{"id":25,"date":"2023-10-21T16:14:38","date_gmt":"2023-10-21T16:14:38","guid":{"rendered":"https:\/\/cybermike.io\/?page_id=25"},"modified":"2023-12-04T21:02:48","modified_gmt":"2023-12-05T02:02:48","slug":"home","status":"publish","type":"page","link":"https:\/\/cybermike.io\/","title":{"rendered":"Home"},"content":{"rendered":"\n
<\/span>\"\"
\n

<\/p>\n\n\n\n

Welcome to Cyber Mike’s<\/mark><\/strong>
Cybersecurity Homepage<\/h2>\n\n\n\n

Thank you for visiting my Cybersecurity vision.
Please feel free to contact me with any questions.<\/p>\n\n\n\n

\n
About Me<\/a><\/div>\n\n\n\n
Add me to your LinkedIn<\/a><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n
\n\n\n\n

Cybersecurity Principles – CIA Triad+<\/h2>\n\n\n\n
\n\n\n\n

<\/p>\n\n\n\n

\n
\n
\n
\n
\"\"<\/figure>\n<\/div>\n\n\n\n
\n
Confidentiality<\/h6>\n\n\n\n

Prevent sensitive information from unauthorized access attempts.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

\n
\n
\n
\"\"<\/figure>\n<\/div>\n\n\n\n
\n
Integrity<\/h6>\n\n\n\n

Maintain the consistency, accuracy and trustworthiness of data over its entire lifecycle.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

\n
\n
\n
\"\"<\/figure>\n<\/div>\n\n\n\n
\n
Availability<\/h6>\n\n\n\n

Information should be consistently and readily accessible for authorized parties.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

\n
\n
\n
\n
\"\"<\/figure>\n<\/div>\n\n\n\n
\n
Training & Awareness<\/h6>\n\n\n\n

Educate employees about cybersecurity threats, risks and best practices.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

\n
\n
\n
\"\"<\/figure>\n<\/div>\n\n\n\n
\n
Incident Response<\/h6>\n\n\n\n

Organized approach to addressing and managing the aftermath of a cyber event.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

\n
\n
<\/div>\n\n\n\n
\n
<\/h6>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n
\n\n\n\n
\n

NIST Cybersecurity Framework<\/h4>\n\n\n\n
\n\n\n\n

IDENTIFY<\/strong>
Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.<\/p>\n\n\n\n

PROTECT<\/strong>
Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.<\/p>\n\n\n\n

DETECT<\/strong>
Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.<\/p>\n\n\n\n

RESPOND<\/strong>
Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.<\/p>\n\n\n\n

RECOVER<\/strong>
Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.<\/p>\n<\/div>

\"\"<\/figure><\/div>\n\n\n\n
\n\n\n\n
\n

INCIDENT RESPONSE – PICERL<\/h4>\n\n\n\n
\n\n\n\n
\n
\n

PREPARE<\/strong>
Fail to Prepare, Prepare to Fail. When not actively responding to an incident, you are in this phase. Strive to get better with continuous improvement and attack surface reduction. System hardening, vulnerability management, patching, monitoring, documentation, training and practice are some things you should focus on.<\/p>\n\n\n\n

IDENTIFY<\/strong>
Something has happened, act quickly and accurately to assess the situation and properly determine if it really is in incident. Make sure to categorize the incident and prioritize the incident based on severity, risk and impact. Make sure to escalate if needed to ensure the proper incident responders are working any confirmed incidents.<\/p>\n\n\n\n

CONTAIN<\/strong>
The goal here is to stop the attack from spreading. Do not rush into this to ensure there are no holes in your containment. You need to prevent things from getting worse by being decisive with your actions.<\/p>\n\n\n\n

ERADICATE<\/strong>
Get the attacker completely out and keep them out in the future. This should be the more permanent fix that happens after the threat has been contained. Complete any hardening, patching and additional configuration required. Make sure to continue monitoring.<\/p>\n\n\n\n

RECOVER<\/strong>
Restore affected systems back to their previous state with additional measures in place to ensure the incident or a similar incident cannot happen again. Test monitor and validate your systems as they are restored. Get things back to normal. <\/p>\n\n\n\n

LESSONS LEARNED<\/strong>
Document and Learn. What happened in the incident? How did the incident happen? How was the incident dealt with? What went well with the incident response? What went bad with the incident response? What needs to be changed in the incident response plan?<\/p>\n<\/div>\n<\/div>\n<\/div>

\"\"<\/figure><\/div>\n\n\n\n
\n
\n<\/div>\n\n\n\n
\n

<\/p>\n\n\n\n

DEFENSE IN DEPTH<\/h4>\n\n\n\n
\n\n\n\n

<\/p>\n\n\n\n

PERIMETER SECURITY<\/strong>
Firewall, Penetration Testing, IDS\/IPS, DDoS Protection<\/p>\n\n\n\n

NETWORKING SECURITY<\/strong>
VPN, Wi-Fi Security, Secure DMZ, MDR, Continuous Monitoring<\/p>\n\n\n\n

ENDPOINT SECURITY<\/strong>
NGAV\/EDR, Asset Tracking, Rogue Device Monitoring, Patch Management, MFA, Endpoint Encryption<\/p>\n\n\n\n

DATA SECURITY<\/strong>
PAM, MFA, Email Encryption, Data Backups, Database Monitoring, SIEM<\/p>\n\n\n\n

BUSINESS OPERATIONS<\/strong>
Service Desk, SOC, Business Continuity, Disaster Recovery, Policies & Procedures, Governance, User Training, Vulnerability Management<\/p>\n\n\n\n

PHYSICAL SECURITY<\/strong>
CCTV Security System, Access Control System, Guest Management, Alarm System, Power Backup, Fire Suppression<\/p>\n<\/div>

\"\"<\/figure><\/div>\n\n\n\n

<\/p>\n\n\n\n

\n\n\n\n

CYBERSECURITY MESH ARCHITECTURE<\/h4>\n\n\n\n
\n
\n
\n<\/div>\n<\/div>\n\n\n\n

<\/p>\n\n\n\n

\n
\n
\n
\n

Securing our devices and data <\/strong>regardless of location, device or data state (at rest, in transit) by leveraging various technologies and processes <\/strong>(both automated and human-based processes).<\/p>\n\n\n\n

Extending Cybersecurity controls <\/strong>everywhere needed by ensuring our platforms are scalable, flexible and resilient.<\/p>\n\n\n\n

Standardizes our incident response<\/strong>, threat mitigation and event recovery strategy. (our responses become consistent, rehearsed and efficient).<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Cybersecurity Principles – CIA Triad+ Confidentiality Prevent sensitive information from unauthorized access attempts. Integrity Maintain the consistency, accuracy and trustworthiness of data over its entire lifecycle. Availability Information should be consistently and readily accessible for authorized parties. Training & Awareness Educate employees about cybersecurity threats, risks and best practices. Incident Response Organized approach to addressing and managing the aftermath of a cyber event. CYBERSECURITY MESH ARCHITECTURE Securing our devices and data regardless of location, device or data state (at rest, in transit) by leveraging various technologies and processes (both automated and human-based processes). Extending Cybersecurity controls everywhere needed by ensuring…<\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-templates\/no-sidebar-no-title.php","meta":{"footnotes":""},"class_list":["post-25","page","type-page","status-publish","hentry","no-post-thumbnail"],"_links":{"self":[{"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/pages\/25","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybermike.io\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=25"}],"version-history":[{"count":24,"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/pages\/25\/revisions"}],"predecessor-version":[{"id":660,"href":"https:\/\/cybermike.io\/index.php?rest_route=\/wp\/v2\/pages\/25\/revisions\/660"}],"wp:attachment":[{"href":"https:\/\/cybermike.io\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=25"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}