The advantage is firmly in the hands of the attackers right now. The number of easy to use tools available and the speed that new vulnerabilities are incorporated into these tools greatly outpaces the speed that most organizations can stay on top of the threats. No matter how many precautions you have taken, a breach, or incident will occur. Although there are many things you can do to minimize the risk of a breach, you should operate under the assumed breach mentality — you have already been breached, you might just not know it. What are you going to do now?

2015 was a prolific year for cybercrime. In the public sector, OPM was the banner breach (full cost as yet unknown, but the feds are spending $133 million on credit monitoring alone).  Meanwhile in the private sector, hacking cost the average American firm $15.4 million per year, with the more costly cybercrime carried out by malicious insiders, DDoS and web-based attacks.

Traditional IT security has always focused on static, well-controlled IT environments. However, with the advent of BYOD policies and more and more mobile devices connecting to workplace networks, a new, more fluid paradigm has evolved. How does IT make the shift and take charge of these dynamic and very difficult to control environments?

Over the last several years, great efforts have been made to implement the US Federal Government’s “Cloud First” strategic initiative to develop, promote, and streamline the “on ramp process” for Federal agencies to adopt and migrate to cloud architecture through Federal Risk and Authorization Management Program (FedRAMP).

Black hat hackers make more money than white hat hackers.  A lot more.  The 2015 Symantec Internet Security Threat report states that a hacker can sell a credit card number for about $50 on the black market.  If you can steal 100,000 numbers in a few months, you stand to earn about $5 million.  This money pales in comparison to what a bad actor can get for a purloined medical record:  about $500 per record, according to the same report.  Steal 100,000 of those, and you’ll get a whopping $50 mil

The Dark Web:  the name conjures up visions of nefarious characters doing despicable things under the cover of specialized technology that keeps them a step ahead of the law, who are hopelessly outnumbered.  Many people believe the Dark Web is like dark matter:  mysterious, undetectable, and vaster by far than our customary world.

The first order of business in cybersecurity, indeed in IT management in general, is to have a reliable system inventory:  physical systems, virtual machines, software and associated configurations and vulnerabilities, and – most importantly – data.  Asset inventory is not just common sense, though, it’s the law.  The NIST 800-53 sec

As straightforward and commonplace as patch management might be, it is still a big security hole for many organizations.  The 2015 Verizon threat report states, “…99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE was published”.  In other words, completely preventable exploits were succe

At this point, it probably seems like there’s almost as much information out there about how to combat cybersecurity threats as there are threats themselves. Every day there’s a new report that contains a wealth of valuable – and sometimes, disturbing – information. It’s enough to make a federal IT pro feel overwhelmed.
Like so many other things, though, it’s helpful to remember that the foundation for a successful approach to defending against cyber threats can ultimately be boiled down to a few core best practices:

An advanced persistent threat (APT) is a network attack in which an unauthorized individual gains access to a network and then stays in the network, undetected, for a long period of time.[1] APTs use multiple phases to break into networks and avoid detection. During this period of time, the attacker will scan the network for confidential information.  There are usually five phases of an APT attack. The first is reconnaissance, in which the attacker leverages information to understand the target.