INFOGRAPHIC: Was Your Last Data Breach An Inside Job?

Data breaches can happen to any organization. Whether carried out maliciously or simply the result of employee error, read below to learn just how common data breaches are within the public and private sectors.

This entry was posted in Infographic, Cyber security, data breach on July 05, 2016 by Kimberly K

5 Takeaways from the 19th New York State Cyber Security Conference

By: Erin Dayton

1. “When, Not If”

If you've attended your fair share of cyber security conferences in the past, it's almost guaranteed that you've heard the long standing joke “You don’t have to out run the bear, you just have to out run your brother.” Although this joke is still prevalent and ensures a good chuckle from the audience, it's becoming less applicable as the forest has become home to more than just one bear.

The “when, not if” timeframe suggests that organizations can no longer rely on planning based on “if” they will be compromised or breached, but “when". Organizations should operate on the belief that the bad guys are already in their system, and should devote efforts towards identifying how to find attackers and knowing what to do once they've been located. Cyber security efforts should strive toward an advanced model which includes education, prevention, protection, mitigation, response, and recovery. This holistic approach to security provides a potential safety net when facing the perfect storm of the vulnerable technological ecosystem (mobile devices, social media, Internet of Things, etc).

This entry was posted in Conference Takeaways, Cyber security on June 27, 2016 by Kimberly K

Announcing CIS Docker 1.6 Benchmark v1.0.0

CIS has released its first security configuration benchmark for Docker 1.6, which makes more than 80 recommendations for configuring and operating Docker in production environments.   The benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Docker 1.6 or later technology.

This entry was posted in Threats & Vulnerabilities, benchmarks, Cyber security, Docker on May 11, 2015 by Amanda B

CryptoWall 3.0

Kevin Moran, MS-ISAC NCCIC Partner Liaison

This entry was posted in Threats & Vulnerabilities, Malware Analysis, ransomware, threats, CryptoWall, Cyber security on February 23, 2015 by Amanda B

New Year’s Resolutions for a Security Executive

CIS Intelligence and Analysis Workgroup

2015 Outlook

It’s that time of year again where we look ahead toward the cyber security trends and topics we’ll be seeing in 2015.