September 03, 2019
Business Continuity And Top Management Are Inseparable
Business Continuity and Top Management are Inseparable ContinuityCentral.com posted an analysis by editor David Honour of a crisis communication statement made by National Grid CEO John Pettigrew following a wide-area power outage that occurred on August 9th, which was the largest to occur in the UK for over a decade. The analysis scrutinizes every part of Pettigrew’s statement, […]
Read more
August 02, 2019
Avoiding the Capital One Breach: Defense in Depth
With the release of the criminal complaint in the recent Capital one breach we now have a better understanding of how Paige A. Thompson exfiltrated data from their cloud vendor. We don’t know all the details and can only make inferences based upon the information available. Deploying CloudGuard on AWSCase Study The complaint states that a GitHub file was […]
Read more
July 30, 2019
VxWorks Vulnerabilities: More Exposure Than You Think
Six of the URGENT/11 bugs can be exploited to achieve remote code execution (RCE). At least one bug affects each version of the OS starting with 6.5, while others can lead to a denial of service (DoS) attack. Well, while this is something you may not have heard of it is the real time operating system […]
Read more
July 23, 2019
Your Password Policy Should Challenge Hackers, Not Your Users
Any time a human is involved, the potential for weakened security increases. Password policies are necessary for cybersecurity compliance; however, burdensome password policies can result in bad user behavior like password transformation. SUBSCRIBE TO SAYERS BLOG REMEMBER WHEN – IBM published the startling statistic that human error was found to be involved in 95% of all security incidents in “2014 Cyber […]
Read more
July 03, 2019
Affordable Cybersecurity Assessment using OWASP
Sometimes we just need a sanity check and assessments offer that opportunity. An assessment can offer a glimpse into those things that may require our attention, and ideally, some validation of our good work. But, they can be potentially expensive. For a quick self-assessment, there is a less-expensive option to consider. The OWASP Cyber Defense […]
Read more
February 17, 2019
Doomsday Docker Software Vulnerability
The attraction of a DevOps strategy is understandable, but sometimes I feel like the speed of business should be just a bit slower. At least slow enough so we security professionals can properly get on-board. The most recent indicator of this need is the runC vulnerability just identified in the most common container toolsets in use today. Docker, […]
Read more
January 28, 2019
Combatting Uncertainty Around Cloud Security Readiness
Overall, there is a weak grasp on what “Cloud Security” actually means. I recently spent time discussing possible challenges with cloud security at a cybersecurity conference. As I tried to pack my research into the allotted twenty-five minutes, I quickly realized we, collectively, don’t have a good grasp on what cloud security actually means. I think this is the […]
Read more
January 07, 2019
Life Safety Above All Else
Years ago, when I sat for my CISSP, I went into the exam carrying two bits of advice offered to me by a mentor: #1. In matters of security, choose the most conservative path.#2. Life safety above all else. Critical infrastructure providers, and more specifically, the Healthcare and Public Health providers, have rightfully followed these […]
Read more
August 07, 2018
What Does Citrix Sharefile Have to Do With Harvard?
The Harvard Business Review conducted a study to understand how successful teams collaborate using file sharing technology. In general, they discovered the following fingerprints of successful team collaboration in the logs of their file sharing technology: Smaller teams are more successful.Research with the most impact, involved longer projects. Imagine that? Research teams at top universities worked on […]
Read more
April 02, 2018
What is a Hyperconverged Infrastructure and Its 5 Benefits
As problem-solvers, we like to think outside the box at Sayers. Sometimes, however, the best solution is inside the box. Hyperconvergence is one of those situations where you shouldn’t ignore the box, because the answer is there. A hyperconverged IT platform presents the hardware and software to drive your data center. You don’t need to piece together your […]
Read more
