Bringing Microsoft Purview and Copilot Together to Protect Sensitive Data
Bringing Microsoft Purview and Copilot Together to Protect Sensitive Data Over the past 5 months, this blog series has covered the fundamentals of Microsoft Purview. As we have shown, Purview provides a powerful layer of data-aware visibility and protection that complements more traditional security controls like identity management, access control lists, group memberships, endpoint security, […]
CIS Security Controls and Compliance
CIS Security Controls and Compliance Cybersecurity is a persistent worry for CIO’s, CISO’s, Board of Directors and organizational leaders. CIO’s and CISO’s specifically are expected to provide leadership and direction to their IT staff and their broader organization to strengthen cybersecurity postures. Where To Begin One question I have been asked by clients is, “where do […]
Managed Security Services Improve Security & Your Team’s Value
Managed Security Services Improve Security & Your Team’s Value The Power of MSSPs When I was leading technology organizations, one of the most critical and valuable partner vendor relationships was with our managed security service provider (MSSP). They served in three capacities: Around-the-clock 24/7/365 monitoring for malicious activity, including proactive threat hunting. Served as the […]
Improving Cloud Security Policies
Improving Cloud Security Policies Our Strategic Advisors find a consistent gap when reviewing our customers’ security policies: a lack of focus on cloud computing. Even in organizations with many traditional policy documents, there’s a lag in updating them for cloud technologies like Microsoft 365. Additionally, the gap widens when it comes to documenting the standard […]
Compliance as Security Technology
Compliance as Security Technology One of my favorite security analogies is that enterprise information security is like an onion. Each layer of the onion represents a different control that secures the data at the center. Common layers are endpoint protection, mobile device management, MFA, firewalls, encryption, security policies, and staff training. All of these (and […]
How to Fearlessly Implement Your Zero Trust Strategy
How to Fearlessly Implement Your Zero Trust Strategy “Zero What?” So what does Zero Trust mean? Zero Trust has been a term that has been around a long time. Remember the X Files? Agent Molder would always tell his colleagues – “Trust no one”. That pretty much sums it up. You don’t trust anyone who […]
7 Simple Ways to Improve Your IT Security Right Now- With No Money
7 Simple Ways to Improve your IT Security Right Now… With No Money! 1: BETTER SPAM PROTECTION (FREE) Email is still the primary attack vector, where users receive emails with suspicious attachments or links, unknowingly execute these items, and then – *BAM* – a bad day ensues. If you aren’t protecting your email from spam, […]
Recovering from Enterprise Phishing Attacks
Recovering from Enterprise Phishing Attacks Much has been written about what consumers should do if their home accounts get phished. But here’s a comprehensive list for recovering from enterprise phishing attacks. We include advice for all affected parties: users, IT admins, and Security leaders. For the End User: Immediately tell the IT department and share […]
How Secure is Your Environment?
Most companies today understand the very real need to protect their data. Most invest significant funds to mitigate or prevent the threats that aim to compromise their data. Typically, the go to investment is a firewall on the edge of the network to protect against outside attacks. And that is a great start. But that […]
Cisco FirePOWER: The Answer to Your Security Needs
In today’s network data center environment, it’s not simply enough to have a traditional firewall in place protecting the network’s edge. With more sophisticated network intrusions occurring daily, a Next Generation Firewall (NGFW) is required to help fight against these intrusions. Cisco’s FirePOWER services provides a Next Generation Firewall (NGFW) and IPS (NGIPS) along with […]