By Collin Miller, Director of Cloud Security -- Given the emergency brought on by rapid spread of COVID-19, many businesses have been shut down or are transitioning to telework to comply with public health measures. However, for the group of organizations that make up our critical infrastructure, shutting down is not an option.  Critical infrastructure in the U.S. is defined as the following:  Agriculture and food Water Public Health Emergency Services Government Defense Industrial Base Information and Telecommunications Energy Transportation and Shipping Banking and Finance Chemical Industry and Hazardous Materials Post National monuments and icons Critical manufacturing These sectors must find a way to continue operations while ensuring the health and safety of their employees, customers and other stakeholders. Many are implementing work-from-home policies and enabling widespread remote access. This presents new cybersecurity challenges as remote access systems are hastily rolled out and new users learn how to access Virtual Private Networks (VPNs) and other solutions for the first time. In this new reality, securing remote access to our critical infrastructure is more important than ever.  The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recommends the following actions to secure remote access systems:  Ensure VPNs and other remote access systems are fully patched. Enhance system monitoring to receive early detection and alerts on…

Trust is Dead, Long Live Trust!


MFA & Zero Trust Business

By Brad Pierce, Structured Managing Director of Security, CISSP/CISA/PCIP -- Zero Trust is a philosophy, a journey. No one manufacturer or security product will get you where you’re going. It will take all of your technologies, and likely some new ones, to arrive at a Zero Trust architecture. Trust is dead, long live trust! Zero…

Read More

Back to Basics – Inventory Documentation and Network Visibility


Calm Worker in Clouds

By Brad Pierce, Structured Managing Director of Security, CISSP/CISA/PCIP -- One of the first things you must do as a network or systems administrator is document. Oh, Documentation! The bane of IT professionals everywhere. In our harried work lives, it is a tedious, time-consuming process. Most people prefer to avoid documentation. But, when it is…

Read More

Supply Chain Hacking 101


An educational piece about the supply chain attack By Jesse Wilson, CISSP, @CyberWarior1775 To start, let’s talk about what the supply chain is in relation to Information Technology. In this case, the supply chain refers to the coordination of order generation; order processing; order fulfillment via the distribution of products, services and/or information; manufacturing; and…

Read More