IT Security and Compliance Articles
Read articles from industry experts New Net Technologies to find out about best practices in keeping your IT systems secure.
- Category: NIST 800-171
The National Institute of Standards and Technology (NIST) latest publication, NIST 800-171, focuses on protecting Controlled Unclassified Information (CUI) within nonfederal information systems and organizations.
- Category: PCI DSS Compliance
New Year's is a time to look to the future and take stock of the past. In the PCI DSS space, it's also time to evaluate the state of what is now a pretty mature security standard.
- Category: General Data Protect Regulation GDPR
In this article with Information Security Buzz, NNT CTO Mark Kedgley interviews Information Security expert, David Froud, and discusses the myths and maths of GDPR as the May 2018 deadline fastly approaches.
- Category: PCI DSS Compliance
In this article, NNT interviews Stuart Golding, a Programme Manager for PCI DSS, as they examine the current state of PCI DSS and what the future holds for one of the most widely-implement cyber security standards.
- Category: Device Hardening
Security Best Practice advocates the minimizing of your IT systems' 'Attack Surface'. By using CIS Benchmark secure configuration guidance we can harden systems against attack. Known vulnerabilities can be removed and defenses strengthened by applying an expert-derived configuration policy.
- Category: CIS Controls
Have you heard of the CIS Control? Even though they're not part of any specified GRC (Governance, Risk Management, Compliance) mandate, they could actually be used as the foundation for them all. A light, straightforward hors d'oeuvre before you take on the mega-calorific, piled-high, full-fat platters of the multi-course feast that is a full Compliance standard.
- Category: File Integrity Monitoring
According to a report from Aberdeen Group, the median dwell time for data breaches between 2014 and 2016 was around 38 days, leaving data breaches undetected for nearly five to six weeks.
- Category: File Integrity Monitoring
Read NNT's CTO Mark Kedgley's latest article discussing the concept of alert fatigue and the need for forensic level, real-time integrity change monitoring, combined with blacklist/whitelist based analysis for breach detection, published with SCMagazine.
- Category: File Integrity Monitoring
Threats to theft of Intellectual Property, financial data, Cardholder Data, PII (Personally Identifiable Information) are more diverse and increasingly difficult to defend against. The traditional ‘internet vandalism’ from viruses is still an issue but the ‘threatscape’ in 2017 is far more diverse and dangerous than ever before.
- Category: File Integrity Monitoring
Has there ever been a more confusion-generating initiative than the PCI DSS? Even now, thirteen years on from its initial introduction, a clear and definitive understanding of what your organization needs to do may still be a challenge.
- Disable Windows Services
- What are the recommended Audit Policy settings for Windows & Linux
- Server Hardening Policy - Examples and Tips
- Server Hardening Checklist - Which Configuration Hardening Checklist Will Make My Server Most Secure?
- File Integrity Monitoring Software
- Windows Server 2008 2008R2 Hardening Guide
- Linux Server Hardening
- The Windows Advanced Audit Policy Configuration
- The Top Ten of Audit and Event Log Monitoring
- Which File Integrity Monitoring Technology Is Best For FIM? File Integrity Monitoring FIM or SIEM FIM?
New Net Technologies (NNT) is now part of Netwrix