How Organizations Can Determine the Impact of Cybersecurity Incidents
When determining the impact of a computer security incident, it helps to classify the threat encountered, which usually occurs before the actual Incident Response (IR) process begins. Determining the impact will also determine whether the incident should even be considered an "incident." Think about what vulnerability the threat exploited. If this was an unknown vulnerability ...
NIST releases version 1.1 of The Cybersecurity Framework. Here’s a Summary
The National Institute of Standards and Technology has recently released version 1.1 of the Cybersecurity Framework (CSF), designed to improve the cybersecurity of industries, companies, and organizations that are a part of the nation's critical infrastructure (e.g., energy, power, banking, communications, defense, etc.). The CSF is a voluntary framework that was originally developed in response ...
Scan Your Home Network for Vulnerabilities Using Nessus
Nessus is a proprietary vulnerability scanner created by Tenable, Inc. It is free to home users for personal use (Nessus Home), but requires a license for commercial use (Nessus Professional). Obviously, the commercial version comes with more features, but this does not in any way degrade the effectiveness of Nessus Home. With Nessus Home, users ...
A Simple Guide to Vulnerability Management
A "vulnerability assessment" discovers what vulnerabilities are present on your organization's infrastructure and classifies them according to their level of criticality. Vulnerability assessments are usually conducted by qualified personnel or Approved Scanning Vendors (ASVs) by means of a vulnerability scanner, such as Nessus, OpenVAS, QualysGuard, Nexpose, and so on. These are special forms of software ...
7 Ways to Respond to Network Threats
With the re-awakening of ransomware attacks that plagued many networks last year, cybersecurity is arguably at the top of every network administrator's priority list. With that being said, here are 7 ways to respond to network threats. 1. Network Segmentation In specific circumstances, network segmentation, which is a process by which we separate parts of ...
The Cybersecurity Man 