Cybersecurity Principles for Small and Medium sized Busines
There are several important cybersecurity principles that small and medium-sized businesses should consider in order to protect themselves from cyber threats:
Cyber NewsOn Alec Baldwin’s Shooting
We recently learned that Alec Baldwin is being charged with involuntary manslaughter for his accidental shooting on a movie set. I don’t know the details of the case, nor the intricacies of the law, but I have a question about movie props. Why was an actual gun used on the set? And why were actual […]
Cyber News, Cyber Threat Trends
- January 26, 2023
Delegating SCP Management to Governance Team via AWS Organizations
ACM.141 Delegated AWS Organizations Administrator — Policy as Code This is a continuation of my series on Automating Cybersecurity Metrics. I’ve been writing about how to delegate permission to manage SCPs to our governance team. One way to do that is via a delegated administrator. Delegated Administrator for AWS Organizations In the last post I reverse-engineered the information […]
Cyber News, Cyber Threat Trends
- January 26, 2023
Is Once-Yearly Pen Testing Enough for Your Organization?
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization’s reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly […]
Cyber News, Cyber Threat TrendsUS Cyber Command Operations During the 2022 Midterm Elections
The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. […]
Cyber News, Cyber Threat Trends
- January 25, 2023
The Definitive Browser Security Checklist
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions […]
Cyber News, Cyber Threat Trends
- January 25, 2023
Analyzing CloudFormation Requests Related to SCPs
ACM.140 Trying to figure out conditions and ARNs to create a delegated administrator for SCPs This is a continuation of my series on Automating Cybersecurity Metrics. In my last post I wrote about how I wanted to create a delegated admin account for SCPs. I also noted that the documentation, at the time of this writing, […]
Cyber News, Cyber Threat TrendsUS Cyber Command Operations During the 2022 Midterm Elections
The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. […]
Cyber News, Cyber Threat TrendsRegulator Stress Test Highlights Cyber Insurance Concerns
Bank of England warns greater cross-industry consensus is needed
Cyber News, Cyber Threat Trends