View Post

More on Limiting Damage to Information Assets

In Cybersecurity by Ian0 Comments

This entry is part 4 of 8 in the series Prevention and Protection Strategies

This entry is part 4 of 8 in the series Prevention and Protection StrategiesEstablishing and enforcing policies that limit employee access to sensitive data and IT systems are one of the most effective mitigation strategies against a malicious insider (Brancik, 2008).  There are a number of strategies that organizations can implement in order to better secure their digital assets. 

View Post

Managing Access to Information Resources

In Cybersecurity by Ian0 Comments

This entry is part 3 of 8 in the series Prevention and Protection Strategies

This entry is part 3 of 8 in the series Prevention and Protection StrategiesSecurity breaches caused by internal employees, consultants, business partners and any other individual or group of individuals that have privileged access to certain parts of the network remain one of the highest threats to digital assets.  In an article about the employee life cycle and identification of …

View Post

Honeypots: To Lure or Not To Lure

In Cybersecurity by Ian0 Comments

This entry is part 2 of 8 in the series Prevention and Protection Strategies

This entry is part 2 of 8 in the series Prevention and Protection StrategiesHoneypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.

View Post

Intrusion Detection

In Cybersecurity by Ian0 Comments

This entry is part 1 of 8 in the series Prevention and Protection Strategies

This entry is part 1 of 8 in the series Prevention and Protection StrategiesIntrusion Detection is the process of monitoring an information system in order to determine if any action is being performed with malicious or otherwise cause that may negatively affect its availability, confidentiality or integrity of data contained within.  In order to get started with intrusion detection, it …