In partnership with itSM Solutions LLC and UMass Lowell, a NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R), LRS Education Services is proud to offer the NIST Cybersecurity Professional (NCSP) training curriculum. The curriculum is designed to train how to engineer and implement a cybersecurity program to protect critical assets using the NCSF.
Read More »about NIST Cybersecurity Framework – A Risk Assessment Process
Admittedly the vast majority of my technical background is on the Windows side. Like many of you I’ve spent years in the field and through training courses improving my Windows skills and gathering a bunch of certifications from Microsoft. Windows is powerful and ubiquitous. I have a great time working in Windows networks and teaching Microsoft courses. But sometimes we all need to broaden our horizons.
Read More »about Fun with Kali
We are very proud of our NIST CSF courses. The reviews have been fantastic! Many organizations take that knowledge and create or improve a cybersecurity program on their own. In the Bootcamp/Practitioner classes we get very specific as to what that program could contain and how it might be organized.
However, we’ve heard from clients that they want more. They need a partner to come alongside and help them through the process of discovering exactly where they are in cybersecurity. What’s going well, what are the gaps and what should be done to close them?
Read More »about Are You Ready To Assess The State of Your Cybersecurity?
A few weeks ago I was speaking to a client about the need for antivirus as called for in the Payment Card Industry Data Security standards (PCIDSS) Requirement 5: Protect all systems against malware and regularly update antivirus software or programs. He made an unusual statement, “We don’t use antivirus.”
Having been in IT and cybersecurity for many years I knew this was eventually coming, but it was the first time I’d seen it in a real-world implementation. Here are some facts:
Read More »about The End of Antivirus?
It doesn’t matter if you are at a small business or a very large company, cybersecurity is more important today than it has ever been! As we move into the holiday season, retail cybersecurity is dominating our attention, but any company involved in digital transformation continues to lack the workforce needed to protect assets.
Read More »about Security+ is Important TODAY!
When I’m working with a client and the topic of cybersecurity arises they want to talk about attacks from Russia, North Korea or various organized crime entities. But did you know that these types of threats are not the most likely avenue from which you’ll have a breach in your cybersecurity? In fact they are WAY down the list of who’ll be the reason your security is compromised. Want to know the greatest threat?
Read More »about Can't You Trust Anyone Anymore?
Remember a year ago when everyone was reeling from the Petya and WannaCry ransomware attacks? How at that time ransomware was top of mind for cybersecurity professionals and anyone else paying attention to IT security?
Read More »about Ransomware is No Longer the King of Malware!
Thanks for watching this video blog entitled: What is JEA and How Can It Make Your Systems More Secure? Microsoft has extensive documentation about JEA at: https://docs.microsoft.com/en-us/powershell/jea/overview In addition, as mentioned in the video, we have a class that covers JEA and many other great Windows Server 2016 security related topics. For details on the…
Read More »about What is JEA and How Can It Make Your Systems More Secure?
I came across the following article today and it stood out to me as THE reason that we teach the NIST Cyber Security Framework (NCSF) courses at LRS. The following statement is what was exciting to me…and I believe will be intriguing to you if you are not using the NCSF already!
Read More »about THIS is why we teach the NIST Cyber Security Framework courses at LRS!
Recently while working with another organization in the middle of the WannaCry attack we made significant changes to their systems. We ran emergency patches to some devices, adjusted the public Wi-Fi access, became even more diligent about defense in depth and pushed out details to confirm all staff were informed about how such attacks could enter even a well-protected organization.
Read More »about When the CEO Asks: Are We Secure?