Software Whitelist or Blacklist?

Today I am writing on the subject of a security control known as whitelisting/blacklisting, or sometimes seen as “deny all, permit by exception”. This control is usually seen as part of cybersecurity compliance efforts, or when organizations have reached the maturity level to begin formalizing their security standards. This can refer to software, applications,...

Continue reading

Cyber Security Tips

Never leave workstations unattended. Always log off or lock your device. Consider setting up auto-lock after a period of inactivity. Cyber-security is a team sport. You are only as good as your weakest player. Build Cyber-awareness in your team to prevent phishing and other social-engineering attacks. Keep your software up to date. Turn on...

Continue reading

Do not Pay the Ransom!

As we have all heard by now, the colonial pipeline hackers were paid 5 million dollars. The data that was extracted from all accounts, at least available information, was a mix of financial and accounting files. I get it, sometimes paying the ransom can assist in returning your business back to normal, or at...

Continue reading

Human Process

am confident that training is the most vital component to prevent most of our IT security issues. I believe in a holistic approach. Training and communicating with technology users is the most effective way in keeping your network and data safe. For instance, the sign in process. Do all your users have passwords or...

Continue reading