NIST Archives - Cybersecurity Without Insanity

Don’t change your password

You don’t need to change your password every 90 days. You need to change your policy.

By Sam Glynn|2022-11-28T08:09:36+00:00November 28th, 2022|Categories: cybersecurity|Tags: daily, Multi-Factor Authentication, NIST, password manager, passwords|

Cyber 3-2-1: A Cyber Security Baseline Standard has just been published in Ireland, Bank of Ireland has been fined €24m for risks that never materialised, and. Ireland’s DPC tells us that If we have a complaint about a neighbour’s use of CCTV, we need to take it up with the courts. This week’s action: Review your Incident Response Plan.

By Sam Glynn|2021-12-03T09:02:10+00:00December 3rd, 2021|Categories: cybersecurity|Tags: bank of ireland, CBI, checklist, cirp, cryptocurrency, cyber321, dao, dpc, framework, godaddy, incident response plan, ncsc, NIST, regulator, third party risk management, tprm|

Cyber 321: 3rd October 2021

Cyber 3-2-1: What can we learn from the HSE attack? When is 2FA worth Sweet FA? Why wouldn’t cyber attackers be too worried about 30 countries working together to tackle the scourge of ransomware? This week’s action: Check for updates.

By Sam Glynn|2022-02-10T11:42:24+00:00October 3rd, 2021|Categories: cybersecurity|Tags: chrome, conti, cyber321, hse, Multi-Factor Authentication, NIST, ransomware, updates, whitelisting|

Cyber 321: 23rd July 2021

Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including why cybersecurity influences the valuation of a fintech, how cyber attackers are after your cryptocurrency, the steps recommended by NIST to reduce the risk of ransomware, the reward offered by the US government for information about cyberattackers and terrorists, and the ongoing problem of password reuse. This week’s action: Find out why passwords are like your toothbrush.

By Sam Glynn|2022-02-10T11:51:25+00:00July 23rd, 2021|Categories: cybersecurity|Tags: cryptocurrency, csf, cyber321, fintech, Multi-Factor Authentication, NIST, passwords, ransomware, startups, valuation|

Cyber 321: 18th June 2021

Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including how a framework like NIST CSF or CIS Controls can turbo-charge your security efforts, how our teenagers are ending up with convictions for money laundering and supporting terrorism, and how the FBI fooled 800 criminals into telling them all about their drug deals and other criminal activities. This week’s action: Tell your family to protect their bank accounts.

By Sam Glynn|2021-06-18T09:59:19+01:00June 18th, 2021|Categories: cybersecurity|Tags: CIS, cyber321, FBI, framework, ireland, Money Mules, NIST, ransomware|

Cyber 321: 23rd April 2021

Cyber 3-2-1: Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action, including a risk and compliance firm suffers a cyber attack due to stolen credentials, why resistance is futile when it comes ISO27001, and you need to talk to your teenager about the facts of (online) life. This week’s action: Stop relying on passwords to protect your money, data and identity

By Sam Glynn|2022-02-10T11:43:00+00:00April 23rd, 2021|Categories: cybersecurity|Tags: crisis PR, cyber essentials, cyber321, data breach, ISO27001, Microsoft, Money Mules, Multi-Factor Authentication, NIST, regtech, stolen credentials|

Don’t change your password

Cyber 321: 3rd December 2021

Cyber 321: 3rd October 2021

Cyber 321: 23rd July 2021

Cyber 321: 18th June 2021

Cyber 321: 23rd April 2021