What is Enterprise Security? Enterprise security includes various technologies, strategies, techniques, and processes used in securing information and IT assets against unauthorized access and risks that may violate the confidentiality, integrity, or availability (referred to as the “CIA triad”) of these systems. Enterprise security includes the protection of data as it flows across networks, the […]
Category: IT Security
Categories
Cybersecurity for Nonprofits
What is Cybersecurity for Nonprofits? Nonprofits may not be front of mind as high value targets for cybercrime, but they have many features and assets that are desirable to cyberattackers. One important asset that many nonprofits have is personally identifiable data (PPI) such as full names, addresses, social security numbers, driver’s license numbers, passport information, […]
What is Multi-Persona Impersonation? Multi-Personal Impersonation (MPI) is a new email phishing technique that can make detection even more difficult for email users. The MPI technique uses the psychology principle of “social proof” to increase the perception of authenticity of emails, increasing the likelihood that unsuspecting recipients will click on them.1 The principle of social […]
What are Cybersecurity Risk Assessments? There are several tools available for assessing both specific and broad cybersecurity risks. Consider performing risk assessments at the organizational level as well as subscribing to alerts regarding larger-scale threats. The following risk assessment may be used to classify risks to systems in your organization1: The Center for Internet Security […]
Categories
Business VPNs
What are Business VPNs? Virtual private networks (VPNs) allow users to safely connect to another network on over the internet by encrypting the connection from their device, making the internet connection more secure and private. Organizations use VPNs to secure remote connections to the internet to protect their data from being compromised. Business VPNs are […]
Categories
CIA Triad
What is the CIA Triad? The CIA triad is a well-known model in information security that is used in the development of security policies. CIA stands for confidentiality, integrity, and availability, and refers to the core components of data and information protection. The data that organizations manage comes from various sources such as personal data, […]
Categories
Emotet
What is Emotet? Emotet is a computer malware program that was originally developed in 2014 as a banking Trojan. The goal of the malware was to access foreign devices and spy on sensitive private data. Once a device is infected, the malware spreads like a computer worm and attempts to infiltrate other computers on the […]
What are Digital Forensics and Incident Response? Digital Forensics and Incident Response (DFIR) is a cybersecurity field that focuses on the identification, investigation, and remediation of cyberattacks. The two main components of DFIR are: Digital Forensics. The application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the […]
Categories
NICE Framework
What is the NICE Framework? With the large talent gap in the cybersecurity workforce, it is increasingly important that employers and employees are able to clearly express their needs and expectations regarding cybersecurity jobs. The National Initiative for Cybersecurity Education (NICE) is led by the National Institute of Standards and Technology (NIST) and is a […]
Categories
IoT Botnets
What are IoT Botnets? IoT. With the rising number of Internet of Things (IoT) devices, there is a concurrent rise in IoT botnet threats from cyberattackers. IoT refers to the interconnection and communication between internet-enabled physical devices. The growth of such devices has been explosive, as smart devices such as wearables, sensors, phones, cars, appliances, […]