Steve Stasiukonis’ company, Secure Network Technologies, does all kinds of pen testing. When we say all, we mean it—Secure Network has even successfully “shipped” a person in a FedEx box to demonstrate the vulnerabilities of a company being...
Recent Posts
Steve Stasiukonis started doing pen testing professionally in 1997, when a former classmate of his confided that his company was struggling to identify network vulnerabilities. Steve had been employed in document management and information security...
With the current economic and social uncertainty in today’s landscape and the rush to transition staff to remote workers, great opportunities arise for attackers to target businesses and employees for financial gain.
Jim Hebler has worked in cybersecurity for nearly 18 years. He started out covering technology as a journalist for two daily newspapers, The Detroit News and USA Today, then got into private sector communications. After that, he trained with HP...
Part 3 of a three-part series
Milan Patel, current chief client officer at BlueVoyant and former CTO of the FBI Cyber Division, keeps up with the latest in cybercrime and cybersecurity. (If you missed his great tale of his first FBI vehicle—not to...
Milan Patel has seen a thing or two. He can’t talk about some of it, which makes sense, given that he’s the former CTO of the FBI Cyber Division. While there, he organized and co-led the Joint Requirements Team, facilitated by the White House...
Part 1 of a three-part series
Even if you weren’t interested in cybersecurity, Milan Patel is the kind of guy you hope you get seated next to at a dinner party so you can listen to his stories. Currently the Chief Client Officer at BlueVoyant, Milan...
You might think your company doesn’t have much in common with the largest shipping company in the world, but if you’re a manufacturer, it’s increasingly likely that your business will be targeted via ransomware.
On April 15, 2019, a flame ignited Notre Dame Cathedral in Paris and many watched as roughly 500 firefighters struggled to contain the fire. The cause of the flame still remains unclear. According to a recent report, the security guard in charge of...
Industries are transforming with the help of digital technologies and IT, and as competition increases across almost every industry, the pressure to digitally transform also intensifies. However, many companies start this process without thinking...
Author: Tim O'Connor
New psychological studies could be a game changer.
Damage to reputation and brand name are often some of the most significant hits an organization takes when knowledge of a security breach becomes public. At last peer-reviewed...
Penetration tests and network vulnerability assessments are essential components to a company's information security playbook.
Below are frequent questions we receive regarding vulnerability assessments and penetration tests and why they are...
In 2018, threat actors consistently improved their cyber weapons, quickly adopted new methods and adapted their attacks to emerging technologies. Today’s threat trends increasingly point to more stealth-like cyber attacks with malware, ransomware,...
Cyber crime is now democratized. In today’s cyber threat landscape, launching a cyber attack is no longer limited to technically savvy hackers. The underground marketplace has made it possible for anyone to become a threat actor. In the...
Sensitive data is being exposed at an alarming rate due to unwanted data breaches. Is your business protected? Recently the Facebook data breach allowed hackers to gain access up to 50 million users, 3 billion users were exposed in the Yahoo! Data
Almost every organization has moved at least part of their operation to the cloud. You can’t browse the Internet or do email without a partial cloud presence. With so many of your competitors flocking to the cloud, you can’t afford to overlook the...
IaaS is the first tier of a triad of outsourced cloud services. The top two are PaaS (platform as a service) and SaaS (software as a service). Each “…aaS” involves the customer’s doing less work and the cloud provider taking on more responsibilities...
If you’re going to fly with the eagles in the cloud, you need to be grounded in the best cloud encryption practices. The majority of people know the value of data backup and security. Backup is your insurance against loss; security in the wilds of...
Moving data and other company solutions to the cloud can pay off in significant ways for businesses. Small and medium enterprises gain by no longer needing to shell out additional money for the costs of maintaining data servers and other expensive...
"Social engineering bypasses all technologies, including firewalls." -Kevin MitnickSocial engineering is often regarded as the most effective and powerful skill used by black-hat hackers and, until recently, it is one of the least addressed...
In this webinar we discuss what GRC is, why you need a GRC Strategy Roadmap, and how you can leverage a Roadmap to guide you through the GRC implementation journey.
Wherever you are in that journey, the roadmap will allow you to establish...
Ready for a nice cold beverage? Join us on Thursday, March 1st at The District Tap to meet our local security team.
Enjoy a great afternoon of networking with like-minded peers while sampling some food and beverages. The goal is to introduce...
Cadre Information Security has expanded its partnership with RSA, a Dell Technologies Company, and a leader in the enterprise Risk Management and Governance, Risk and Compliance (GRC) market.
Cadre is broadening its strategic role with RSA, by...
Cadre’s new upgraded classroom brings better than state-of-the-art security training for students at ANY LOCATION to our already advanced training solutions.
Students can now attend all of Cadre’s course offerings remotely without the expense of...
By now you are probably aware of the advantages of using a virtual computer (VM) and how that compares with utilizing and operating a physical one.
A Virtual Chief Information Security Officer (vCISO), similar to a virtual machine, is a new service...
A policeman sees a drunk man searching for something under a streetlight and asks what the drunk has lost. He says he lost his keys and they both look under the streetlight together. After a few minutes the policeman asks if he is sure he lost them...
When it comes to managing IT for your business, you can never have too much help. That's why Cadre is now offering Managed Security Services.
Maintaining and upgrading a security system requires a defined, comprehensive process for updating and...
Keeping abreast of your network and infrastructure can be a daunting task. Vulnerabilities are much more than a nuisance, they leave your company open to attacks that can lead to serious consequences. Patching vulnerabilities, monitoring email...
GRC stands for Governance, Risk and Compliance.
The Open Compliance and Ethics Group (OCEG) has published one of the most comprehensive GRC definitions. In its GRC Capability Model, Red Book, 2.0, the OCEG defines GRC as a system of people,...
Cadre Information Security is proud to be a sponsor and exhibitor at the Security Summit in Cleveland, Ohio.
Cadre Information Security is proud to be a sponsor and exhibitor at the Data Connectors in Nashville.
Cadre Information Security is proud to be a sponsor and exhibitor at the SecureWorld Cincinnati.
October is National CyberSecurity Awareness Month (NCSAM)!
This campaign was created as an effort to ensure Americans have the resources and information they need to be safe and more secure online.There's been a massive number of cyberattacks...
If you work in any sort of IT/cyber security role, you know it’s imperative to be concerned with hacking. It’s scary out there, especially with increasing reports of organized cyber-criminals going after any sized company, not just the bigger...
Malware is a portmanteau of "malicious" and "software". As the name implies, malware is created solely to harm and inconvenience people by corrupting devices and/or data.
A value-added reseller (VAR) is a company that takes an existing product and adds extra features and/or services to it. This is typically in order to sell an integrated product to end users as a turnkey solution. Value-added resellers can do just as...
These last several weeks have brought up a lot of interesting discussions around passwords and password management, both personally and in the enterprise.
As a Chief Information Security Officer (CISO) or Information Security manager, you have to make decisions on how to best mitigate and handle risks for your business.
Not all leaks are the result of malice.
In 2006, America On-Line (AOL) negligently published 20 million web queries from over 650,000 of its users. This simple accident resulted in an incalculable amount of brand damage to AOL, and it could have...
When it comes to security, most IT departments focus primarily on network and application security.
By now, we've all read news stories about vulnerabilities in various software and are familiar with the importance of preventing unwanted network...
What is multi-factor authentication?Multi-Factor Authentication (MFA) is a method used to grant access to a computer or application. Of course the access is only granted after the user has provided a username and two types of authentication methods,...
Security assessments should be a part of any company’s security program. At a high level, they measure a company’s security posture against industry best practices, compliance requirements and industry frameworks. It takes into consideration...
Encoding, hashing, and encrypting are common concepts applied and discussed when trying to secure data. Many vendors claim to use strong encryption methods and standards, but it is necessary for a security team to assess whether it really is...
Your network is important to you and it's critically important to us.
Read More
Does alignment of business, organizational and technical goals seem impossible to you?
Not to us.
Since 1996, Cadre has been the single source for security guidance, enabling...
Topology:
Read More
Part 1 (No Firewall Module)
Instructions for setup are in the link above. You must install two firewalls and configure VRRP on both of them to act as a cluster. The first part of this exercise is pure VRRP with no firewall module running.
No one is immune from data breaches. We’ve witnessed department stores, hospitals, insurance companies, media giants, dating websites, the federal government and so many others in the news almost daily with yet another breach.
This dominated the...
Very few people were talking about network security when Cadre was formed back in late 1991. By most accounts, the first firewall was invented a year later, circa 1992, to the credit of multiple inventors. In the world of security technology, over...
