Page 2 of 2
We all still need to stay diligent for the new ways Hackers try to gain access to confidential information. This is why we need annual security awareness Training. CIS Security has updated the latest list of scams that are able to gain access to our confidential data.
Facebook Messenger vulnerability exposed your private texts ~ E Hacking News:
This is a common result for every organization that has a data breach. The Equifax Breach is just one of many that have the similar root cause. What is interesting is that many organizations do not use the findings of the Equifax Breach to enhance their own Risk Management and Cyber Security Controls. SC media reports today data breaches up 400% and the Identify Theft and Research has just published their January 2019 Data Breach List which is more disturbing because many organizations do not even know the extent of how much PII or PHI data was compromised. We seem to be going backwards and not forwards and it appears that the problem will get worse before it gets better. At the RSA 2019 conference, Jason Escaravage, from Booz Allen Hamilton, summed up one of the issues nicely… “compliance isn’t enough. You need to be aware of the threats that are likely to… that your organization is likely to encounter or experience and really getting a threat-focused mindset into the organization”. Entire Article Here. This is just a starting point. We have a long way to go.
I had the opportunity to preview and demo the uCertify COMTIA Cybersecurity Analyst Course. For many of you that are considering becoming a CISSP or CISA, I strongly recommend this course as well as take a plethora of good notes. This course is written in a way that makes it easy to transition from being an A+ and/or Network + Engineer into Cybersecurity. The course will also help in gaining a better understanding the roles and responsibilities of a Cyber Security Analyst. This course is easy to follow and has a plethora of examples, practice questions and exercises.
This course will help students pass CompTIA’s Cybersecurity Analyst Certification Exam as well as ensure that the following CompTIA Cybersecurity analyst skills are obtained:
- Perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization.
- Configure and use threat-detection tools.
- Secure and protect applications and systems within an organization.
Being a CISSP instructor, I have identified that if participants who take this course and maintain a strong understanding of the course material, it will make it easier to understand the topics found in ISC2’s CISSP Security and Risk Management Domain and Security Assessment and Testing Domain.
I AM LOOKING FORWARD TO SEEING ALL OF THE NEW PRODUCTS AND SERVICES AT THIS YEAR’S RSA CONFERENCE. MANDIANT JUST RELEASED ITS 2019 MANDIANT M-TRENDS REPORT WHICH HAS SOME EXCITING INFORMATION REGARDING APT37, APT38, APT39 AND APT40. THE REPORT CAN BE FOUND HERE: https://www.fireeye.com/CURRENT-THREATS/ANNUAL-THREAT-REPORT/MTRENDS.HTML