Michael Crawley, MBA, PMP, M.ED, MSP, Six Sigma BB, Lean SSBB, Agile Master , Scrum Master Master

24x7

VideoResultsNow@gmail.com 224-402-5362​​​​​​​​​​​​​​

Everything you need to secure necessary Cybersecurity Awareness !

WE ARE AWESOME AT Cyber-Information Delivery

Identify common network security components and secure transport protocols, harden networks, and apply monitoring, detection, and remediation insights, techniques and best practices.  Begin to increase your awareness NOW!

126

Attacks per second

Global Projects in immediate & Agile effect !

satisfaction rate

193
100%

Quantitative risk assessment values

  • SLE – Single loss expectancy is cost of any single loss
  • ARO – Annual rate of occurrence is expected number of times given loss may occur per year
  • ALE – Annual loss expectancy is expected cost per year from threat (SLE × ARO)

Threat probability

  • MTTF – Mean time to failure
    • Used for non-serviceable components
  • MTTR – Mean time to repair
  • MTBF – Mean time between failures
    • Used for serviceable components
  • MTBSI – Mean time between service incidents

Qualitative risk assessment values


Probability * Impact

Vulnerability Scanning


  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • Goals
    • Missing or misconfigured security controls
    • Open ports
    • Weak passwords or encryption
    • Misconfigured security controls
    • Unsecured data
    • Compromised systems
    • Exploitable vulnerabilities
    • Unpatched systems

Vulnerability Assessment (VA): Passive

    Purpose of Vulnerability Assessment

    • Baseline review
      • The existing intended security configuration
    • Determining attack surface
      • All of the software and services installed which can be subject to attack
    • Reviewing code
    • Reviewing architecture
    • Reviewing design

    Risk Management


    Ways to manage Cyber-risk

    • Avoidance
      • Avoiding risky activities
    • Transference
      • Sharing risk with others
    • Mitigation
      • Applying security controls to reduce risk
    • Deterrence
      • Applying visible controls to discourage others
    • Acceptance
      • Choosing not to act on risk
    • Residual risk
      • Remaining risk after management strategy

    FUN FACT:


    As a broad effort to foster awareness and to help Americans remain secure online, in 2004, the Department of Homeland Security and the National Cyber Security Alliance initiated National Cyber Security Awareness Month (NCSAM). 


    In the beginning, the initiatives included educating the public about day-to-day computer use considerations, such as: spyware, adware, malware as well as the importance of  keeping system patches and antivirus programs up to date.  From 2009, the month as incorporated "Our Shared Responsibility" as an overall theme.  In 2011, the  initiative begun to incorporate weekly themes throughout the month..