Sitemap

Why (and When) You Need Computer Forensics

The word forensics usually makes us think of homicide... but it applies to computers, too. Understanding the need for computer forensics and occasions where it supports you during litigation is a must for anyone who wants to stay in business. I recently got to sit...

The Difference between Threat Data and Threat Intelligence—and Why It Matters

There’s a lot of buzz about threat intelligence and threat hunting these days. But beyond the hype, what intelligence are organizations actually getting about cyber threats? How can you know true threat intelligence when you see it? This widely misunderstood subject...

Why Your SIEM Tool Needs to Monitor Cloud Environments… or Else

To share key considerations and best practices for SIEM adoption, a recent episode of The Virtual CISO Podcast from Pivot Point Security featured Danielle Russell, Director of Product Marketing Management at AT&T Cybersecurity, a top SIEM vendor. Hosting the...

The #1 Most Important Feature of a Security Information Management Solution for SMBs

The goal of Security Information Event Management (SIEM) is to reduce risk to sensitive data behind the firewall and minimize breach impacts by shortening the threat detection window and data breach lifecycle—which currently averages 279 days according to the latest...

SIEM, a SOC, an MSSP… Choosing Correctly is Crucial for every SMB

The coronavirus scenario is fueling an already hot trend in Security Information & Event Management (SIEM) tool deployment among SMBs. SIEM is a relatively broad and mature technology category with a plethora of options. If you’re considering (or already have) a...

ISO 27701- A Roadmap to Implementation

ISO 27701 - A Roadmap On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002, which is designed to...

A “Less is More” Mentality Will Save Your SIEM Deployment & Operation

Experts agree: if you want to set your Security Information Event Management (SIEM) program up for failure, configure the SIEM tool to alert on a huge range of event data. Then good luck finding the signal amidst the noise. This and other key considerations for SIEM...

The Shared Assessments SIG and SCA—“Trust” and “Verify” Tools for SMBs’ High-Risk Vendors

The Shared Assessments Program offers multiple tools to assess third-party information security risk. Probably the best-known of these tools is the Standardized Information Gathering (SIG) questionnaire. A growing number of outsourcer organizations use the SIG to...

4 Tips to “Quarantine” the Latest Ransomware Threats

It’s a pretty crazy time out there, and that’s an understatement. We are all currently a part of a once-in-a-generation event that will have far-reaching economic and social effects. In fact, we are already knee deep in the changes that COVID-19 has brought with it!...

Business Continuity Is Fundamentally About Resilience

Getting a flat tire is a disaster. Knowing where you keep the spare is disaster recovery. Changing a tire in under 7 minutes to get right back on the road is business continuity. On a recent episode of Virtual CISO, I got a chance to talk with Cosmo Gazzani, Director...