There is a children’s book, “Inside, Outside, Upside Down” featuring The Berenstain Bears, that teaches young children about spatial concepts. When it comes to securing your organization’s data, it may feel like you need to cover all of the spaces: inside, outside, and even upside down. It’s no wonder, since security risks exist everywhere: inside the network and outside the firewall, from employees accidentally leaking information via their mobile devices to outside phishing and malware threats trying to get in. With these increased cyber risks, companies of all sizes are constantly challenged with how to spatially navigate the security landscape.Read More
Compliance is a journey, not a destination. While I am not the first to say this, I will reiterate that compliance is an ongoing, multi-step process. It’s not boxes to check off, “check it off and forget it,” but milepost markers along the way to ensure that compliance is consistent, such as ensuring that device inventories and configuration standards are kept up to date. Another term that is used for this check-box approach is “compliance cramming.”Read More
Compliance is a journey, not a destination—an ongoing, multistep process. It is not boxes to check off—check it and forget it—but milepost markers along the way to ensure that compliance is consistent, such as ensuring that device inventories and configuration standards are kept up to date. Another term that is used for this check-box approach is “compliance cramming.” This is when organizations “cram” for their annual assessment in a short period of time. Be aware, however, that auditors and regulators are becoming increasingly savvy about this approach and can identify the key markers when presented with evidence. Instead, being continually compliant along the way will help improve an organization’s security posture and reduce its overall risk. With this approach, successive inquiries will go smoothly and the stress of the audit process will be reduced significantly.Read More
Learn how to merge networks or migrate to a new network design using Cisco's virtual routing and forwarding tool.
Organizations have come to view networking and IT as a service: something they expect will always be available. Accomplishing this goal requires continuous planning, maintenance, and periodic hardware upgrades. In a previous article, I discussed signs that indicate when it's time to upgrade your network. In this article, I'll explain how to merge two networks or how to migrate to a new network design using a tool that you may not know you have.Read More
Skip Newberry, president of the Technology Association of Oregon and member of the Oregon Cybersecurity Advisory Council (OCAC), wrote a column for the Portland Business Journal this week which shared his conversations with several leading cybersecurity experts in Oregon about their predictions for 2018.
You can read the full PBJ article here.
OCAC Chair Kerri Fry, senior vice president of operations and finance at IGNW, stressed that it’s important for everyone, even competitors in business, to join in a common fight against cybercrime. “Where the rubber meets the road is when we break out of our ‘comfortable’ communities and stretch ourselves—with competitors or cross-sector industries. The common thread is the protection of information. In each industry, we all have information to protect,” she said.Read More
Redhawk Network Security, a provider of information security, network, and managed security services, today named Ben Gallo as president of the company. Gallo brings more than 20 years of experience in technology sales, leadership, and customer relations to his new role leading the company. This experience in growing teams will be invaluable as he builds on the company’s success and looks for new growth opportunities in the dynamic cybersecurity market.Read More
With the massive data breaches of 2017 in the rearview mirror, what cybersecurity headlines and developments can Oregonians expect in 2018? Building on the launch of Cyber Oregon in November, top cybersecurity experts and members of the Oregon Cybersecurity Advisory Council say it’s imperative that business leaders learn from the events of the past year, strengthen community involvement and continue to build awareness about cybersecurity issues.Read More
Daily news headlines scream high-profile information security failures and consequences—Hacked! Attacked! Ransomware!—reinforcing that the severity of risk posed to sensitive information is unprecedented. Security threats can put your organization and your customers’ sensitive information at risk, costing you in customer loss, diminished trust in your brand and regulatory fines. Where are our data? What are our security holes? What are our risk scenarios?
Over numerous client engagements, our findings indicate that a basic networking error or an older version of software that is rarely used could, in fact, be the vehicle a hacker needs to break in, exposing customer data and sensitive information.Read More
I recently wrote about how MSPs can help companies prepare for NIST 800-171 compliance. Yet, despite best compliance and security efforts, plans, and procedures, cyber incidents are still part of doing business. Your organization’s data has been breached, or will be at some point. Cybersecurity is often an afterthought or considered too expensive, leaving smaller organizations vulnerable and exposed—when in fact, half of all cyber attacks target small businesses, according to the National CyberSecurity Alliance.Read More
One of the common customer misconceptions I find is what I call "it's all IT" mindset. Typically, the customer has a small IT department of server and desktop teams that are also expected to run the network since "it's all IT." While this can work for a while, it will reach a tipping point when good enough falls over.Read More
Portland, Ore., Nov. 20, 2017 – Oregon Governor Kate Brown today proclaimed Nov. 20 as the “Oregon Day of Cyber” and officially launched the Cyber Oregon initiative at an event held at the Oregon Tech Portland-Metro campus in Wilsonville. Cyber Oregon is a statewide initiative powered by a public-private consortium including the Oregon Cybersecurity Advisory Council, Technology Association of Oregon, Oregon’s cyber-related industries, Oregon’s Executive Branch agencies, local governments, higher education institutions and other organizations to help build tangible solutions to protect the digital lives of all Oregonians.Read More
The deadline for meeting NIST 800-171compliance is December 31, 2017. Perhaps you are already on your journey, perhaps you are just starting; regardless, compliance must be met by the end of the year. What does this mean for you? The biggest takeaway is this: you have a limited amount of time to make significant progress to ensure your customer’s compliance. This will likely take a focused team of individuals, and possibly a partner with NIST 800-171 experience. Showing appreciable progress by customers towards compliance will help to assuage the regulators.Read More
TAO’s STEAM: Central Oregon to launch mentorship program in Central Oregon
BEND, Ore., November 14, 2017 – Technology Association of Oregon (TAO) Women in STEAM (science, technology, engineering, arts, and math) announces the start of a new mentorship program in Central Oregon. The objective of the program is to match female professionals in STEAM careers to build one-on-one professional relationships and friendships in order to help retain and encourage women in STEAM careers in the region. These mentorships can offer guidance, support, and advice to optimize success, increase their career satisfaction, and also to help navigate the unique challenges of being a woman in male-dominated workplaces.Read More
Please join us for "Oregon Day of Cyber," taking place on Monday, 11/20. Oregon Governor Kate Brown will kick off the event to launch cyber awareness initiatives, resources, and to unveil the new state-wide cybersecurity website. In attendance will be technology companies (including Redhawk Network Security), government, education, small businesses, law enforcement, students--all representing our state with different perspectives, but unified with a common goal: to protect the digital lives and data of all Oregonians.Read More
“Everyone in this room has been breached or will be at some point.” While cyber-attacks and data breaches were key topics—and key concerns—at the first annual Cybersecurity Education Summit in Bend, Ore., there was also ample discussion around how to protect companies big and small, available cybersecurity and networking resources, current cyber threats, and a “we’re-all-in-this-cybersecurity-thing-together” mentality. The summit was well attended by information technology (IT) security professionals in regional businesses and organizations of all types, representing a cross-section of interest from banking, healthcare, point-of-sale, local government, education, and technology.Read More
Information-technology security professionals gathered Friday at Oregon State University-Cascades to learn new ways to protect their companies from attacks like the one that affected 40 million Target customers, or the one that affected 1 billion Yahoo users.
While plenty of tools and procedures are available that will enhance cybersecurity, experts said an organization’s own employees and vendors can pose the greatest threats to its network.Read More
In today’s business world, companies and organizations throughout the world are operating in an environment of ongoing security threats, data breaches, malware, ransomware and the litany of other potential risks.
This all makes cybersecurity an intense focus of discussion for many private and public organizations throughout Oregon.Read More
BEND, Ore., October 18, 2017 – Technology Association of Oregon (TAO) and Redhawk Network Security announce the presenters for the Cybersecurity Education Summit, including experts from the United States Department of Homeland Security and the Interagency Countering Violent Extremism Task Force. The summit is a day for businesses and organizations to learn and discuss how to protect their sensitive information and assets and what resources are needed to address current and future cybersecurity threats. Cybersecurity is often an afterthought or considered too expensive, leaving smaller organizations vulnerable and exposed—when in fact, half of all cyber attacks target small businesses, according to the National CyberSecurity Alliance.Read More
There is a new Wi-Fi vulnerability that requires immediate action in order to protect your network. A new bug, "KRACK," puts almost every wireless-enabled device at risk for attack--including computers, phones, and routers. The bug exposes a flaw in WPA2, a common protocol used to secure most wireless networks. The flaw could allow an attacker to eavesdrop on your network traffic and potentially wreak havoc.Read More
BEND, Ore., October 10, 2017 – Redhawk Network Security, a provider of information security, network, and managed security services, announced the expansion of its engineering team to support the increasing demand for outsourced cybersecurity. Mike Hall joins Redhawk Network Security as senior network engineer. With more than 20 years of security and networking experience, as well as CCNP and CCNP-Security certifications, Mike brings extensive knowledge of network design, firewall design, network administration, disaster recovery planning, VPN configuration, and network planning and design—critical in today’s threat-filled business world.Read More