As more people are vaccinated and free to live a more normal life again, vacation plans, trip pictures and conference hashtags will flood social media sites. Phone calls and emails to colleagues will be met with out of office (OOO) messages. You might feel happy for that person, or maybe…

Picking up where we left off on the security-by-design thinking offered by NIST 800-160 Volume 1, we move onward in Chapter 3, focusing on the technical management processes. Let’s look at some security design principles at the technical processes level.  Technical Management Processes Chapter 3.3 shows us eight processes. Like…

Most business owners are overconfident about their small business cybersecurity postures. Two-thirds of senior-level decision-makers who participated in a 2019 survey said they didn’t believe the small- to mid-sized businesses (SMBs) for which they’re responsible would fall victim to a digital attack. Within this prevailing view, many respondents didn’t view…

Organizations are struggling to pinpoint threats that come from real user accounts. Take insider threats, as an example. In a 2020 report, 68% of IT and security experts felt their employers were somewhat or very at risk to insider attacks. Over half (53%) said it had become at least somewhat harder…