SMB breach fallout makes recovery hard

By |May 29th, 2016|KSE, SMB, TUX GUI|

SMB Security Simplified If attackers use you to attack others, there may be repercussions to your business brand, reputation and partner trust relationships. Many SMBs are not prepared for legal repercussions if a partner or customers are harmed. SMBs are not prepared for breach response in general. Cyber insurance is a financial risk transference, but

Attain NIST sp800-160 goals with KSE

By |May 26th, 2016|Insider threat, KSE|

The previous post discussed the NIST sp800-160 document, which has reached second draft release. It's general purpose is to reduce attack surface so that systems are more inherently secure and resilient in the face of adversaries. Its objective is described by lead author Ron Ross of NIST; "Increasing the trustworthiness of systems is a significant

NIST sp800-160: no more same-old

By |May 25th, 2016|KSE|

Implications of NIST Special Publication 800-160, for "Systems Security Engineering" The second draft of NIST sp800-160 was released this month. The full title of the document is, Systems Security Engineering: Consideration for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems This version is apparently quite an extensive update to draft one, and NIST

SMBs:cyber security isn’t just about your data

By |May 24th, 2016|KSE, SMB, TUX GUI|

  SMB Security Simplified SMBs may be attacked for reasons that have nothing to do with obtaining their data. Detection remains problematic. If it isn't obvious that you have been hacked, how do you know for sure? SMBs are not reporting breaches; the numbers are understated. In the meantime, attacks such as ransomware continue to

More Thoughts on Defender Advantage

By |May 4th, 2016|Insider threat, KSE|

Nothing like a hackathon to make one think like a defender! <Added July 26/16 - The hackathon challenge is complete, and none of the participating Red Teams were successful.> In part one, we announced how the Gov2Com Hackathon Challenge is now taking shape, and how about 15 defence contractor and DoD Red Teams will simultaneously attack