July 23, 2019
Your Password Policy Should Challenge Hackers, Not Your Users
Any time a human is involved, the potential for weakened security increases. Password policies are necessary for cybersecurity compliance; however, burdensome password policies can result in bad user behavior like password transformation. SUBSCRIBE TO SAYERS BLOG REMEMBER WHEN – IBM published the startling statistic that human error was found to be involved in 95% of all security incidents in “2014 Cyber […]
Read more
July 03, 2019
Affordable Cybersecurity Assessment using OWASP
Sometimes we just need a sanity check and assessments offer that opportunity. An assessment can offer a glimpse into those things that may require our attention, and ideally, some validation of our good work. But, they can be potentially expensive. For a quick self-assessment, there is a less-expensive option to consider. The OWASP Cyber Defense […]
Read more
February 17, 2019
Doomsday Docker Software Vulnerability
The attraction of a DevOps strategy is understandable, but sometimes I feel like the speed of business should be just a bit slower. At least slow enough so we security professionals can properly get on-board. The most recent indicator of this need is the runC vulnerability just identified in the most common container toolsets in use today. Docker, […]
Read more
January 28, 2019
Combatting Uncertainty Around Cloud Security Readiness
Overall, there is a weak grasp on what “Cloud Security” actually means. I recently spent time discussing possible challenges with cloud security at a cybersecurity conference. As I tried to pack my research into the allotted twenty-five minutes, I quickly realized we, collectively, don’t have a good grasp on what cloud security actually means. I think this is the […]
Read more
January 07, 2019
Life Safety Above All Else
Years ago, when I sat for my CISSP, I went into the exam carrying two bits of advice offered to me by a mentor: #1. In matters of security, choose the most conservative path.#2. Life safety above all else. Critical infrastructure providers, and more specifically, the Healthcare and Public Health providers, have rightfully followed these […]
Read more
August 07, 2018
What Does Citrix Sharefile Have to Do With Harvard?
The Harvard Business Review conducted a study to understand how successful teams collaborate using file sharing technology. In general, they discovered the following fingerprints of successful team collaboration in the logs of their file sharing technology: Smaller teams are more successful.Research with the most impact, involved longer projects. Imagine that? Research teams at top universities worked on […]
Read more
