Anchor Cyber Blog

Building Cyber Defenses, CIS Control 10: Data Recovery Capability

Posted by Dwayne Stewart on May 18, 2018 10:34:34 AM

3:45 min read or  Audio
In the event of a security breach of your network, it is likely that the attackers have altered or destroyed important data and security configurations. The tenth CIS control, data recovery capabilities, addresses the importance of backing-up system data and properly protecting those back-ups. By doing so, you ensure the ability of your organization to recover lost or tampered-with data.

Read More

Maryland Cybersecurity Investment Incentive Tax Credit (CIITC)

Posted by A Lee Taylor on May 4, 2018 2:09:19 PM

1:45 min read or  Audio 
Every once in a while in the annals of cybersecurity there is news that isn’t a warning about the newest breach or the release of the latest patch. In this case the news is good for Maryland buyers of cybersecurity.

Read More

Building Cyber Defenses, CIS Control 9: Limitation & Control of Network Ports, Protocols and Services

Posted by Marian Bodunrin on May 3, 2018 2:10:24 PM

4:00 min read or  Audio
Transmitting and receiving data via network ports is a necessary evil. Because your network process uses a specific port to communicate to another port there is no avoiding the inherent risk. The most perilous services on a network are the ones you don't know are running. Default system installations often activate services with little or no useful purpose and often go unnoticed. "Shadow IT" operations may start up unauthorized, poorly secured services.

Read More

Building Cyber Defenses, CIS Control 8: Malware Defenses

Posted by Marian Bodunrin on Apr 25, 2018 2:26:03 PM

4:30 min read or  Audio
Malware is a type of computer program designed to infect a legitimate user’s computer with the intent to inflict harm. Malware comes in various forms such as, viruses, Trojans, spyware, worms, etc. Malware is a huge and growing problem, costing businesses millions of dollars and typically exposes or damages vital data. New forms constantly appear and can be hard to catch. CIS Control #8 addresses recommendations that should be implemented to reduce an organization’s risk.

Read More

CIS Control #7: Email and Web Browser Protections

Posted by Marian Bodunrin on Apr 17, 2018 2:04:49 PM

3:45 min read or  CIS Control #7 Audio
Web browsers and email clients are very common points of entry for malicious code due to their daily usage by users. Content can be manipulated to entice users into taking actions that can greatly increase risk resulting in loss of data and other attacks. Controlling the use of browsers and having a defined list is critical. The CIS’ Control #7 addresses several key points in protecting an organization’s environment as well as provides recommendations to mitigate risks. While some of the controls may seem too restrictive for an organization's needs, most are clearly necessary and implementing them will ensure a more robust cybersecurity blueprint.

Read More

Building Cyber Defenses, CIS Control 6: Maintenance, Monitoring & Analysis of Audit Logs

Posted by Marian Bodunrin on Mar 27, 2018 1:39:56 PM

2:30 min read
When properly implemented, Control #6 can bring an organization’s security program to a higher level of maturity. Maintaining, monitoring and analyzing audit logs helps gain visibility into the actual workings of an environment. Also, with proper implementation, the control can help detect, understand or recover from an attack.

Read More

CIS Controls: The Essentials

Posted by A Lee Taylor on Mar 19, 2018 3:35:42 PM

1:35min read
We have considered individually the Center for Internet Security’s top 5 controls for effective cyber defense. Together, they are a force. Perhaps you’re already aware of CIS’s statistic. Of the 20 controls, to implement just the top 5 reduces known cybersecurity vulnerabilities by 85%. If I got that kind of return from the stock market I’d be retiring. Next week.

Read More

Building Cyber Defenses, CIS Control 5: Controlled Use of Administrative Privileges

Posted by Dwayne Stewart on Mar 14, 2018 3:24:04 PM

3:30 min read
A compromise of any account is a problem, but it's especially serious when an outsider gains access to an administrative account. An intruder with full control of a device, website or database and can do serious damage. CIS Control #5’s message is to apply strict control to the level of access that end-users have to network resources, ensuring that each user is granted just the necessary access required to perform their job duties.

Read More

The Vampiric, Voracious, and Probably Preventable, Vulnerability

Posted by Brian Nelson on Mar 13, 2018 11:17:03 AM

1:30 min read
As the pace of security breaches continues to accelerate, a common thread in most breaches is the exploitation of a technical vulnerability--in either the operating system or an application running on top of the operating system. Just in the past two years at Anchor Technologies every breach investigation we have been a part of wasassociated witha known technical vulnerability. The epic Equifax breach was of a technical vulnerability that was public knowledge for months prior to the breach. An annual vulnerability assessment is no longer sufficient to protect your organization.

Read More

Building Cyber Defenses, CIS Control 4: Vulnerability Assessment & Remediation

Posted by Dwayne Stewart on Mar 9, 2018 2:40:50 PM

3:30 min read
Vulnerabilities on Internet connected systems are targeted on a daily basis. The fourth CIS control addresses the need to keep them protected. "Continuous Vulnerability Assessment and Remediation" addresses keeping up with and fixing newly discovered security issues.

Read More

Cybersecurity news,
tips and tricks written
by experts for you

This blog will provide a series of short postings which will provide a quick view into the latest and most relavant security issues, vulnerabilities and tips for you to focus on. It ssaves you from searching dozens of other pages to determine what information is more relavant and needs to be focused on first.


  • Check back weekly
  • Sign up for our newsletter
  • Patch consistently and often

Subscribe to Email Updates

Recent Posts