Information security technologies are advancing at such a pace that a gap has been created between the number of people needed to manage it all, and the number of trained, qualified professionals available to fill the need. This is wonderful news for those seeking to advance their careers by focusing on securing the data and networks major corporations and government agencies depend upon.

Many people are unaware of just how extensively the internet impacts all of lives, reaching to many of the utilities and other services we all depend upon for light, heat, water, safety, and more. National Cybersecurity Safety Awareness Month in October leads right into Critical Infrastructure and Resilience Month. Protecting our nation’s most valuable resources is everyone’s responsibility.

Keeping your data, your network, and your company secure online is everybody’s responsibility. You really can learn how to practice safer computing, and everyone will be the better for it. Here are some things to think about in preparation for the theme of the third week of National CyberSecurity Safety Awareness Month (NCSAM).

The National CyberSecurity Awareness Month (NCSAM) website will highlight a different theme for every week of October 2018 to focus attention on the important issues everyone must be aware of to protect themselves, their information, and their online safety. As part of the NCSAM celebration, our Get Schooled blog will align with each of these themes each week during this important month.

Like changing batteries in your smoke detector on the change in Daylight Savings Time can save lives, National CyberSecurity Awareness Month (NCSAM) comes around every October to remind us that so much is at stake in keeping our networks and data safe. To prepare you for CyberSecurity month, we review many of the activities you’ll want to be doing to “celebrate” this annual rite.

“Phishing” sounds like a pretty silly or, at least, misspelled word to most people. “Ransomware” is also pretty mysterious. Most people tend to be pretty dismissive about these issues, until they are victimized by it themselves.

Dark Reading reports that 91% of cyberattacks start with phishing emails, and when you combine that with the observation from IBM’s X-Force researchers that more than half of all emails are spam, it is highly likely that you have or will soon be a victim of a phishing attack. These are emails that appear to be authentic, sent from someone you know and trust, and usually containing either a link or an attachment that you are asked to open. When you do, the trouble begins.

October. It’s the heart of football season and a time when pumpkin spice surfaces as the premier ingredient in the cooking world. But October is also a time for something more serious; something that each of us should place on a pedestal above such a highly touted culinary craving: cybersecurity.

One common question about network topology is how to position firewalls and DMZs. Often, a single firewall is used to handle the rules for both the internal and external interfaces, and the DMZ is connected to that firewall. This approach, compared to multiple firewalls, reduces costs, and simplifies management (especially from a troubleshooting perspective). However, many security-conscious companies opt for a "firewall sandwich," such as having one firewall facing outside, and another facing the internal network as well as the DMZ.

You can use Group Policy to define access permissions and audit settings for individual registry keys, and you can also take or assign ownership of keys. Open the appropriate Group Policy Object (for example, the Default Domain Policy) in the GPO Editor and expand the Computer Configuration node, then Windows Settings, then Security Settings. Click on Registry. Note that the Registry setting is missing from the local computer GPO. By default, administrators and the system have full control permissions for all keys, users have read-only permission, and the creator/owner can assign ownership of the key.