NIST Cybersecurity Framework: Second, Build a Moat
Josh Mayfield
NIST Cybersecurity Framework: Second, Build a Moat

My last post guided you through the first pillar of the NIST Cybersecurity Framework (CSF): Identify. Here, we’ll talk through the steps to fulfill the second pillar of NIST CSF: Protect. But first, let’s consider a small, subtle nuance in our language. “Safe” is an adjective, not a verb. Although everyone wants to describe their data, devices, apps, and users as safe, the label is only true when a...

READ MORE
5 Tips for Compliance Officers Dealing with GDPR
Mark McGlenn
5 Tips for Compliance Officers Dealing with GDPR

GDPR enforcement is here and businesses are taking various approaches to comply. Most noticeable was the flood of emails we all received from companies scrambling to update their privacy policies. Big tech companies are passing the buck onto individual businesses and publishers, making them responsible for any data they may collect. And to the extreme, some organizations are blocking all EU users including retailers like Dick’s Sporting Goods and...

READ MORE
NIST Cybersecurity Framework: First, See Everything
Josh Mayfield
NIST Cybersecurity Framework: First, See Everything

A long time ago in an organization far, far away… we had straightforward cybersecurity. There were relatively few assets, they were static and they accessed data through firewalls to prevent unauthorized access to a consolidated, authoritative data source: the network. Oh, and ‘apps’ weren’t a thing yet. We called them ‘programs’ or ‘applications’ and they were large, on-premises, and relatively homogenous. After all, if each business unit had their...

READ MORE