Hard and Fast Rules of Evading Phishing Attacks
While phishing attacks are nothing new, they continue to be more inventive and of an exponentially greater quantity, causing us to pause and revisit what continues to be a serious issue for government organizations, businesses and individuals. The technique of Phishing has been around for years, and hackers continue to use it for one big…
Assessments Take the Guesswork Out of Election Security
Securing elections sounds as if it should be straightforward, but the reality is it is anything but. It’s far more complex and goes further than securing a network with a firewall or locking down a voting machine. It requires knowing precisely where there are gaps in your entire election process that cyber criminals can exploit….
Complacency Isn’t Affecting Election Security Progress, Unknowns Are
Recent news articles have focused on the unused HAVA funds that the Federal government has allocated for election security, and the implication is that this inaction is the result of a lack of urgency or a sense of complacency. Those of us on the frontlines of the election security challenge know that the issue is…
Pursuing Quality Threat Intelligence Insight
Attaining the “correct” Threat Insight By definition, “threat insight” provides an understanding of threats in the context of your company. Insight of any kind is interesting and potentially useful but the most key and critical insight is the insight specifically related to you. In this case, your company and the threats: the known knowns, the…
The One Thing That Makes Election Security Assessments Actionable
Whether your cybersecurity program is advanced or in its beginning phases, an election security assessment is a significant part of improving your cybersecurity stance. However, an assessment is only one step in strengthening your defenses against cybercrime. The actions and decisions that follow an assessment are the true determining factor of success. The methodologies and…
Metrics and Threat Intelligence: Why and How to Apply Them
In the maturity process of any organization, at some point metrics enter the equation. For many, this is a cringe-worthy event that ranks up at the top of the worst job-defining moments. It usually starts innocently. Someone asks a question. It could be a simple question, such as “How much money are we spending and…
What Is Digital Forensics?
Cybersecurity includes a vast number of different components, aspects, techniques and disciplines. From cyber intelligence to continuous threat monitoring and risk assessments, the full spectrum of cybersecurity activities spans an extensive range. One discipline within this range is digital forensics, and like all of the other activities in the security world, fully understanding what it…
Securing the Cloud
The freedom of access – to anything, anytime and anywhere – is the strength and peril of the cloud. While the cloud empowers accessibility, its ubiquitous nature can also undermine security. The same avenues that give us access to information we want and need also open ways for hackers and malicious actors to reach us….
Legislation Alone Won’t Secure Elections. Action and Best Practices Will.
In recent weeks the federal and state governments have been pushing legislation forward in efforts to protect elections from cyberattack. For instance, bill US HR1, For the People Act of 2019, passed in the United States House of Representatives in March and is now being considered by the Senate. The bill includes the Election Security…
Training Can Have a Powerful Impact on Election Security
Cybersecurity attackers work pretty much like we all do – finding the easiest way to get the job done. You can have the most sophisticated security measures in place and use the most sophisticated technology, configured correctly and adherent to all regulations and policies, but if your team is not security-savvy, attackers will easily find…