Cybersecurity Tips and Guides

What You Need to Know

There are many pieces that make up a complete Cybersecurity Program. The core parts include Framework adoption, Documentation, Process/Procedure development, Policy management, Security Governance, Security Compliance, Service/Tool procurement and management, Cybersecurity Incident Response, Cybersecurity support, etc. Each of these initiatives and ongoing efforts take time, expertise and money to accomplish. We help collect resources including guides, examples/templates and recommendations on how best to go about these.

Some examples include:

How to create an Incident Response Plan
How to create a Vulnerability Management Plan
Efficient vendor selection process
Efficient process to handle Vendor Risk Management
Recommendations for building an internal Cybersecurity team
How Change Management should integrate with Information Security Programs

The articles below provide more in-depth information and details.

See the articles below for additional information.

Jan 9

CYBERSECURITY GUIDES

Everything You Need to Know About Conducting a Penetration Test

Penetration Tests should be conducted at least once per year and it's important to understand all aspects before scheduling.

Nov 7, 2022

CYBERSECURITY SERVICES

Pen Testing vs Vulnerability Scanning: Do you Need Both?

Penetration Testing and Vulnerability scanning do overlap a little but the short answer is, Yes, and for good reason!

Nov 4, 2022

CYBERSECURITY GUIDES

MFA Best Practices, Follow New Guidelines

MFA is critical to have in place, but makes sure you are following the latest best practices or it may not be as secure as you think!

Oct 20, 2022

CYBERSECURITY GUIDES

Cybersecurity Policy Creation

Creating policies is a major part of Cybersecurity Program Management. There should be a structured plan and process for policy creation.

Oct 7, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Account Management, CIS 5

CIS Control 05 covers Account Management which focuses on managing account credentials and authentication, including a password policy.

Sep 19, 2022

CYBERSECURITY GUIDES

Cybersecurity Incident Response Guide, Part 1

The goal of Incident Response is to identify threats, respond quickly before the threat spreads, and remediate before they cause damage.

Sep 14, 2022

CYBERSECURITY EDUCATION

Top Cybersecurity Podcasts to keep up with security news and trends

Podcasts can be a great alternative to traditional means for Cybersecurity news and educational content around security trends and threats.

Sep 4, 2022

CYBERSECURITY FRAMEWORKS

Integrating Application Security Practices, Part 1

Security is critical to the software development process. There are many frameworks, such as OWASP, that should be leveraged for this.

Aug 30, 2022

CYBERSECURITY GUIDES

Using the CIS Benchmarks for Cybersecurity Control Implementation

The CIS has just recently published two new AWS Benchmarks including updates to their AWS Foundations Benchmark and one for Bottlerocket.

Aug 27, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Use a Passive Asset Discovery Tool, CIS 1.5

Follow CIS Control 1.5 by using a Passive Asset Discovery Tool to update the company asset inventory and verify accuracy.

Aug 24, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Use DHCP Logging to Update Asset Inventories, CIS 1.4

Configure DHCP logging on all DHCP servers or leverage IP address management tools to review and update the company's asset inventory.

Aug 22, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Utilize an Active Discovery Tool, CIS 1.3

Utilize an active discovery tool to detect and identify assets/devices connected to the company's network that are unauthorized to do so.

Aug 20, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Address Unauthorized Assets, CIS 1.2

Address unauthorized assets that are detected on the company network or connecting to company resources, which is part of CIS Control 01.

Aug 16, 2022

CYBERSECURITY GUIDES

Implementing Cybersecurity architectures across Microsoft services

One of the most important features within Microsoft 365 that should absolutely be leveraged to improve security is Conditional Access.

Aug 15, 2022

CYBERSECURITY FRAMEWORKS

Cybersecurity Control Review - Manage and Maintain an Asset Inventory, CIS 1.1

Daily Security Control - Today we cover CIS Control 1.1, Manage and Maintain an Asset Inventory.

1/2

blockchain concept illustration in 3d, connected blocks in blockchain_edited.jpg

Cybersecurity Tips and Guides

Check out our Twitter feed!