-
Types of Penetration Tests
Today’s is an introduction into types on Penetration Tests. It is important to remember that Penetration Testing is done on mobile devices, technology in airplanes and boats and so much more than just infrastructure associated with networks.
-
An Introduction to Cyber Penetration Testing
Penetration Testing has many definitions. A penetration test, or sometimes pentest, is a software attack on a computer system that looks for security weaknesses, potentially gaining access to the computer’s features and data.
-
Transcript From Webinar I Conducted ISO 27035 Security Incident Management
I recently conducted a Training Webinar on ISO 27035 Security Incident Response. This is a transcript from the class that I taught. Please excuse any transcription errors.
-
Great Reading List for Cyber Awareness
I conducted a Webinar last week or 500 registered attendees, on the topic of preparing and mitigating risks related to Cyber Security. A number of the attendees requested a list of my preferred reading list. Please remember: Cyber Attackers read the same materials. This list will not help you be ahead of them in knowledge, but it is a list of resources to help you be more aware.
-
How Much Is Your Information Worth???
Information is wonderful, so wonderful that hackers want it. They want Personal Data, Corporate Espionage Data, Health Data, and so much more. The question is how much is your data worth to them? The second question is how much is your data worth to you.
-
SEC Issues (Cyber) Risk Alert
The SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert notifying firms it will conduct IT security examinations of more than 50 registered broker-dealers and registered investment advisers.
-
Creating Awesome Joint Cyber, DR, and BCP Tests/Exercises
What do Business Continuity Test/Exercise, Disaster Recovery Test/Exercise and Cyber Security Event Test/Exercise have in common? The most important thing is that all three are validating the organizations’ response capability.
-
Implement ERM Program That Identifies, Evaluates and Controls Risks
An Enterprise Risk Management (ERM) program and processes should include all areas of enterprise risks and impacts that the entity may be exposed to. The risks weave back and forth affecting each other creating larger risks when viewed in a vacuum without looking at the 360 degree risk environment that can affect the organization.