Blog

Blog

How to Get Started with NIST 800-171 Compliance

Are you ready to report your NIST 800-171 compliance status by the end of the year? If you do business with the federal government, you need to comply with SP NIST 800-171 by the end of the year. Now is the time to implement your compliance plan.
Blog

The DDoS Deception You Need to Know About

A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.
Blog

How “Smash and Grab” Compromises IBM i

During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Blog

What is the Value of SIEM?

As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…