Top 5 Tips to Protect User Data

If there’s one thing that never changes in cybersecurity, it’s this: threat actors will always look for the path of least resistance to gain access to a victim’s network. While companies that collect and maintain personally identifiable information (PII) or protected health information (PHI) are often the preferred targets of threat actors, attackers will target…

Read More

6 Best Practices for Data Breach Protection

Keeping your data safe and protected often seems like an uphill battle. Consistently presenting a hardened attack surface to a would-be attacker and doing so across all the various attack vectors possible is a difficult problem to solve. The attacker only has to be right once, while you and your broader security team have to…

Read More

8 Tips for the Holiday Season

Our holiday guidance blog series for retail and hospitality continues. For more blogs in this series, visit https://rhisac.org/blog/ Being this time of the year, our sector needs to be vigilant. There’s a chill in the air, decorations hung in every window, children’s eyes sparkle with wonder and expectation… and hackers lurk around every corner. The holiday…

Read More

Top 5 Holiday Shopping Season Threats for Retail and Hospitality

This blog is part of the RH-ISAC holiday guidance blog series. For more blogs in this series, visit https://rhisac.org/blog/. The holiday season brings out more than decorations, carols, and hot chocolate. The drastic influx in retail activity as people scurry to cross items off their shopping lists means that hackers come out in droves and malicious…

Read More

Why Red? Why Purple? A NIST CSF View

Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect and Detect before using Red Teams to validate Respond. I’ve heard the question, “Do Purple Teams help to test the incident response process?” over and…

Read More