Why Identifying and Protecting Critical Information Assets Should be a Foundational Element of your Security Program

The digital world has become a scary place, one which many people fear, and one in which few organizations feel they are adequately protected. Every day, there is more news about breaches, new threats, zero day attacks, adversarial groups, and a barrage of new technologies that claim to solve all of these problems. Some of the technologies are very good, logical extensions to the security platforms we already have in…

From the CTO’s Office: The Fallacy of End-to-End Encryption

RSA 2017 was, as always at InteliSecure, a very busy week that has the distinct possibility of disappearing into a blur of meetings, lunches, dinners and happy hours. During these events, I had the distinct pleasure of speaking with a group of smart, talented and influential people. One such discussion sparked a conversation about the disturbing trend of end-to-end encryption from any client to any destination that makes it increasingly…

Understanding Cloud Security and Its Importance

“If I told you I wanted to store all of your data in my data centers, wherever I choose to put it, and you would have no input or visibility into how I secured your data, would that seem like a good idea?” The above is a quote from my book, Building a Comprehensive IT Security Program, regarding the cloud. Many people read this quote and they think I am…

Addressing the IT Skills Gap Part V: Deepening the Talent Pool

In order to strengthen the average talent in the cybersecurity labor market, we first need to address a major problem that faces the cybersecurity sector. Cybersecurity as a career field is overwhelmingly male and overwhelmingly Caucasian. In fact, according to a recent article from bankinfosecurityt.com citing government statistics, “Whites, who account for about 80 percent of the American workforce, make up 70 percent of the IT security workforce. About 7…

Addressing the IT Skills Gap Part IV: Utilizing Managed Security Services

By Jeremy Wittkop, InteliSecure CTO My previous posts have touched on hiring and cultivating talent as two of the three main strategies organizations can employ to build their cybersecurity team. Hiring well is difficult and time consuming even when cybersecurity hiring is your primary responsibility and when your business is cybersecurity. However, most people hiring cybersecurity professionals are in the business of doing something else, which makes the task of…

Cultivating & Retaining Team Members | Addressing the IT Skills Gap Part 3

By Jeremy Wittkop, InteliSecure CTO For many large organizations, there are people on the inside who possess both the technical skill and the willingness to learn to become cybersecurity professionals. In order to effectively pursue this strategy, it is key to ensure that there are enough qualified and experienced team members on staff to mentor the newer professionals being groomed to fill out the team. Therefore, if you choose this…

Hiring Top Cybersecurity Talent | Addressing the IT Skills Gap Part 2

By Jeremy Wittkop, InteliSecure CTO “The secret of my success is that we have gone to exceptional lengths to hire the best people in the world.”  – Steve Jobs The first instinct of many executives is that they want to hire the talent they need in all aspects of their business. This approach gives the organization maximum flexibility and control with respect to those resources, but it comes at a…

Current State of Cybersecurity | Addressing the IT Skills Gap Part 1

By Jeremy Wittkop, InteliSecure CTO People, process, and technology. Where do we turn when it is the people side of the equation we most need to address? An increasing number of organizations are asking this question as the shortage of cybersecurity talent continues to become more dire. There are more threats evolving every day and it seems there are legions of cyberattackers ranging from divisions of cyber militaries on the…

SNMPPLUX

InteliSecure continually develops new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providing SNMPv1 and v2c community dictionary attacks is will also provide username and password dictionary attacks…