Showing posts from July, 2020

What Makes a Security Plan?

      Hello, and welcome back to my blog. This week, I would like to quickly discuss the levels that go into making a security plan. These types of plans are an important tool for IT departments and Cybersecurity Administrators to design a plan that will help protect or slow down an attack on the network.     Of course, security plans can vary from company to company; however, their purpose remains the same, with threats looming every day. With IT managers adjusting in response to the ever-changing threats, the created security plan must be designed to stop or slow down any attempt to breach network defenses. Below we will look at the principal components of a security plan and what they entail.    Separate Networks              As the name suggests, having more than one network can protect company assists from hackers and the like. The reason being is that having every computer on one network would lead to issues if that subsequent work were to fail, which would stop operati

A Look at Defense-in-Depth

What is Defense-in-Depth?                 Defense-in-Depth is the method to which multiple layers of defense protect a network. These defenses are intended to delay an attacker's attempt to further into a system but not stop them completely. By slowing down the attacker, the IT team has time to reacted and mitigate any damage to the network. The idea behind Defense-in-Depth stems from a military strategy that revolves around having a weaker perimeter defense and intentionally yielding space to buy time. In the case of cybersecurity, the approach here involves multiple layers of control but not give up any ground. Here is a video that can bring a little light on to the idea of Defense-in-Depth from Network Direction: Below is the topology of how Defense-in-Depth would potentially look like: Fig 1. A large scale highly secure deployment of  Siebel Business Applications Having a setup, such as the one above, would bring security to any business of any size. In this case, for the

What is Single Sign-On and How it may benefit a company.

Hello, and Welcome to my blog! This week we will be discussing how single sign-on is used and how it can be beneficial to a company. What is Single Sign-On?                 Single sign-on (SSO) is a session and user authentication service that permits a user to use one login credentials to access multiple applications with a username and password. How does it work? When you are signing on to a website, you may be presented to sign on with a username and password from Facebook, Google, or Apple. These are what is called single sign-on or SSO. This allows users to sign on to a website using credentials from other accounts, such as Google or your Apple ID. It is a federated identity management (FIM) arrangement, and the use of such a system is sometimes called identity federation.  O-Auth , which stands for Open Authorization and is pronounced "oh-auth," is the framework that enables an end user's account information to be used by third-party services, such as Fa

A quick look at NIST CSF (Cybersecurity Framework) core and how they are organizes into functions.

Hello, and Welcome to my blog! This week, I will be discussing how the NIST CSF (Cybersecurity Framework) core organizes into functions. What is a NIST Cybersecurity Framework?                 The National Institute of Standards (NIST) and Framework’s Cybersecurity (CSF) was published in February 2014 in response to Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” which called for a standardized security framework for critical infrastructure in the United States. What are the NIST CRF Framework cores areas? The NIST CSF is comprised of four core areas. These include Functions, Categories, Subcategories, and References. We will be talking about the different functions in the NIST CSF core and how they are organized for today. What are the Framework Functions? The NIST CSF is organized into five core functions, which are also known as the Framework Core. These functions are arranged with one another to represent a security cycle. Each p

Incident Response and Forensic Analysis, a relationship.

Hello, and Welcome to my blog! This week, we will be discussing how forensics is related to incident response. Before we dive in, if you are not familiar with incident response, check out this  link  that will take you to one of my other posts that describes what incident response is. The forensics part that is related to the incident response takes place after everything has happened. After the response team has done what they can, the forensic team comes in and analyze what has been taken. This team can be part of the response team or a separate group from the response team. They have their own goals, data requirements, team skills, and benefits for both teams they have, and each of these has differences between them. It is also possible for a person to have both sets of skills and maybe both teams. Incident Response vs. Forensic Analysis Both of these are two related disciplines that use similar tools. Here are the essential highlights. Incident Response: Goals: ·