Cybersecurity

A lot of time can be spent in an organization firming up authentication and access control systems to ensure greater levels of security to their network. All of this however is only one step to insuring a users credentials are not compromised. Considerations need to be made for post authentication. There are several things organizations can do to mitigate risk associated with post login activities. First and foremost, training should be one of the top priorities of the organization. There must be a comprehensive training program for employees within different divisions of the organization (adjusted accordingly for the various levels of access and privileges). In terms of proper use of access control technologies (such as tokens, etc.), policies, and best practices, “Organization members (need to) know what questions to ask and how to find the services they need” (Johnson, E. M., & Goetz, E, 2007). They need to be aware that it is not acceptable, for example, to leave workstations unattended. Policies should be enforced ensuring that systems are locked down effectively when being left unattended. ...

Lately I’ve been carrying out some work involving the Freedom of Information Act (FOIA). There is tons of information about FOIA on the web including on the official foia.gov website, however I decided to summarize the main points of this law in an easy to read / digestible format. This article is broken down into three main parts, a brief intro, the main areas covered in the law, and concludes with the exemptions. ...

WordPress CMS has been prone to many online threats ever since Matt Mullenweg and the team officially launched it. The content management system is impressive, but you can’t stop hackers from attacking websites powered by WP. Attacks can be prevented by installing a WordPress security plugin. If the internet is the only source of your income, you shouldn’t risk your site. There are a lot of useful web tools that can keep your website safe. The best ones are listed below: ...

Establishing and enforcing policies that limit employee access to sensitive data and IT systems are one of the most effective mitigation strategies against a malicious insider (Brancik, 2008). There are a number of strategies that organizations can implement in order to better secure their digital assets. ...

Security breaches caused by internal employees, consultants, business partners and any other individual or group of individuals that have privileged access to certain parts of the network remain one of the highest threats to digital assets. In an article about the employee life cycle and identification of internal organizational threats, Conrad et al (2009) asserts that within an organization, the employee population is the source of potential malicious insiders. ...

Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence. A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system. ...

Intrusion Detection is the process of monitoring an information system in order to determine if any action is being performed with malicious or otherwise cause that may negatively affect its availability, confidentiality or integrity of data contained within. In order to get started with intrusion detection, it is important to first of all gain an understanding of what an intrusion might look like and how it might impact a system or network. ...

Copyright has become a huge issue and talking point recently with continual legal challenges, the introduction and defeat of the Stop Online Piracy Act (SOPA) and considerations for future legislation, challenges and controversy. The United States leads the world in having some of the toughest copyright laws on the books. ...

Software monitoring and blocking tools have become commonplace within the work environment and have been used in order to protect company intellectual assets from employees who either deliberately or accidentely become the cause of security issues. In addition to this, one of the main arguments for such tools is the idea that they increase employee productivity. ...

During the 1980s the role playing games like Dungeons and Dragons saw the rise in popularity of model or figurine molds, which essentially allowed players to create character’s using casting kits. These were in effect a very early day version of 3D printing, which has introduced the production of physical objects in the home. 3D printing has become more sophisticated in recent years and with that, the overall costs have decreased dramatically to the point where they are becoming widespread. ...