Security Rant: Phishing Prevention and Mitigation

I think there are 3 parts to phishing defense. 1. Investigation You have to gather statistics on the current state of the environment. Should the customer even invest in training or tools to prevent links from being clicked?  They won’t know until they run a campaign to find out how many users fall prey to … Continue Reading

Know Your Environment #netsec

In one of my recent posts (5 Things Every Network Needs) I mentioned application/endpoint visibility.  Let’s look into this idea a bit further. When you are looking to implement security mechanisms in your network, you need to know what you’re securing.  Not just “what” you’re securing, but how it works, what it’s for, and where … Continue Reading