The financial sector saw 148 data breaches in 2017, with 92% of threats coming from external sources. There’s no question that security threats put your organization and your customers’ sensitive information at constant risk, potentially costing you in customer loss, diminished trust in your brand, regulatory fines, class action lawsuits, and even jail time.Read More
Who are the biggest targets for hackers and cybercriminals? You are. Intruders are finding the holes in your network, your devices, your applications—and they are accessing your data. The majority of organizations do not have the security resources or the required security solutions in place for 24x7x365 threat detecting, monitoring and response.Read More
NW Cyber Camp 2018 is a week-long summer camp where high school students get immersed in cybersecurity. The Camp takes place July 16 through July 20, 2018 in five locations across Oregon. Toni Overton, implementation officer at Redhawk, will be teaching the camp in Bend, along with Redhawk's CTO, Tyler Hardison. Together, with other educators and professionals, they will teach students how to defend computer systems and networks from cyberattacks, breaches, and malware. By supporting and encouraging high school students to get excited and empowered about technology, they may pursue a future in technology..Read More
Tyler Hardison discusses the importance of a risk assessment in his blog published on ISACA's Journal, "The Assessment Will Help Your Organization Tackle Any Security Obstacle." When it comes to managing information security, repeated assessments and tests allow for continuous, targeted improvements that allow for optimal risk mitigation over the long term.Read More
Tyler Hardison, chief technology officer at Redhawk Network Security, was interviewed on Central Oregon Daily about NW Cyber Camp, a hands-on, immersive, cybersecurity camp for high school students. He is one of the instructors.Read More
Hacked! Attacked! Leaked! Daily news headlines scream high-profile information security failures and their consequences, emphasizing that the severity of the risk posed by technology and the management, storage and transmission of massive quantities of sensitive information is unprecedented. Tyler Hardison discusses the importance of the assessments in his in-depth feature in ISACA's Journal, Volume 3, 2018:Read More
The cybersecurity talent crunch is putting the squeeze on enterprises of all sizes. There just doesn’t seem to be enough expertise to solve the cascade of digital security woes enterprises face or manage their high-intensity solutions like SIEM or EDR. It is of no surprise then that so many enterprises are turning to managed security services providers to help them fight off hackers and insider threats alike.Read More
There is a children’s book, “Inside, Outside, Upside Down” featuring The Berenstain Bears, that teaches young children about spatial concepts. When it comes to securing your organization’s data, it may feel like you need to cover all of the spaces: inside, outside, and even upside down. It’s no wonder, since security risks exist everywhere: inside the network and outside the firewall, from employees accidentally leaking information via their mobile devices to outside phishing and malware threats trying to get in. With these increased cyber risks, companies of all sizes are constantly challenged with how to spatially navigate the security landscape.Read More
Compliance is a journey, not a destination. While I am not the first to say this, I will reiterate that compliance is an ongoing, multi-step process. It’s not boxes to check off, “check it off and forget it,” but milepost markers along the way to ensure that compliance is consistent, such as ensuring that device inventories and configuration standards are kept up to date. Another term that is used for this check-box approach is “compliance cramming.”Read More
Compliance is a journey, not a destination—an ongoing, multistep process. It is not boxes to check off—check it and forget it—but milepost markers along the way to ensure that compliance is consistent, such as ensuring that device inventories and configuration standards are kept up to date. Another term that is used for this check-box approach is “compliance cramming.” This is when organizations “cram” for their annual assessment in a short period of time. Be aware, however, that auditors and regulators are becoming increasingly savvy about this approach and can identify the key markers when presented with evidence. Instead, being continually compliant along the way will help improve an organization’s security posture and reduce its overall risk. With this approach, successive inquiries will go smoothly and the stress of the audit process will be reduced significantly.Read More
Learn how to merge networks or migrate to a new network design using Cisco's virtual routing and forwarding tool.
Organizations have come to view networking and IT as a service: something they expect will always be available. Accomplishing this goal requires continuous planning, maintenance, and periodic hardware upgrades. In a previous article, I discussed signs that indicate when it's time to upgrade your network. In this article, I'll explain how to merge two networks or how to migrate to a new network design using a tool that you may not know you have.Read More
Skip Newberry, president of the Technology Association of Oregon and member of the Oregon Cybersecurity Advisory Council (OCAC), wrote a column for the Portland Business Journal this week which shared his conversations with several leading cybersecurity experts in Oregon about their predictions for 2018.
You can read the full PBJ article here.
OCAC Chair Kerri Fry, senior vice president of operations and finance at IGNW, stressed that it’s important for everyone, even competitors in business, to join in a common fight against cybercrime. “Where the rubber meets the road is when we break out of our ‘comfortable’ communities and stretch ourselves—with competitors or cross-sector industries. The common thread is the protection of information. In each industry, we all have information to protect,” she said.Read More
Redhawk Network Security, a provider of information security, network, and managed security services, today named Ben Gallo as president of the company. Gallo brings more than 20 years of experience in technology sales, leadership, and customer relations to his new role leading the company. This experience in growing teams will be invaluable as he builds on the company’s success and looks for new growth opportunities in the dynamic cybersecurity market.Read More
With the massive data breaches of 2017 in the rearview mirror, what cybersecurity headlines and developments can Oregonians expect in 2018? Building on the launch of Cyber Oregon in November, top cybersecurity experts and members of the Oregon Cybersecurity Advisory Council say it’s imperative that business leaders learn from the events of the past year, strengthen community involvement and continue to build awareness about cybersecurity issues.Read More
Daily news headlines scream high-profile information security failures and consequences—Hacked! Attacked! Ransomware!—reinforcing that the severity of risk posed to sensitive information is unprecedented. Security threats can put your organization and your customers’ sensitive information at risk, costing you in customer loss, diminished trust in your brand and regulatory fines. Where are our data? What are our security holes? What are our risk scenarios?
Over numerous client engagements, our findings indicate that a basic networking error or an older version of software that is rarely used could, in fact, be the vehicle a hacker needs to break in, exposing customer data and sensitive information.Read More
I recently wrote about how MSPs can help companies prepare for NIST 800-171 compliance. Yet, despite best compliance and security efforts, plans, and procedures, cyber incidents are still part of doing business. Your organization’s data has been breached, or will be at some point. Cybersecurity is often an afterthought or considered too expensive, leaving smaller organizations vulnerable and exposed—when in fact, half of all cyber attacks target small businesses, according to the National CyberSecurity Alliance.Read More
One of the common customer misconceptions I find is what I call "it's all IT" mindset. Typically, the customer has a small IT department of server and desktop teams that are also expected to run the network since "it's all IT." While this can work for a while, it will reach a tipping point when good enough falls over.Read More
Portland, Ore., Nov. 20, 2017 – Oregon Governor Kate Brown today proclaimed Nov. 20 as the “Oregon Day of Cyber” and officially launched the Cyber Oregon initiative at an event held at the Oregon Tech Portland-Metro campus in Wilsonville. Cyber Oregon is a statewide initiative powered by a public-private consortium including the Oregon Cybersecurity Advisory Council, Technology Association of Oregon, Oregon’s cyber-related industries, Oregon’s Executive Branch agencies, local governments, higher education institutions and other organizations to help build tangible solutions to protect the digital lives of all Oregonians.Read More
The deadline for meeting NIST 800-171compliance is December 31, 2017. Perhaps you are already on your journey, perhaps you are just starting; regardless, compliance must be met by the end of the year. What does this mean for you? The biggest takeaway is this: you have a limited amount of time to make significant progress to ensure your customer’s compliance. This will likely take a focused team of individuals, and possibly a partner with NIST 800-171 experience. Showing appreciable progress by customers towards compliance will help to assuage the regulators.Read More
TAO’s STEAM: Central Oregon to launch mentorship program in Central Oregon
BEND, Ore., November 14, 2017 – Technology Association of Oregon (TAO) Women in STEAM (science, technology, engineering, arts, and math) announces the start of a new mentorship program in Central Oregon. The objective of the program is to match female professionals in STEAM careers to build one-on-one professional relationships and friendships in order to help retain and encourage women in STEAM careers in the region. These mentorships can offer guidance, support, and advice to optimize success, increase their career satisfaction, and also to help navigate the unique challenges of being a woman in male-dominated workplaces.Read More