Side Channel Attacks

Side Channel Attacks

News this year surrounding the Meltdown and Spectre CPU vulnerabilities has sparked a wider discussion on side channel attacks. These threats are difficult to mitigate and hard to detect, which makes them especially attractive to criminals. They are also likely...
PCI DSS High Level Overview

PCI DSS High Level Overview

Your Boss comes to you and says “We need to be PCI DSS compliant by tomorrow and I’m assigning you as the compliance manager.” Your first thought might be, “what is PCI compliance?” or “why has god forsaken me?” Both are reasonable responses. But neither will get you...
Botnets Our Future Internet of Dangerous Things IoT

Botnets Our Future Internet of Dangerous Things IoT

Botnets and IoT – Our Future Internet of Dangerous Things   A Dramatic Entrance   In September of 2016, a botnet called Mirai facilitated a massive distributed denial of service attack on KrebsOnSecurity, a cybersecurity blog run by Brian Krebs. This...
Cybersecurity Compliance

Cybersecurity Compliance

Cybersecurity Compliance Companies are obligated to protect their sensitive or valuable data assets. These obligations manifest in the form of industry standards and legal regulations. The road to cybersecurity compliance can be overwhelming, but it is better to...
Network Logs

Network Logs

Network Logs In the rare (but not inevitable) event that your organization faces a security incident there will be a scramble for evidence. C-Suite executives, investors, regulators, and other stakeholders will want to know what was impacted, the scope of the...
Digital Footprints

Digital Footprints

What is OPSEC? Operational security (OPSEC) refers to the measures taken to conceal your Digital Footprints from a potential adversary. In other words, keeping secrets from bad guys. The term originates in US military history, and is often summed up in the adage...