The CCleaner hack: Who is affected: People who have downloaded CCleaner version 5.33.6162 32-bit version download between August 15th and September 12th. If I have a 64-bit PC could I be…

Entrapment and Enticement: Entrapment (Illegal and unethical): When someone is persuaded to commit a crime they had no intention to commit and is then charged with it. Openly advertising sensitive…

Evidence: How you obtain and handle evidence is VERY important. Types of evidence: Real Evidence: Tangible and Physical objects, in IT Security: Hard Disks, USB Drives – NOT the data on…

Legal and regulatory issues. As IT Security Professionals we need to understand that laws and regulations have a huge influence on how we work. We need to know some of…

Equifax has without notifying anyone updated their breach FAQ, now saying that it was breached using a vulnerability in Apache Struts. "We know that criminals exploited a U.S. website application…

The US Department of Energy (DOE) has announced 20 cybersecurity projects aimed at enhancing the reliability and resilience of the American electric grid, and oil and natural gas infrastructure through…

For the certification it is important to know where you are in the organization and answer the questions from that viewpoint. You are a risk adviser or a IT security…

Having top-down IT security leadership in an organization is key to success. If we do not have the buy-in of senior leadership, we will do a mediocre job at best.…

MAC (Mandatory Access Control): Often used when Confidentiality is most important. Almost always used in the military or in organizations where confidentiality is very important, rarely used in the private…

RBAC (Role Based Access Control): Often used when data integrity is most important. Most large organizations use role based access control, your access levels are determined by your job role.…