InfoSec Tips
InfoSec Tip of the Day — a long-running series of tactical cybersecurity tips.
Crisis communication
Have a plan for communicating with the media. If your company experiences a cybersecurity incident, you will need to communicate with the media.
Cloud Security
If leveraging cloud solutions, ensure you understand shared responsibility models. While providers ensure infrastructure security, data and access management often rest with the…
Endpoint Protection
Enhance endpoint security measures, especially for remote workers. Ensuring that all endpoints are secure, irrespective of their location, reduces potential entry points for…
Third-party Assessments
Periodically engage third-party firms for cybersecurity assessments. An external review can provide unbiased insights and highlight areas for improvement, ensuring comprehensive…
Insider Threat Monitoring
Implement measures to monitor and mitigate potential insider threats. Employees can unintentionally or maliciously pose risks.
Secure Development Lifecycle
Integrate cybersecurity practices into your software development lifecycle. By embedding security from the initial design to deployment, you reduce vulnerabilities and ensure a…
Data Retention Policies
Regularly review and update data retention policies. Holding onto data longer than necessary increases the potential risk exposure, and ensuring its safe disposal can mitigate…
timely intel sharing
As we remember those we lost on this day several years ago, I’d like to highlight the importance of threat intel sharing.
Feedback Loop
Encourage employees to report potential cybersecurity concerns or anomalies they encounter. An internal feedback loop can quickly flag potential issues, enabling timely responses…
Engaging External Experts
Consider periodic consultations with external cybersecurity experts. Their fresh perspective can identify unseen vulnerabilities and help ensure that your strategies align with…