Building IT software isn’t always the most secure process. The reason for this is simple economics. Companies can’t always afford to build in the security features software needs to be secure. Let’s walk through a typical IT software project. As the IT software project …
While there is no one single solution to guard agencies against all cyberthreats, there are tools that can certainly go a long way toward managing and understanding the cyberthreat landscape. One such tool is Security Information and Event Management (SIEM) software. SIEM tools combine …
Ladies and gentlemen, we’ve reached the fifth and final post of this information security in hybrid IT series. I hope you’ve found as much value in these posts as I have in your thoughtful comments. Thanks for following along. Let’s take a quick look back at …
The U.S. Army is leading the charge on the military’s multidomain battle concept—but will federal IT networks enable this initiative or inhibit it? The network is critical to the Army’s vision of combining the defense domains of land, air, sea, space and cyberspace to …
Four score and one post ago, we talked about Baltimore’s beleaguered IT department, which is in the throes of a ransomware-related recovery. Complicating the recovery mission is the fact that the city’s IT team didn’t know when the systems were compromised initially. They knew …
In post #3 of this information security series, let’s cover one of the essential components in an organization’s defense strategy: their approach to patching systems. Everywhere an Attack When did you NOT see a ransomware attack or security breach story in the news? And …
Here at SolarWinds, convention season is just beginning to heat up. Whether you’re lucky enough to travel to these shows or are just following our exploits online, you’ll see us across the globe—from London (Info Security Europe) to New York (SWUG™), Vegas (Black Hat) …
In the second post in this information security in a hybrid IT world series, let’s cover the best-designed security controls and measures, which are no match for the human element. “Most people don’t come to work to do a bad job” is a sentiment …
Welcome to the first in a five-part series focusing on information security in a hybrid IT world. Because I’ve spent the vast majority of my IT career as a contractor for the U.S. Department of Defense, I view information security through the lens that …
“Shiny object syndrome” exists within both the IT and cybersecurity fields. The press loves to focus on the sleekest new security toys or the latest threat-hunting technique. After all, red-team/blue-team simulations and advanced threat hunting sound cool and impress at networking events. However, for …
