Sage Advice - Cybersecurity Blog

What Makes a Strong Password and Six Steps to Create One

Passwords are one of the most important things under my control that I can use to secure my information online. And while intellectually I understand this – and believe it is my civic responsibility to be cyber aware – I still think they are a major inconvenience.  Especially considering the number of online accounts I have to manage.  And I know I’m not alone in this.  According to this infographic, the average number of accounts registered to one email in the United States is 130… and the number of accounts we use is doubling every five years!  That’s a lot to keep track of!

Read More

Topics: Security Policy, Cyber Defense

A New Role: Threat Intelligence & Information Sharing

As discussed in previous posts, a threat intelligence program can help organizations more quickly understand and effectively respond to the evolving threat environment.  And with this new program, gathering, analyzing, distributing, and sharing threat intelligence has added a whole new list of tasks to the cybersecurity “to-do list.”  Therefore, it's no suprise that one of the top predictions in the McAfee Threat Prediction Report of 2016, was that this function is going to be maturing very rapidly in the coming year.

Read More

Topics: Security Policy, Threat Intelligence, Information Sharing

Seven Characteristics of a Successful Information Security Policy

The role of policy is to codify guiding principles, shape behavior, provide guidance for decision makers, and serve as an implementation roadmap.  An information security policy is a directive that defines how an organization is going to protect its information assets and information systems, ensure compliance with legal and regulatory requirements, and maintain an environment that supports the guiding principles. 

Read More

Topics: Compliance, Security Policy

The Two Faces of Privacy

With cyber-threats growing by the minute, it’s easy to see why data security professionals get hyper-focused on securing their organizations against attacks and all the technologies, practices, and processes that entails. Ultimately, what they’re protecting, though, is the privacy of data — their own and that of their customers, constituents, partners, and other stakeholders.

Read More

Topics: Security Policy, CyberCrime Symposium

Five Facts You Should Know About Internet Explorer Lifecycle Support

Being aware of Internet Explorer lifecycle support, and how it impacts your organization are important.  Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates.  For systems running Windows 7 SP1 this means only Internet Explorer 11 will be supported.  The table shown below lists the most current version of Internet Explorer by operating system. 

Read More

Topics: Compliance, Security Policy

In Information Security... Words Matter

Eschew Obfuscation, Espouse Elucidation... The language of information security is replete with technical jargon, confusing acronyms, inconsistent terminology and negative phrases. Words matter. What we say and how we say it influences users, stakeholders and decision makers. In this presentation from the 2014 RSA Conference, Sari Greene examines the language of security and explore how we can make a positive change in our collective vocabulary.

Read More

Topics: Security Policy