cyberattacks

The People, Process, and Technology of Cybersecurity

The COVID-19 pandemic generated an increase in cyber threats. According to a security magazine, Ransomware attacks rose by 92.7% in 2021 whilst comparison to 2020. With an increase in the use of digital technology comes an increase in cyber threats and with each passing day, such threats are evolving, and the need for constant attention …

The People, Process, and Technology of Cybersecurity Read More »

What is Cybersecurity Risk?

According to NIST SP 800-60 volume 1 revision 1, Cybersecurity risks relate to the loss of confidentiality, integrity, or availability of information, data, or information (or control) systems and reflect the potential adverse impacts on organizational operations (i.e., mission, functions, image, or reputation) and assets, individuals, other organizations, and the Nation. Cybersecurity risk is the probability of exposure, …

What is Cybersecurity Risk? Read More »

NIST Incident Response Life Cycle

The NIST 800-61 revision 2 standard provides guidelines for incident handling, especially for analyzing incident-related data, and determining the appropriate response to each incident. The guidelines can be followed independently of particular hardware platforms, operating systems, protocols, or applications. Organizations that need to implement the NIST Incident Response Life Cycle, must first establish a computer …

NIST Incident Response Life Cycle Read More »

What is Vulnerability Management?

According to NIST, vulnerability management is a security practice that is designed to proactively prevent the exploitation of IT vulnerabilities that exist within an organization. The expected result is to reduce the time and money spent dealing with vulnerabilities and the exploitation of those vulnerabilities. Vulnerability management is generally defined as the process of identifying, …

What is Vulnerability Management? Read More »

What is a DMZ Network?

In network security, a demilitarized zone (DMZ) functions as a subnetwork on an organization’s network infrastructure that is located between the protected internal network and an untrusted network often the internet. The DMZ is designed where there is one inside interface connected to the private network, and one outside interface connected to the public network. …

What is a DMZ Network? Read More »

Defense in Depth

Defense in depth also known as layered security, is a cybersecurity strategy used by organizations to secure and safeguard their network, system, and data. The strategy assumes that attackers will try to penetrate the organization’s defenses, so multiple layers of security controls (physical, technical, and administrative) are put in place to detect attackers at every …

Defense in Depth Read More »

Personally Identifiable Information (PII)

What is PII? The Nation Institute of Standard and Technology (NIST), defines personally identifiable information (PII) as Any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or …

Personally Identifiable Information (PII) Read More »