search menu icon-carat-right cmu-wordmark

Posts by Phil Groce

Pandemic Home Security for Your Enterprise

Pandemic Home Security for Your Enterprise

• Blog
Phil Groce

This post was co-written by Harry Caskey. The COVID-19 pandemic has greatly increased remote work among enterprise employees. Home-network environments are not professionally managed, so they are an appealing target for attackers. These attackers are aware that systems on home networks are not patched regularly and a number of them are out of date with respect to vulnerability mitigation. Threat detection is typically nearly absent on home systems, and remediation is often incidental at best....

Read More
Remote Work: Vulnerabilities and Threats to the Enterprise

Remote Work: Vulnerabilities and Threats to the Enterprise

• Blog
Phil Groce

For many organizations, COVID-19 dramatically changed the risk calculation for remote work. In January 2020, many enterprises viewed remote work with skepticism; by March, the choice for many was to become a remote-first enterprise or to shut down. As one might expect, embracing long-resisted technologies and practices has been chaotic for many, with actions dictated primarily by urgency. By now, most enterprises--to the surprise of some--have successfully adapted to the new environment. A few, such...

Read More
Situational Awareness for Cybersecurity Architecture: 5 Recommendations

Situational Awareness for Cybersecurity Architecture: 5 Recommendations

• Blog
Phil Groce

In this post on situational awareness for cybersecurity, we present five recommendations for the practice of architecture in the service of cybersecurity situational awareness (SA). Cybersecurity architecture is fundamentally an economic exercise. Economics is the practice of allocating finite resources to meet requirements. The goal of a cybersecurity SA architecture is to deploy your finite resources, such as equipment, staffing, and time, to enforce your organization's cybersecurity policies and controls. The endpoints on your network...

Read More
Engineering for Cyber Situational Awareness: Endpoint Visibility

Engineering for Cyber Situational Awareness: Endpoint Visibility

• Blog
Phil Groce

This post was co-written by Timur Snoke. In this post, we aim to help network security analysts understand the components of a cybersecurity architecture, starting with how we can use endpoint information to enhance our cyber situational awareness. Endpoints collect a wealth of information valuable for situational awareness, but too often this information goes underutilized....

Read More

Contact the Author

Phil Groce