A Security Questionnaire, RFI, VRA (Vendor Risk Assessment), VR Management…helps customers identify and evaluate the risks of using a vendor’s product or service. Performing such a review is sometimes mandatory based on the industry (e.g. healthcare). During this standard business process, customer collects written information about security capabilities of a supplier and you could barely… Continue reading Vendor Risk Assessment: Hassle or Blessing?!
Category: Security Management
Coding Skills and Security Administration
Know how to code and take your computer security effectiveness to next level
Simple Sign of Security Program Has Already Been Failed
The simple sign is your Trust and Confidence: Do you have faith in your security program? For a moment be honest and ask yourself: am I confident with my company security program? Do I have faith in our security team? Do they really know what they are doing? Does my information security officer worth pay… Continue reading Simple Sign of Security Program Has Already Been Failed
The Only Reason A System Has Not Been Hacked!
Real hackers do not randomly find a flaw in a system. There is a systematic approach to hack a system! Regardless of size and type of an online entity and its online presence, a giant company with ten thousand of employee, or a home user of the Net, the only reason a system (may) have… Continue reading The Only Reason A System Has Not Been Hacked!
One Strategy to Win the Cyber-security Battle: Change the Focus!
Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle! “Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing… Continue reading One Strategy to Win the Cyber-security Battle: Change the Focus!
Tools vs. Techniques
Operations fail by focusing on tool rather than technique! In context of information technology, with all primary operations like Systems administration, Patching and updating, Backup and replication, Malware protection…and all related sub-tasks, focus on Tools is an enemy of the process! Defining, developing or choosing a technique in advance is crucial to an IT operation.… Continue reading Tools vs. Techniques
Naturally Secure Windows Machine
How to utilize native Windows security features to get beyond all the tools in the market?! Most of the times ‘extra tools’ are just for doing things in a different way, perhaps more convenient, but not necessary in a better way, or more effective, cheaper or faster way and Windows is not an exception. Speaking… Continue reading Naturally Secure Windows Machine
Security Program: How To Thrive?
From struggling or hardly surviving, to a fully supervised and manageable security program… Most companies are struggling with running an smooth security program. No matter how much they are spending on that, the difference is really not that much. From zero budget to million dollars security budgets, they still do not have enough trust in… Continue reading Security Program: How To Thrive?
Complexity: The Hidden Monster behind Insecurity
No doubt that companies struggle with information security these days. Today they spend hundreds of thousand dollars, some millions, tomorrow they realize they have done nothing! Security folks do not have peaceful night sleep, because they know what they have done during the day could easy be compromised! Regardless of why we are spending money… Continue reading Complexity: The Hidden Monster behind Insecurity
Tips To Buy And Implement SIEM Solution
Use following checklist to make sure you are on the right track to choose your first or next SIEM solution. The whole process takes 1-4 weeks based on your dedication and vendor availability. Remember the worst thing is being in rush in five four steps: Write a plan Write down all the steps you anticipate… Continue reading Tips To Buy And Implement SIEM Solution