Office of The CISO Knowledge Base

Mindblown: a blog about philosophy.

  • Palo Alto vs Fortinet Firewalls Cost and Performance

    Palo Alto Firewalls and Fortinet FortiGate Firewalls are two of the most popular firewall solutions on the market, each with its own strengths and weaknesses. Here’s a comparison of these two products from a cost and performance standpoint: Cost: When it comes to cost, Fortinet FortiGate Firewalls generally have a lower upfront cost than Palo…

  • Cybersecurity Framework Benefits For Federal Agencies

    In today’s digital age, cybersecurity has become a critical issue for federal agencies. As the number of cyberattacks continues to rise, federal agencies are under increasing pressure to protect sensitive information and critical infrastructure from cyber threats. The cybersecurity framework provides a comprehensive set of guidelines and best practices that can help federal agencies improve…

  • CISOs are Stressed and Burned Out

    Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes. But for cybersecurity professionals, stress has always been a part of the job. A new survey revealed that one of the most concerning aspects of employee mental health…

  • BlackLotus – First EUFI Bootkit Malware To Bypass Windows 11 Secure Boot

    The Slovak cybersecurity company ESET has discovered the first publicly known malware capable of bypassing Secure Boot defenses in Unified Extensible Firmware Interface (UEFI) bootkits, called BlackLotus. The bootkit is capable of running on fully updated Windows 11 systems, disabling OS-level security mechanisms, and deploying arbitrary payloads during startup with high privileges. According to ESET,…

  • Cybercriminals Targeting Law Firms With GootLoader and FakeUpdates

    The following article was originally published on The Hacker News on March 1st, 2023, and discusses the recent targeting of law firms by cybercriminals using GootLoader and FakeUpdates malware. Six law firms have fallen victim to two separate cyber threats, which utilized GootLoader and FakeUpdates (also known as SocGholish) malware, between January and February of…

  • Top 3 Vulnerability Scanners Today

    In today’s interconnected world, security is a top priority for businesses and individuals alike. Vulnerability scanners play a crucial role in identifying potential security risks and helping organizations mitigate them before they can be exploited. In this article, we’ll take a closer look at the top three vulnerability scanners on the market. Nessus is a…

  • What is a Vulnerability Scanner?

    In today’s interconnected world, cybersecurity threats have become increasingly complex and sophisticated. It’s no longer enough to have a strong firewall or antivirus software installed on your system. Companies and individuals alike need to be proactive in identifying vulnerabilities in their systems to prevent cyber attacks. One such tool that has become popular in recent…

  • What is Penetration Testing and Why Is It Important?

    In today’s highly digitized world, cybersecurity has become a critical concern for all organizations, both big and small. The ever-increasing number of cyberattacks and data breaches has highlighted the need for effective security measures to protect sensitive information. One such measure is penetration testing, which plays a crucial role in identifying vulnerabilities in an organization’s…

  • How To Start Building an Information Security Policy

    In today’s world, information security is a critical component of any organization’s success. An information security policy is a key document that outlines an organization’s approach to protecting sensitive data and information from unauthorized access, use, disclosure, and destruction. Building an effective information security policy can be a complex process, but there are several steps…

  • What is Information Security All About?

    Information security, also known as cybersecurity, is the practice of protecting digital information from unauthorized access, theft, damage, or misuse. With the rapid increase in technology and digitization, information security has become more important than ever before. It is crucial for individuals, businesses, and organizations to secure their sensitive data and systems from potential threats…

Got any book recommendations?

Get In Touch