What is CMMC? CMMC Update Archives CMMC Links
Security Awareness Training Public Speaking Expert Witness
Newsletters Whitepapers Articles Videos Interviews Additional Resources
Cyber Security News & Tips by Glenda R. Snodgrass for The Net Effect
[ View this email in your web browser ] [ Visit our archives ] [ Sign Up for this Newsletter ]

September 26, 2023

Good morning, everyone!

This week’s critical vulnerabilities:
  • Apple has released another round of emergency patches for zero-days under exploit -- requires agreeing to new license so you won't get this update automatically -- new versions macOS 12.7/13.6, iOS 16.7/17.0.1, iPadOS 16.7/17.0.1, and watchOS 9.6.3/10.0.1
  • FortiNet has released critical fixes for multiple versions of FortiProxy and FortiOS

Patch All the Things!



Password hygiene from Marcus Hutchins

When I read a post from someone singing my song this clearly, I just want to quote him for you. Please allow me to share this LinkedIn post from Marcus Hutchins:

How many people have access to your home or office? 10? 20? 100? How many people have access to your breached LinkedIn password from 2016? About 5.3 billion. A password book might not be the most secure way to store passwords, but it's infinitely better than weak passwords and/or password reuse. Password managers are great, but they have trade-offs. It's easy for data-loss to wipe out local databases, cloud-based services can go the way of lastpass, and has anyone ever tried entirely reworking the computer habits of an elderly person? Everything is a trade-off between security, usability, and need. Grandma doesn't have the same threat model as a Fortune 500 company. Cybersecurity is understanding that.

Couldn't have said it better myself.

Loving on the NIST CSF

This past week I worked through an online course in GRC (because I'll never know everything there is to know about this subject) and was pleasantly surprised to learn that the instructor is an avowed "fanboi" of the NIST CSF. I'm not alone! LOL Since we've had a number of new subscribers in the past few weeks, I thought I'd run a recap of the CSF functions I wrote about earlier this year:

  1. Identify
  2. Protect
  3. Detect
  4. Respond
  5. Recover

The new version of the CSF, v 2.0, will be released very soon, with a sixth function: Governance. I'll write lots about that one when it comes out!

Stay cyber safe this week!

Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.

Have a great week!

Glenda R. Snodgrass

Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!



Security Awareness Training Available Here, There, Everywhere!

Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.

Contact me to schedule your employee training sessions. They're fun! ☺

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

Site Map

Home
Employee Training
Security Awareness Training
Public Speaking
Expert Witness
Workshops
About

Resources


CMMC
Newsletter
Whitepapers
Articles
Videos
Interviews

The Net Effect, LLC

Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy