Virtual CISO – An appealing alternative to CISO
Virtual CISO – An Appealing Alternative to CISO The cybersecurity market is in a state of influx as it matures into a more mainstream information technology service. As the number of cyber-attacks from e-mail phishing to sophisticated data farming are exponentially growing, there are not enough cyber security experts to keep up with the demand. […]
Separation of Untrusted Network Traffic on AudioCodes SBCs
Separation of Untrusted Network Traffic on AudioCodes SBCs Introduction This is the third in a series of articles on hardening AudioCodes Session Border Controllers (SBCs). The series is mostly following the guidance provided by AudioCodes. These articles are listed at the end of this article. AudioCodes recommends untrusted network traffic be both physically and logically separated […]
The Journey to Zero Trust
The Journey to Zero Trust The Zero Trust concept has been around for a while now, and the rise of remote work related to COVID lockdowns supercharged the Zero Trust conversation. Many organizations had to scramble to enable employees to work remotely but did not have technology environments that were prepared for it. As a […]
The Value of the Roadmap
The Value of the Roadmap Since making the transition to consulting from technology leadership roles, I am constantly surprised at how many organizations have not documented and agreed upon a technology roadmap, yet have spent enormous amounts of money and time purchasing licensing, hardware, and applications. This usually leads to an environment with overlapping products, […]
5 Ways to Help Remote Workers Be More Effective
5 Ways to Help Remote Workers Be More Effective As we continue to dissect the trends in remote work, we reflect on how to optimize this new work/life style for our users. Prior to the pandemic, less than 20% of U.S. employees reported working from home 5 days or more per week. Fast forward to […]
New Microsoft Defender Security Tools: MDEASM and MDTI
New Microsoft Defender Security Tools: MDEASM and MDTI Cybersecurity is ever-changing. New attacks and techniques are practically created every day. Organizations are getting more complex with multi-cloud environments. Data is exponentially growing and we are losing visibility into our assets due to poor governance. Last week, Microsoft announced two new Defender solutions as a result […]
New Microsoft Usage Workshops
New Microsoft Usage Workshops Many Microsoft cloud customers have taken advantage of incentive programs like workshops and deployment funds. Microsoft’s thinking is that by reducing the fees normally charged by qualified partners, customers pay less for a smooth onboarding of new tools and processes. To kickoff cybersecurity month, Microsoft is giving qualified customers a chance […]
Cyber Insurance Requiring MFA *Everywhere*
Cyber Insurance Requiring MFA Everywhere Cyber insurance providers are tightening their requirements for Multifactor Authentication. For starters, they are being more verbose about the systems and services on which MFA is enabled. They’re making what had been a very broad question into a set of discrete questions. Essentially, what was “Do you have MFA enabled?” […]
MFA is (Unconditionally) Not Enough
MFA is (Unconditionally) Not Enough Microsoft has seen a trending number of instances whereby an Office 365 user is phished and has their O365 session hijacked. The adversary uses the victim’s token to sidestep Multifactor Authentication (MFA), allowing the attacker into the victim’s email where they can impersonate and ask for bogus wire transfers. This […]
Finally! A Way to Remove the Last Exchange Server
Finally! A Way to Remove the Last Exchange Server Have you completed your migration to Exchange Online? Many years ago…good for you. But you are still running and Exchange Server on-premises, why? Recipient Management, ok, seems a bit overkill to me. Well up until now, it was the only way to manage recipients in Exchange […]