Is the CEH Certification Right For You?
Internal Penetration Test vs Vulnerability Assessment: Which is Right for You?
Best Beginner Cybersecurity Certification to Get
Over-complicating Risk in Cybersecurity
Ransomware – Should You Pay?
Hacking Medical Devices for Profit, Terror, Assassination, and Enemy Advancement
Certified Cybersecurity “Professionals” – Reboot Required
Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing
Penetration testing offers two important benefits — security and regulatory compliance. Rising cybercrime, such as the Equifax breach, has affected millions of Americans who now insist on knowing that companies will keep their data secure. And government regulators are happy to help them do it by penalizing companies that do not comply with federal guidelines.
Securing Medical Devices – Is it Possible?
Last month, the FDA issued a warning about software vulnerabilities on multiple medical devices, including infusion pumps, anesthesia machines, and imaging systems. These vulnerabilities allow threat actors to trigger information leaks, gain access to hospital networks and, most worryingly, remotely control the devices themselves.
The State of Small Business Cybersecurity in 2020
Historically, small businesses thought about security in terms of physical property. To protect the items inside the store or office, business owners purchased locks, installed alarm systems, and sometimes hired security guards. Today, however, property crimes are continuing their 25-year decline, meaning the chances of a break-in at your business are about half what they were in 1993. Cybercrimes, however, are the new playground for criminals.
Medical Device Security: Patient Safety Takes Precedence Over Privacy
When people talk about medical device security, the conversation often turns to data security and HIPAA. There’s plenty to be said about protecting patient privacy, but patient safety is a greater concern.
Hidden Costs of the Small Business Data Breach
More than 65 percent of senior decision-makers at small businesses still believe that they’re unlikely to be targeted by cybercriminals. About 60 percent of those businesses have no defense plan in place and an estimated 14 percent are insufficiently prepared to respond if an attack does occur.
The Myth of the Cybersecurity Skills Gap
The lack of qualified professionals at major businesses with knowledge in cybersecurity is exacerbating data breaches, and has been called an “existential threat to our national security.” What there doesn’t seem to be a consensus on is how that problem should be solved. Are there really not enough qualified people to fill the cybersecurity skills gap? The short answer is no.
Black Box Penetration Testing Explained
This blog post is a transcript of Alpine Security’s Black Box Penetration Testing Explained video, which covers an explanation of Black Box Penetration Testing.
Risk Management Framework (RMF) Overview
This blog post is a transcript of Alpine Security’s Risk Management Framework (RMF) Overview video, which covers an overview of RMF, as defined by NIST 800-37r2. Each step in the process is discussed at a high level:
Categorize
Select
Implement
Assess
Authorize
Monitor
Why Skipping a Cybersecurity Degree is Good for Your Career and Pocket Book
If you are clear on a career in cybersecurity, spending 4 years on a bachelor’s degree is more than likely a waste of your time and money. You can learn everything for free on the Internet. And, are “core” courses really going to help you? Political science, art appreciation, history?
Cybersecurity Paper Tigers are Killing Us
A paper tiger is a fake tiger, made of paper. It may appear to be a real tiger, but it has no substance, is unable to stand up to challenge, and can’t perform any other tiger duties. Let’s do the cybersecurity industry a favor and work to get rid of the paper tigers.
Cybersecurity Common Sense is Not Always Common Practice
Common sense is not always common practice, especially with cybersecurity. Most of the breaches we see today are not because some super cool artificial intelligence firewall failed.
Life of a CISSP “In Progress”
Life of a CISSP “In Progress”. What’s it like to be in the pursuit of a CISSP while balancing daily life commitments.