Sage Advice - Cybersecurity Blog

Privacy’s Conflicting Interests

Why CISOs Need to Care About Privacy

Lessons from the 2018 CyberCrime Symposium

Easy Tools to Help You Create Cybersecurity Checklists that Work

Checklists to Keep Your Cybersecurity Program on Track

How Checklists Can Improve Your Cybersecurity Program

Why are Cyberattacks in the Healthcare Sector on the Rise?

Understanding the Cybersecurity Threats That Put Your Business at Risk

Medical Identity Theft: Tips for Detection, Correction, and Protection

Managing Vendor Cybersecurity Risk: Lessons from the Mega Breach that Started it All

Why Managing Third-Party Cybersecurity Risk Matters

Seven Steps to a Successful Vendor Risk Management Program

10 Tips to Reduce Common Vulnerabilities Exploited by Cybercriminals

What’s the Difference between a Penetration Test and a Vulnerability Assessment?

Types of Penetration Tests and Why They are Important

Sage Data Security Joins Tyler Technologies

Cybersecurity Metrics Your Board of Directors Should Care About & Why

Cybersecurity Questions Board of Directors Should Be Asking

How to Make Your Board of Directors Cyber Smart

Cybersecurity Roles and Responsibilities for the Board of Directors

What We Can Learn from the Top 8 Cybersecurity Fails of 2017

Why Your Business Should Consider Managed Threat Detection

Threat Hunting: Common Attack Vectors and Delivery Channels

Threat Hunting: Six Cyber Adversaries to Pursue

Four Cybersecurity Myths Organizations Need to Bust

Threat Hunting: Anatomy of a Cyber Attack

Cyber Threat Hunting and Indicators of a Cyber Attack

Meltdown and Spectre: How to Move Forward

Understanding the General Data Protection Regulation (GDPR) and What it Means for Businesses Worldwide

Become Bilingual and Bridge the Gap

Putting Federal Cybersecurity Policy in Perspective

Disrupt and Transform but Don’t Neglect Cybersecurity

Assume Compromise: Protect, Detect and Respond

Red Team Reality Check

Dispatches from the Dark Side of the ‘Net

Cybercrime-as-a-Service... Can You Spot the Cybercriminal?

Lessons from the 2017 CyberCrime Symposium

Implications of the Equifax Data Breach and Steps to Protect Yourself

Lessons Organizations Should Learn from the Equifax Data Breach

What You Need to Know about Fileless Malware

An Introduction to Cyber Threat Hunting

Why Technology Lifecycle Management is Important to your Business

Lifecycle Management: How to Minimize Risks as Technology Evolves

A Primer on SSL Certificate Authorities

Measuring the Effectiveness of your Cybersecurity Program

Sage Advice on Threat Intelligence

The Future of Ransomware and How to Protect Your Business

The Evolution of Ransomware and How to Protect Your Business

How to Detect and Respond to Insider Threats

Tips to Avoid the Insider Threat

Identifying the Malicious Insider Threat

Cybersecurity and the Insider Threat

A Look at Network Segmentation from a Hacker’s Point of View

Network Segmentation: How-To Tips

Network Segmentation: Considerations for Design

The Security Benefits of Network Segmentation

Elements of an Information Security Policy Hierarchy

Understanding Information Security Policies

What is Risk Management?

Complying with the 23 NYCRR 500 Cybersecurity Regulation

How to Define Cybersecurity Risk

Cybersecurity Compliance Assessments: It’s All About Interpretation

Assessing your Control Environment in a Risk Assessment

Fundamental Objectives of Information Security: The CIA Triad

6 Steps to a Cybersecurity Risk Assessment

Creating a Cybersecurity Culture Part 5: Practice Matters

Creating a Cybersecurity Culture Part 4: Technology

Creating a Cybersecurity Culture Part 3: Process

Creating a Cybersecurity Culture Part 2: People First

Creating a Cybersecurity Culture Part 1: Institutional Memory

Assessing Vendor Cyber Readiness: What to Look for in a SOC Report

Managing Vendor Cybersecurity Risk: What to Do Before You Sign

Creating a Vendor Management Program to Mitigate Cybersecurity Risk

Windows SMB Zero Day Exploit Threat Advisory

Conducting a Cyber-Crime Exercise in a Smaller Enterprise

What You Don’t Know: Cyber Defense Against Unknown Threats

Cyber Insurance: Are You Covered?

Behind the Scenes: Demystifying Malware

Cybercrime Attribution Analysis:  The Cyber Who Done It

Don’t Blame Bitcoin for Ransomware

Cybersecurity Awareness Can Be Fun and Games

Mobile Malware’s Getting Smarter

Managing IoT Risk: The Internet of Things is a Lot of Things

Lessons from the 2016 CyberCrime Symposium

What to Consider When Creating Your Business' Mobile Device Policy

What’s the Best Mobile Device Management Strategy for my Organization?

Mobile Application Security: Features to Include in Your Mobile App

Infographic: Twelve Tips to Defend Against Cyber-Attacks

Three Ways to Frustrate a Hacker… and Maybe Avoid a Breach

What Makes a Strong Password and Six Steps to Create One

Cybersecurity Readiness: Defense-in-Depth

Buckle Up! It’s Cybersecurity Awareness Month!

It's More than a Vulnerability Scan: Penetration Testing Explained

Navigating a HIPAA Reporting Event when Hit with Ransomware

How to Defend Your Organization Against Social Engineering Attacks

Four Simple Tricks to Stop a Social Engineering Attack in its Tracks

Why We’re Vulnerable to Social Engineering Attacks

Continuous PCI Compliance is Here

A New Role: Threat Intelligence & Information Sharing

The Basics of Threat Intelligence Sharing

A Guide to Cyber Threat Intelligence Sources

Developing a Cyber Threat Intelligence Program

Ransomware Defense Tips - Incident Response Preparation

Sage Data Security Participates in Cyber Shield 2016

Exploit Kit 101 - What You Need to Know

MSIL / Samas.A Ransomware Advisory

The Current State of Ransomware

NIST Framework for Improving Critical Infrastructure Cybersecurity

Video: How a Log Analysis Service can Better Secure your Network

Video: The Importance of Threat Intelligence in Detecting Network Threats

Video: How Firewall Log Analysis Differs from Firewall Monitoring

Video: Why Human Intelligence is Essential for Consistent Data Breach Detection

Threat Modeling Simplified

Cisco ASA IKEv1 and IKEv2 Buffer Overflow Vulnerability Advisory

Seven Types of Malware You Should Be Aware Of

Seven Characteristics of a Successful Information Security Policy

Understanding the FFIEC Cybersecurity Assessment Tool

A Secure Web — Get There From Here

A Community Watch for Cybersecurity

Framing Cybersecurity Risk Management: V.1.0

The Job Ahead: Securing IoT

.BANK-ing on Better Cybersecurity

Stuxnet: Lessons in Digital Warfare for Cybersecurity Pros

Cybersecurity Gets Its Due

The Two Faces of Privacy

Lessons from the 2015 CyberCrime Symposium

Vendor Management Best Practice for Non-Regulated Industries

How to Manage your Electronic Connections when Changing Jobs

Why Isn’t Antivirus Software Enough for Malware Detection?

An Overview of Malware Detection and Prevention Controls

Cybersecurity Exam Expectations - Five Key Areas You Should Focus On

Cyber Threat Detection - 5 Keys to Log Analysis Success [infographic]

Vendor Management - Tips for Creating a Vendor List

How to Avoid Malware Infection from a Phishing Email

Video: Malware Detection: When Real-Time Alerts Fail

With Log Analysis It's All About The Base... and Context, too

Steps You Can Take Now Against CyberCrime

Video: Why Monitor Log Events for Authorized Connections?

Video: The Importance of Context in Log Analysis for Malware Detection

2015 FFIEC Cybersecurity Priorities

Why Cybersecurity is an Executive Responsibility

Five Facts You Should Know About Internet Explorer Lifecycle Support

What are the Benefits of Outsourced Event Log Management?

Information Security Compliance Standards for Event Log Management

Sandworm Vulnerability Advisory

SSL 3.0 Protocol Vulnerability Advisory – POODLE Attack

GNU Bourne Again Shell (BASH) “Shellshock” Vulnerability Advisory

In Information Security... Words Matter

Five Facts Every Organization Should Know about PCI v3.0

Five Facts Every Organization Should Know About Windows XP End-of-Life