The Website Security Checklist

Putting a website on the internet means exposing that website to hacking attempts, port scans, traffic sniffers and data miners. If you’re lucky, you might get some legitimate traffic as well, but not if someone takes down or defaces your site first. Most of us know to look for the lock icon when we're browsing to make sure a site is secure, but that only scratches the surface of what can be done to protect a web server. Even SSL itself can be done many ways, and some are much better than others. Cookies store sensitive information from websites; securing these can prevent impersonation. Additionally, setting a handful of configuration options can protect both your full website presence against both manual and automated cyber attacks, keeping your customer’s data safe from compromise. Here are 13 steps to harden your website and greatly increase the resiliency of your web server.

Read More

What is Cyber Resilience?

Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.

Read More