Tag Archives: Information Security Policy

Small and Medium Size Organizations at Risk

Posted on April 10, 2018 by mclaukl

The bad guys are now starting to target mid-tier companies with their hacking activities. In many cases these companies have not yet come to realize that having a Certified Chief Information Security Officer (C|CISO) or a Virtual Cerified|CISO (vC|CISO) is … Continue reading →

The Office of No, Really?

Posted on June 12, 2017 by mclaukl

Successful ransomware attacks are at an all time high, we are losing the cyberwar, cyber criminals are making more money than ever before and it is only going to get worse, a cyber attack could be as damaging as … Continue reading →

Posted in Critical Manufacturing Cyber Security, Uncategorized | Tagged Application Security, compliance, cyber, cyber security, Cyber Security Incident Response, cyber warfare, Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, IT operations, leadership, risk, risk assessment, risk management, Security | Leave a comment

For Cyber Security the Perimeter Still Exists and Never Went Away

Posted on June 6, 2017 by mclaukl

One item that really bugs me is to hear IT and Cyber Security professionals espouse that the perimeter is dead and that Cyber Security professionals should stop focusing on tools that protect the non-existing perimeter. I was at … Continue reading →

Posted in Uncategorized | Tagged Application Security, compliance, cyber security, Cyber Security Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, risk assessment, Security | Leave a comment

Critical Manufacturing Legacy Systems

Posted on March 13, 2016 by mclaukl

One common item that information Security Professionals working in Critical Manufacturing environments have to deal with is that of legacy systems. You see, in Critical Manufacturing environments it is very common for the systems that run … Continue reading →

Posted in Critical Manufacturing Cyber Security, Uncategorized | Tagged compliance, cyber, cyber security, Cyber Security Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, risk assessment, risk management, Security | Leave a comment

Cyber Security – A basic look at Defense in Depth

Posted on February 27, 2016 by mclaukl

A basic somewhat quirky and fun look at Defense in Depth.

Posted in Uncategorized | Tagged Application Security, compliance, cyber security, Cyber Security Incident Response, Incident Response, information assurance, information security, Information Security Policy, information system security, risk management | Leave a comment

The Insider Threat is Alive and Well – a summary taken directly from Raytheon’s How to Build an Insider Threat Program (2014) …

Posted on November 4, 2014 by mclaukl

Aspects of human nature further complicate matters: Well-intended managers resist any notions of “their people” doing “bad things.” They screened them. They hired them. They work with them side-by-side and – if they’re good bosses – have developed a genuine interest … Continue reading →

Posted in Uncategorized | Tagged compliance, cyber security, Cyber Security Incident Response, Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, Policy, risk, risk assessment, risk management, Security | Leave a comment

The Cyber Security CIA explained via Calvin and Hobbes

Posted on September 3, 2014 by mclaukl

Leave it to my son Kody, who is starting his Cyber Security career to come up with this novel way to explain the CIA triad for Cyber Security. In InfoSec terms, CIA refers to Confidentiality, Integrity, and Availability. To illustrate … Continue reading →

Posted in Uncategorized | Tagged cyber, cyber security, information assurance, information security, Information Security Policy, risk management, Security, talent | Leave a comment

Why Is It?

Posted on November 20, 2012 by mclaukl

Why is it that Internet Crime statistics continue to show that for the criminally inclined internet crime is a very viable and fast growing field? Why is it that millions of dollars are stolen from end users who simply fail to … Continue reading →

Posted in Uncategorized | Tagged cyber security, information assurance, information security, Information Security Policy, information system security, Security | Leave a comment

The Talent Within

Posted on November 9, 2012 by mclaukl

11/8/2012 In his book “Topgrading: How leading companies win by hiring, coaching and keeping the best people” (2005) Dr. Smart talks about how important it is for a company to not only hire A level talent but then keep and … Continue reading →

Posted in Uncategorized | Tagged cyber security, information assurance, information security, Information Security Policy, information system security, Security, talent, talent management | Leave a comment

In Cyber Crisis

Posted on November 6, 2012 by mclaukl

We are a country in crisis in regards to adopting adequate Information Security practices. I am not an alarmist but when I review the Cyber Security update that my team compiles and sends out a couple of times per week … Continue reading →