The Schneider Downs cybersecurity team answers some of the top cybersecurity questions of 2021 they have encountered in the field in our new video series.
In support of Cybersecurity Awareness Month 2021, members of the Schneider Downs cybersecurity team answer some of the top questions they have faced in the field over the last ten months. This series of short videos covers topics including the future of penetration testing, how to reduce false positives from automated tools, why cyber insurance premiums are increasing and password policies. Cybersecurity Manager David Murphy kicks off the series answering the question:
How can we better manage false positives from automated tools without reducing security?
You can view the full series at https://vimeo.com/showcase/8866271 and individual videos at the links below.
- [Cloud Penetration Testing] Once everything is in the cloud, will people still need penetration testing?
- [Compliance Frameworks] How do I know which compliance requirements my organization should follow/adhere to?
- [Cyber Insurance] Why are cyber insurance premiums increasing?
- [Digital Forensics] What TTPs can we expect threat actors to be utilizing over the next few months?
- [Incident Response] One of our users opened a malicious attachment, but shut down their computer about 20 minutes later. What now?
- [Multifactor Authentication] Are there any MFA methods more/less secure than the others? (Push Notification, PIN, SMS, Token, etc)
- [Network Penetration Testing] Why do our pentesters own us year after year, even though we keep fixing all the findings each time?
- [Password Blacklisting] We have strong password policies, but users keep making guessable passwords that meet our requirements… Please help!
- [Phishing] We run our own internal phishing campaigns every quarter, so can we exclude phishing from our annual penetration test?
- [Purple Teaming] How can we better manage false positives from automated tools without reducing security?
Additional Resources
The Schneider Downs cybersecurity team is offering several new security awareness resources for Cybersecurity Awareness Month at www.schneiderdowns.com/ncsam.
We are also hosting a webinar exploring the benefits of a purple team assessment on November 10, 2021 at 10:00 a.m. EST. You can learn more and register for the webinar at www.schneiderdowns.com/the-benefits-of-a-purple-team-assessment.
In addition to our new video series and webinar, you can view our entire library of cybersecurity resources including whitepapers, infographics and articles at www.schneiderdowns.com/cybersecurity/resources.
Related Articles
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].
In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.