Analecta Cyber Company Blog


Are you Managing the Risk Management Process?

NIST risk management framework graphic Cyber Risk management strategy - Analecta LLC banner On December 20, 2018, the National Institute of Standards and Technology (NIST) released the final version of its NIST Special Publication 800-37 Revision 2, a Risk Management Framework (RMF) addressing both security and privacy concerns in IT risk management. This update connects the RMF with NIST’s well-known Cybersecurity Framework (CSF), highlighting relationships that exist between the two documents.


Establishing Your Company’s INFOSEC Policy

Information security keyboard graphic - establishing compay's infosec policy - Analecta LLC Establishing your company's InfoSec Policy - Analecta LLC Graphic bannerPreviously, we discussed ways to put Information Security, or INFOSEC, on everyone’s mind through entertaining but informative training. The creation of a security policy goes one step further by letting management and employees know what is expected and what actions are best in the interest of the business.


Calling a Spade a Spade… Incident Classification and Your Response Plan

Incident severity rating matrix Analectta-LLC graphic Incident Classification and your response plan banner graphic During a cybersecurity incident response, decisions need to be made quickly and accurately. One way to speed up response is to tailor YOUR incident response strategies and tasks to different types of cybersecurity incidents. By creating an incident classification framework or matrix, you will be able to prioritize incident response efforts and develop meaningful metrics for future remediation.


Analecta Cyber’s Emerging Threats Roundup

Analecta Cyber's emerging threats roundup - android mobile setting screenshot

Google Play Store removes adware-infected Android apps; 9M user downloads

Emerging Threats roundup - Google removed 9 million spyware-infected android apps Security researchers at Trend Micro announced on January 8 they had identified 85 Google Play Store apps that repeatedly displayed ads and maliciously hid while running in the background.


Log Aggregators: Deciding Between Off the Shelf or Rolling Your Own

Logging best practices Analecta LLC Log Aggregators - Deciding between off the shelf or rolling your own - Analecta Banner The NIST Cybersecurity Framework calls on organizations to monitor their information systems to identify unauthorized use, unauthorized local, remote and network connections, and indicators of potential attacks. To do this, NIST suggests collecting and correlating event data from multiple sources and sensors.