking the article. It’s true value lies in the conversation around incident management questions.
Organizations really do need to ask themselves these questions and be prepared for the ramifications that come when they cannot provide adequate answers. Incident management prep is a fundamental need for every organization.
This is a problem nearly every organization faces. These assessment tools from SANS certainly have value.
This is great advice when planning out your strategy to curb the dangers of phishing in your organization.
Full disclosure – This article is written by a Tripwire employee and is designed to highlight Tripwire Enterprise. That said, the first 2/3’s of the article discuss the very relevant trend of moving back away from the wire, from network monitoring alone, and again toward endpoint security. Tripwire is one option. There are others. The discussion is quite relevant.
There are great nuggets of truth in this article, but be sure to consulting with your IT team before making any changes, especially at work.
I have previously shared the initial article in this series and believe it is a great overview of the benefits and reasoning behind SIEM and SIEM technologies. I personally believe every organization at some level needs strong log collection and correlation, along with many of the other features generally attributed to SIEM.
This is an interesting review of some of the challenges and pitfalls associated with POS security and related malware threats. There is also some strong product placement for Tripwire’s Enterprise solution for Point-of-Sale. I will admit that I utilized this product in a previous retail IT security position and believe it is a strong solution for POS change control and monitoring.
