Analecta Cyber Company Blog: January 2019

2019-01-22

Establishing Your Company’s INFOSEC Policy

Information security keyboard graphic - establishing compay's infosec policy - Analecta LLC Establishing your company's InfoSec Policy - Analecta LLC Graphic bannerPreviously, we discussed ways to put Information Security, or INFOSEC, on everyone’s mind through entertaining but informative training. The creation of a security policy goes one step further by letting management and employees know what is expected and what actions are best in the interest of the business.

2019-01-15

Calling a Spade a Spade… Incident Classification and Your Response Plan

Incident severity rating matrix Analectta-LLC graphic Incident Classification and your response plan banner graphic During a cybersecurity incident response, decisions need to be made quickly and accurately. One way to speed up response is to tailor YOUR incident response strategies and tasks to different types of cybersecurity incidents. By creating an incident classification framework or matrix, you will be able to prioritize incident response efforts and develop meaningful metrics for future remediation.

2019-01-14

Analecta Cyber’s Emerging Threats Roundup

Analecta Cyber's emerging threats roundup - android mobile setting screenshot

Google Play Store removes adware-infected Android apps; 9M user downloads

Emerging Threats roundup - Google removed 9 million spyware-infected android apps Security researchers at Trend Micro announced on January 8 they had identified 85 Google Play Store apps that repeatedly displayed ads and maliciously hid while running in the background.

2019-01-08

Log Aggregators: Deciding Between Off the Shelf or Rolling Your Own

Logging best practices Analecta LLC Log Aggregators - Deciding between off the shelf or rolling your own - Analecta Banner The NIST Cybersecurity Framework calls on organizations to monitor their information systems to identify unauthorized use, unauthorized local, remote and network connections, and indicators of potential attacks. To do this, NIST suggests collecting and correlating event data from multiple sources and sensors.

2019-01-07

Analecta Cyber’s Emerging Threats Roundup

Marriott building entrance - Emerging threats - Marriott hacking

UPDATE - Marriott: Hackers accessed only 383M records - not 500M;
5.25M unencrypted passport numbers included

Emergy threats round up banner - Analecta LLC In Marriott’s January 4, 2019 press release, the company updated their assessment of the number of guests whose passport numbers and payment card numbers were involved in the Starwood reservations database security incident announced on November 30, 2018. Marriott entrance building image - Marriott hacked story