Author Archives: Mary Rose Maguire

About Mary Rose Maguire

Mary Rose Maguire was the Marketing Communication Specialist for MicroSolved, Inc. and the content curator for the State of Security blog, MSI's website, and social media.

MSI Strategy & Tactics Talk Ep. 18: Vulnerability Assessment vs. Penetration Testing

Posted on by
Reply

A vulnerability is the process of identifying and quantifying vulnerabilities on your network systems. A penetration test is a goal-oriented exercise — it can be to get data on the system or to cause as much damage as you can in order to test the system. – Adam Hostetler, MSI Network Engineer and Security Analyst

What is the best security assessment for you? A vulnerability assessment or a penetration test? Are’t they the same? In this episode of MSI Strategy & Tactics, the techs discuss the differences between the two and how to know which one is best for you. Take a listen! Discussion questions include:

  • The difference between a vulnerability assessment and a penetration test
  • The width versus depth analogy
  • When an organization should use a vulnerability assessment and when to use a penetration test
  • How an organization can make sure they are asking for and getting the right fit

Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

MSI Strategy & Tactics Ep. 17: Thoughts On The SCADA Breach In Springfield, Illinois

Posted on by
Reply

What happened with the water facility SCADA breach in Springfield Illinois? ICS-SCADA security has been on our radar for a few months, now. The recent attack on a water plant in Illinois has highlighted existing vulnerabilities that open the door to malware. In this special edition of MSI Strategy & Tactics, Chris Lay, Account Executive, interviews MSI CEO, Brent Huston on the breach. Take a listen! Discussion questions include:

  • Breaking down the nuts and bolts of the attack
  • The similarities and differences of the attack vs. the Stuxnet worm
  • What ICS-SCADA organizations can learn from this attack

Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Chris Lay, Account Executive
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

Business of Security Webcast Featuring Brent Huston: December 7

Posted on by
Reply

Join the Business of Security to hear from Brent Huston, recent winner of (ISC)2 Information Security Leadership Award, who will lay out the need for and principles of performing detection in depth. Brent, CEO and Security Evangelist of MicroSolved, will share his research and hands-on experience that validates the leading approach for detecting threats against your most precious assets.

When: Wednesday, December 7th, Noon EDT
Where: GoToWebinar
Cost: Complimentary Register to attend live or to receive the event archive information for on-demand viewing at: http://www.businessofsecurity.com/

You’ll learn:

  • Huston’s postulate and why location matters
  • The detection in depth maturity model
  • The detection in depth focus model
  • Tools and approaches for doing detection in depth

Brent’s contribution to the community was recognized by (ISC)2 for employing the HoneyPoint Internet Threat Monitoring Environment (HITME) to alert critical infrastructure organizations whose machines are compromised. MSI provides pro-bono services to help them to mitigate the compromise and manage the threat.

Earn (1) CPE Group A credit for the CISSP and SSCP: This event meets the criteria for a Continuing Professional Education (CPE) activity for the Information Security and Risk Management domain.

MSI Strategy & Tactics Talk Ep. 15: Information Security for Credit Unions

Posted on by
Reply

Credit Unions have become popular over the past few weeks as societal trends have placed greater pressure on bank policies. What’s the scoop on Credit Unions and information security? Take a listen! Discussion questions include:

  • Supporting Credit Union swap through infosec
  • The “hactivist” group Anonymous and “Dump Your Bank Day”
  • Is infosec strong at Credit Unions?
  • Our approaching toward testing Credit Unions and banking apps

Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

Presentation Slides Available from The Ohio SCADA Security Symposium

Posted on by
Reply

Although we had a panel discussion, (and some presentations that were confidential) we do have a few we can share. If you’d like to view the slides for them, please visit our presentation page. We’re looking forward to doing this again next year! Thanks to all who came and to our speakers, who were very generous with their time and expertise!

MSI Strategy & Tactics Talk Ep. 14: Security Rants and More!

Posted on by
Reply


This edition covers a variety of topics —  Discussion questions include:

  • Footprinting and understanding environments
  • Attack against Mitsubushi and Japan
  • Security with corporate networks and SCADA
  • Where information security is going as an industry

Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

MicroSolved’s HoneyPoint Wasp Nominated for TechColumbus Innovation Award

Posted on by
Reply

MSI is proud to announce their nomination in the annual Innovation Awards, sponsored by TechColumbus, which recognizes outstanding achievements in technology leadership and innovation. HoneyPoint Wasp has been nominated for Outstanding Product for companies with 250 employees or less. 

We’re thrilled to be nominated. We believe our HoneyPoint Wasp is an excellent product, helping our clients battle bots and malware on their desktops. For more information, please read our press release and visit our HoneyPoint webpage. We look forward to the Awards Dinner in February 2012. Good luck to everyone who has been nominated!

Central Ohio ISSA Presentation: “Social Media Threats: Real, Imagined, & Maybe…”

Posted on by
Reply

Brent Huston, CEO and Security Evangelist of MicroSolved, Inc., delivered a fascinating presentation on social media security. In this talk, Brent discusses:

 

  • The explosive growth of social technology 
  • Conspiracy theories – what is real and what is imagined 
  • Where the real threats exist 
  • What controls you can use to minimize risk 
  • What you can do to deal with social media’s security risks

To download the slide deck and audio, click here for the zip file.

And as always, stay safe out there!

Reason #1 To Attend Ohio SCADA Symposium: DHS Warns “Hacktavists” Are Focusing on Control Systems

Posted on by
Reply

The Department of Homeland Security recently warned:

“…that Anonymous hacktivists may cyberattack industrial control systems. In fact, the Department of Homeland Security and Idaho National Laboratory have engaged in mock hack-offs to wreak havoc and to highlight the vulnerabilities at factories, electrical plants and chemical facilities.”

Full story

It isn’t a surprise that attacks are increasing on industrial control systems. Claiming responsibility for knocking out an electricity company may seem cool, but I’m not sure how “cool” it would be when they realized they knocked out their own Internet and cable connection.

This brings up a great reason to attend our Ohio SCADA Security Symposium on November 1. Click here for details!

MSI Strategy & Tactics Talk Ep. 13: SCADA & Handling Threats In a Post-Stuxnet World

Posted on by
Reply


SCADA is becoming a hot property among security professionals who work with Industry Control Systems (ICS). During this discussion, our team tackles how to view threats and respond accordingly. Discussion questions include:

  • How can organizations get their heads wrapped around what it takes to secure a modern SCADA/Business environment hybrid?
  • What happened to the air gap approach that we hear so many SCADA history folks talk about? Why did that model break down? Why can’t we go back to it?
  • What happens to threats against SCADA/ICS as mobile integration, smart grid components and other disruptive technologies come online?
  • How can SCADA/ICS security teams engage with other security professionals and each other?

 
Panelists:
Brent Huston, CEO, Founder, and Security Evangelist
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer
Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!