Software whitelists, part of an organization's software policies, control which applications are permitted to be installed or executed on an organization's devices and network. In this post, I describe how whitelisting and real-time monitoring of log data can reduce the organization's exposure to cyber attack.
In line with its risk management program, an organization might decide to host unsupported applications on its supported or unsupported operating systems. In this post, I describe how organizations should upgrade, replace, or retire unsupported software assets, including operating systems.
Having a managed software asset inventory helps an organization ensure that its software is identified, authorized, managed, or retired before it can be exploited. In this post, I describe why your organization should establish a software inventory to manage its software.
Risk tolerance--the amount of risk an organization is willing to accept--should be part of your organization's comprehensive risk management program. In this post, I describe how your organization can define its risk tolerance.
Federal CIOs and CISOs are challenged with analyzing the risk of having unsupported operating systems on their networks and determining how to properly address this risk. In this blog series, I explain how an unsupported operating system can expose a network to attack and what steps your organization can take to mitigate this risk.
We hope you enjoyed our 20-part blog series describing the best practices included in the Common Sense Guide to Mitigating Insider Threats published by the CERT Insider Threat Center. Our goal for the series was to highlight each best practice and provide a few quick wins for you to consider as you attempt to identify and mitigate insider threats in your organization.
The 20th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 20: Develop a comprehensive employee termination procedure. In this post, I discuss the importance of establishing a termination procedure that is consistently communicated and applied across the enterprise.
The 19th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 19: Close the doors to unauthorized data exfiltration. In this post, I discuss how organizations are vulnerable to data exfiltration and offer potential mitigation strategies.