Categories
IT Security Outsourced IT

Security Audit Trail

What is a Security Audit Trail? A security audit trail, or audit log, is a set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports, and/or backwards from records and reports to their component source transactions.1 While application logs record activity […]

Categories
Backup & Disaster Recovery IT Security Outsourced IT

Ransomware Recovery

What is Ransomware Recovery? A ransomware attack begins when a machine on a network becomes infected with malware. The malware infection is typically caused by a user opening an infected email attachment, clicking on a malicious link, or by falling victim to social engineering tactics. Once an endpoint has been infected, it spreads throughout the […]

Categories
Application Security IT Security Outsourced IT

Phantom Hacker Scams

What are Phantom Hacker Scams? The FBI has alerted the public to a recent nationwide increase in Phantom Hacker scams, which primarily impact senior citizens.1 Phantom Hacker scams have evolved from more general tech support scams. They operate by layering imposter tech support, government, and financial institution personas in a complex ruse to build trust […]

Categories
Application Security Government IT Security Outsourced IT

Web Application Access Control Threats

What are Web Application Access Control Threats? The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) have released a Cybersecurity Advisory to warn vendors, designers, and developers of web applications, and organizations using web applications, about insecure direct object reference (IDOR) vulnerabilities.1 […]

Categories
IT Security Outsourced IT

Security Awareness Training Methods

What are Security Awareness Training Methods? Training employees to understand and limit security risks is a critical element of an organization’s strategies to protect themselves from cyberthreats. Some of the reasons that security awareness training is important for organizations include: While training has traditionally consisted of annual slideshow-assisted lectures, many organizations are now looking for […]

Categories
IT Security Outsourced IT

Security Orchestration, Automation, and Response (SOAR)

What is Security Orchestration, Automation, and Response? Security orchestration, automation, and response (SOAR) solutions help security teams integrate security tools, automate repetitive tasks, and optimize incident response processes, enabling security teams to integrate and coordinate separate tools into streamlined threat response workflows.1 In large organizations, cybersecurity professionals rely on numerous tools to track and respond […]

Categories
IT Security Outsourced IT

Threat Actor Profiling

What is Threat Actor Profiling? Cyberattackers are constantly and aggressively working to find new ways to carry out malicious activities. Psychological profiling in cybersecurity is an intruder identity tool that helps to gather information about these threat actors in order to reveal their identities through the analysis of their psychological traits and characteristics. Through psychological […]

Categories
IT Security Outsourced IT

Data Destruction: Erasure

What is Data Erasure? Destroying data is a critical task. The IRS Publication 1075 offers guidelines for federal, state, and local agencies that require agencies sanitize information system media prior to disposal or release for reuse.1 Media sanitization protects the confidentiality of sensitive information by preventing unauthorized individuals from reconstructing data and gaining access to […]

Categories
IT Security Outsourced IT

Physical Data Destruction

What is Physical Data Destruction? If hard drives cannot or will not be reused, physical destruction may be the best option for data destruction. The primary drawbacks to physically destroying hard drives for the purpose of data destruction are that it is more expensive than non-physical destruction and it is bad for the environment. Additionally, […]

Categories
IT Security Outsourced IT

Domain Security

What is Domain Security? Domain names make internet protocol (IP) addresses more accessible by providing a name that is easier to remember than the string of numbers in an IP address. The domain name system (DNS) is a digital directory that stores and provides information about which domain names correspond to IP addresses. When you […]