In With the New: CIS Critical Security Controls, v 6.0

11.06.2015 by Jen Fox

Back in March, I wrote about why I like doing Critical Security Controls assessments  for clients, and it is still true. And – exciting news! There is a new version of the Critical Security Controls out, and there are some significant changes. [Read more...]

What Does “Quick Win” Mean to You?

05.01.2015 by Jen Fox

Quick Wins - everyone wants a few of those, right? Especially when there is a long list of tasks that need to be accomplished. Certainly it’s easy for someone *else* to declare what ought to be a “quick win” for *you*, when they aren’t the ones who ... [Read more...]

Where Do You Start if You Don’t Know Where You Are?

03.13.2015 by Jen Fox

You see the headlines. Maybe you’ve gotten letters from companies that have lost your personal data. Even worse, maybe your company experienced a data breach or security incident first hand. You know what controls and security measures you have in ... [Read more...]

Focus on Governance: Creating Relevant Policies

09.12.2014 by Jen Fox

Recently I’ve been helping clients review and craft policies for their organizations. It’s a challenging process seldom at the top of anyone’s list when compared to everyday operations and concerns. Policy provides an important foundation for every ... [Read more...]

SIEM and SANS 20 Working Together

08.15.2014 by VioPoint Blogger

Last month I wrote for Alien Vault about SANS 20 Critical Controls and How SIEM could address several controls.  I truly believe SIEM can be a powerful control and become an excellent tool to close the gap between detection and response. It’s also ... [Read more...]

SANS Critical Security Controls and SIEM

11.22.2013 by VioPoint Blogger

Security may be approached from different ways depending on the organization. Some organizations may adopt a policy approach such as ISO 2700x or may drive their security program based on compliance (HIPAA, PCI, GLBA, etc.) Personally, I’m a ... [Read more...]

Follow the Bouncing Ball

08.22.2012 by VioPoint Blogger

In the Early Stages of  Your Risk and Compliance Strategy From a risk and compliance perspective, we see many organizations chase the most recent security event.  Much like the little soccer players chasing the ball, many customers swarm from one ... [Read more...]

Latest Blog Posts


see all