The most effective approach combines multiple strategies tailored to the organization’s specific needs and environment. Regularly reviewing and updating policies and controls ensure systems remain effective in the ever-evolving threat landscape.
Category: Cybersecurity
NAVIGATING NIST SP 800-171 – AUDIT AND ACCOUNTABILITY
The required control of audit records and user accountability as outlined in NIST SP 800-171 Revision 2 are key requirements in fortifying an organization’s defense against cybersecurity-related threats.
Enhancing Cybersecurity: A Deep Dive into NIST SP 800-171 Awareness and Training
Reporting insider threat activities can prevent serious harm or damage to the organization’s assets including information, people, and equipment. Reporting best practices include reporting to established personnel within the organization and not to the suspected individual
NAVIGATING NIST SP 800-171 – ACCESS CONTROL: STRATEGIES AND SOLUTIONS
There are several approaches to limiting system access to devices by focusing on three main technologies: firewalls, network segmentation, and device security.
Cybersecurity Awareness Month – Updating Software
Cyber hygiene refers to the practices an entity implements to maintain or improve cybersecurity. These practices help maintain the confidentiality, integrity, and availability of data. The following are a few examples of these practices
CYBERSECURITY AWARENESS MONTH – ENABLING MFA, STRONG PASSWORDS, AND A PASSWORD MANAGER
Adopting strong passwords, MFA, and using password managers are tools you can use to protect your accounts while increasing cybersecurity.
Insider Threat: Bystander Engagement
Bystanders can play a role in helping organizations to identify insider threats. Bystanders include colleagues, human resources personnel, and supervisors.
Cybersecurity Afterschool Club Was a Hit
During the first club meeting, the IBSS team provided an introduction of cybersecurity and facilitated hands-on exercises to help the students understand the concepts. They presented the CIA Triad using a bank example.
Exploring a Modern ICAM Solution with ZTA Principles
Malicious actors gained access to information pertaining to high profile targets for at least 8 months or longer. Not just affecting the U.S. government, the attack reached hundreds of organizations including universities, governments in Europe, and large private sector companies like Microsoft and Equifax.