What is TLP 2.0? The Forum of Incident Response and Security Teams (FIRST) created the Traffic Light Protocol (TLP) standard which is used in the computer security incident response team (CSIRT) community to facilitate greater sharing of potentially sensitive information, more effective communication, and indicates any sharing limitations that recipients must consider when communicating potentially […]
Tag: security
What is Email Encryption? Email encryption is an authentication process that disguises the contents of messages so that only the intended recipients can access and read them. This is done by scrambling plain text so that the email can only be read by an authorized recipient with a private key. With Public Key Infrastructure (PKI), […]
Embedded Security
What is Embedded Security? An embedded system is the combination of hardware and software designed to perform dedicated functions within a larger mechanical or electrical system. An embedded system is governed by integrated software that determines the behavior of the embedded device. Embedded systems security is a strategic approach to protect an embedded system from […]
Digital Certificates
What is a Digital Certificate? A digital certificate is an electronic credential that confirms the identity of a device, server, or user through the use of cryptography and the public key infrastructure (PKI). Digital certificates are issues by a trust service provider (TSP) or a certification authority in order to help organizations to ensure that […]
BIOS Security
What is BIOS Security? Basic Input Output System (BIOS) is software stored on a small memory chip on a computer’s motherboard. It has a number of different roles, but its most essential function is to load the operating system. When the computer is turned on, the microprocessor tries to execute its first instruction, which the […]
What is the Health Sector Cybersecurity Coordination Center? Cybersecurity threats in the health sector include vulnerabilities due to legacy systems, privacy protection, IT interoperability issues, and security breaches, to name a few. A source of cybersecurity guidance and information is the U.S. Department of Health and Human Services Health Sector Cybersecurity Coordination Center (HC3). HC3 […]
What are HIPAA Physical Safeguards? The Health Insurance Portability and Accountability Act of 1996 (HIPAA, PL104-191) was enacted to protect the privacy and availability of health insurance coverage and medical information. The law’s primary goals include protecting health insurance coverage for workers and their families in the event that the insured employee changes or loses […]
Cybersecurity Policies and Planning
What are Cybersecurity Policies and Plans? To protect against cyberattacks, it is important for all organizations to develop cybersecurity plans and policies. Small businesses may think that such plans are overly elaborate or unnecessary, but every business with single computer or even one credit card terminal is vulnerable to serious cybersecurity threats and should have […]
Insider Threats
What are Insider Threats? The Department of Homeland Security (DHS) defines an insider threat as the “…threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States.”1 Insider threats are not only threats to national security, but they are […]
Network Segmentation
What is Network Segmentation? Network segmentation is a process of dividing a network into multiple zones and applying specific security protocols to each zone. The primary goal of network segmentation is to have increased control over the management of security and compliance. Network segmentation, also known as network partitioning or network isolation, makes it difficult […]