3wSecurity Logo

Cybersecurity Controls Assessment != Cybersecurity Risk Assessment

Is a cybersecurity controls assessment the same thing as a cybersecurity risk assessment? Understanding the differences and benefits of each. A cybersecurity controls assessment and a cybersecurity risk assessment are two distinct but related activities within the field of cybersecurity. Here’s a breakdown of their differences and how one might be more beneficial than the […]

Why Attack Surface Management is Critical

·   What is more dangerous: the known or unknown? In today’s threat environment, which is constantly changing faster than ever, understanding your digital attack surface has never been more important. Most companies struggle to maintain an accurate inventory of their internet facing systems.  This information is critical to the overall process of protecting your company’s […]

How to Build an Infosec Program and Win Support from the Executive Team

· Today’s executives consider cybersecurity critical to the success of their business.  So then why is it a challenge to get ample time at the table with them to work through critical decisions regarding the cybersecurity program?  This is because it’s a challenge to get any executive’s time for any other important company matter.  They […]

The Perfect Storm

· A tale about a network engineer who makes a critical mistake that leaves his company exposed. The following is a true story.  The details have been slightly modified to protect the companies and people involved. Hello, my name is Max.  I was working in Atlanta with a company named “We Secure”.  It was a […]

On-demand Pentesting

· Attack Surface Management with Penetration Testing Traditionally, industry practice was to perform manual penetration testing on a semi-annual basis.  The problem with this approach is that vulnerabilities are often introduced right after a test has completed and critical issues could be overlooked until the next testing window. While automated vulnerability scanning tools mitigate some of this […]

The Role of Executive Leadership in Cybersecurity

· Cybersecurity is an incredibly complex topic.  Even the most brilliant minds will not understand a lot of it unless they spend a lot of time learning about the topic.  Executives do not have that luxury and must depend on their mid to lower-level managers.  Yet those managers are often not in a place of […]

Penetration Testing as a Service

· Pentesting as a service is quickly becoming a more advantageous way of securing a company’s internet presence. While the degree of protection needed for each business differs, one thing is clear. We are not doing enough. IT Leadership is beginning to realize that one Pentest a year is not enough.  What happens if an […]

Steps to take, in order of priority, if your personal residence is hacked…

· Steps to take, in order of priority, if your personal residence is hacked… This new age of internet based social communities presents an entire new frontier for cyber criminals.  New cyber-attack methods are being invented every day. If you believe that one of your core personal accounts have been hacked, time is of the […]