NIST CSF – Part 2 -Protect

NIST CSF – Part 2 -Protect

The NIST Cyber Security Framework, or NIST CSF,  is the result of a February 2013 Executive Order titled “Improving Critical Infrastructure Cybersecurity” and 10 months of collaborative discussions with more than 3,000 security professionals. It comprises a risk-based...
Auditing and logging for HIPAA

Auditing and logging for HIPAA

Auditing and logging are an important part of the HIPAA Security Rule, but the rule contains no specifics on this requirement. According to HIPAA Security Rule – 164.312(b):“Implement hardware, software, and/or procedural mechanisms that record and examine...
What is cyber threat hunting?

What is cyber threat hunting?

A buzz term of today’s cybersecurity is ‘threat hunting’. It gives you images of clandestine agents hiding in the shadows, ready to spring into action to neutralize a threat. Well that’s not exactly what cyber threat hunting is, but it’s also not necessarily what many...
5 core functions of effective cybersecurity – #1 Identify

5 core functions of effective cybersecurity – #1 Identify

Since the National Institute of Standards and Technology Cyber Security Framework (NIST CSF) was established, it has become the framework of choice for organizations to align with to establish “best practice”, and is the foundation for most US cyber...
3 Key Steps to Effective Patch Management

3 Key Steps to Effective Patch Management

Patch Management is reviled, impossible and critical. It’s technically difficult if not impossible, it’s prone to issues that can lead to disruption, and it’s absolutely required from a security and compliance standpoint. Let’s look at why each of these statements is...