FISMA Compliance & NIST SP 800-37 (Rev. 1)

The "Federal Information Security Management Act," or "FISMA," is a U.S. federal law that arose from the E-Government Act of 2002. In this act, the U.S. government underlined the significance of  improving the management of electronic government services and processes. FISMA provides the framework for organizations to develop and maintain the minimum security goals for... Continue Reading →

NIST releases version 1.1 of The Cybersecurity Framework. Here’s a Summary

The National Institute of Standards and Technology has recently released version 1.1 of the Cybersecurity Framework (CSF), designed to improve the cybersecurity of industries, companies, and organizations that are a part of the nation's critical infrastructure (e.g., energy, power, banking, communications, defense, etc.). The CSF is a voluntary framework that was originally developed in response... Continue Reading →

A Simple Guide to Vulnerability Management

A "vulnerability assessment" discovers what vulnerabilities are present on your organization's infrastructure and classifies them according to their level of criticality. Vulnerability assessments are usually conducted by qualified personnel or Approved Scanning Vendors (ASVs) by means of a vulnerability scanner, such as Nessus, OpenVAS, QualysGuard, Nexpose, and so on. These are special forms of software... Continue Reading →

What is Penetration Testing?

Penetration testers are hired ethical hackers tasked with simulating a real-world attack on an organization's networks and systems. Think of it as an intrusive security assessment that measures the organization's level of resistance to an attack. The great thing about penetration tests are that they test the organization's capabilities to defend against real-world attacks and... Continue Reading →

What Information Does Facebook Keep About You? See For Yourself! You’ll be Surprised

Are You Concerned About The Latest Facebook Trouble?If you're following the news, you'll know that Facebook is in deep water. What exactly happened? Back in 2014, Cambridge Analytica (CA), a British political consulting firm, which combines data mining, data brokerage, and data analysis with strategic communication for the electoral process, signed a data-sharing deal between SCL... Continue Reading →

Up ↑