How To Protect Yourself from Malware By Using a Non-Privileged Account

October 2, 2014 Bob Withers Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

Standard security practice for the U.S. federal government and most medium and large enterprises calls for users to run as “Normal User” on the computer at their desk. Also called “Standard User” mode, this prevents employees from becoming an administrator on their work PC. While this helps prevent misconfiguring work computers (and the subsequent helpdesk requests,) this is mainly to prevent malicious software, or malware, from installing on the system and compromising the business’ network or sensitive information.

The Flaw That Led to A Lot of Heartbleed

July 21, 2014 Bob Withers Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

In November 1988, a Cornell University student named Robert Tappan Morris launched the first modern worm onto the then-nascent Internet. Morris’ stated purpose was to try to map the Internet. While the experiment went catastrophically awry, it taught us a couple of lessons: First, ensure that production software does not have the developers’ debugging code enabled. Second, make sure that the code a programmer has written operates the way that they intended.

Taking a Closer Look at the U.S. Cybersecurity Framework and Roadmap

June 5, 2014 Bob Withers Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

A set of standards, guidelines and practices guidelines released by NIST is being made available to the public. While they are directly applicable to the U.S. federal government and to organizations providing critical infrastructure components, the guidelines apply to most industries and businesses as well.

Following Security Best Practices is Good But May Not Be Enough

May 20, 2014 Bob Withers Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

If you look at books and publications on cybersecurity, it’s clear that we continue to emphasize common information security best practices: Keep up with patches, disable unnecessary services, have users work with limited privilege, follow system hardening principles, and maintain an ongoing program of user education. Depending on the industry, there are guidelines, standards, or even federal regulations that drive cybersecurity. Unfortunately, as shown by Heartland Payment Systems and Target Stores, these standards are often viewed as encompassing security solutions, rather than baseline, minimal requirements.

Who’s the Hacker?

March 26, 2014 Bob Withers Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

Before the era of cybercrime, hacking for social, political, or religious causes (so-called hacktivism), and terrorist threats to our infrastructure and monetary systems, the hacker started as an explorer and traveler on the data superhighway. Today, we can still categorize some hackers as explorers. In fact, the title “hacker” carried the pejorative meaning only recently.