JOIN TRUSTEDSEC ON February 13th, 2019, AT 1:00 PM EST What is the MITRE ATT&CK(TM) Framework? The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKTM) Framework (https://attack.mitre.org/) is “a globally-accessible knowledge base of adversary tactics and techniques” that is “open and available to any person or organization for use at no charge.” It is fast…
At TrustedSec, we get about 400-500 inquiries for security assessments every year. Some of the questions we still hear quite often are: Why does our company need to do a risk and security assessment? Why can’t we just do it ourselves? We already know we’re terrible—why do we need you to tell us that? There…
NIST hosted a CyberSecurity Risk Management Conference from November 8th through the 10th. The event was expanded and improved from previous NIST workshops, which were more government focused. Thus for this conference, they wanted the same spirit of gaining stakeholder input on the frameworks and general cybersecurity areas, but with a much greater attendance and…
Please note: this webinar was completed on on Wednesday, October 17th, 2018 AT 1:00 PM EDT Organizations are facing a dangerous combination of mounting cybersecurity threats and a widening gap in the skills required to identify and combat them. There is continuing pressure to keep our information secure and breach-free, and to create leadership roles…
Let’s say you run an operational environment and you’ve spent years figuring out how to keep your production processes and core, life-enabling systems running at high efficiency and efficacy. But now, your IT group wants to connect your production and control systems to outside networks as part of new “IoT” (Internet of Things) initiatives. You…
Background The idea of Segmentation is pretty simple: put your crown jewels (i.e. your highest risk assets) in a small container, then heavily secure and monitor that. It is simply too difficult to secure everything equally. Why Now? With “digital” drivers to improve experiences, automate operations or change business models, there is now a need…
– JOIN TRUSTEDSEC ON July 25th, 2018 AT 1:00 PM EST – The End of the Beginning After 3+ years of hype, where are we now with Internet of Things security, and where are we going? There is continuing pressure to keep our business “things” secure and breach-free. With crashes and attacks now being reported…
There’s been a radical shift in the assessment industry over the last couple of years. We’ve all probably heard that Artificial Intelligence, Machine Learning, User and Entity Behavioral Analysis, Analytics, Detection and Response tools, etc., are advancing and improving defensive postures. According to Gartner, annual spending on defensive security technology will exceed $82 Billion dollars…
Why Derbycon is so good for the security community I had a chance to go to Derbycon for the first time this year. I was amazed at how great it was and a lot of fun of course, but there was more to it than that. I’ve been to many regional conferences, as well as…
Security is evolving. That’s not news, but as it is happening not everyone can keep up with what that means. This is especially true for those who have embraced maturing their risk and security programs, while still getting traditional assessments which have become commoditized and oftentimes not as valuable as they used to be. These…
