As I’m preparing for the CGRC certification, I’ve compiled a list of NIST Special Publications focused on Governance, Risk, and Compliance (GRC). The original raw list can be found on the ISC2 Common Body of Knowledge . This list is my laziness (maybe even efficiency) attempting to save time in searching for each publication while I’m on the go or need a quick link in a place I know I’ll have it, my own website.
ChatGPT, a large language model developed by OpenAI, has been gaining popularity exponentially in the past month. This model can understand and generate human language, making it a powerful tool for a variety of tasks such as creating chatbots, translating text, and even writing poetry or song lyrics. Businesses are starting to use it for automating emails and reports, making it a revolutionary tool in the field of AI language processing.
When it comes to security, using only a password to protect your personal or financial information is no longer enough. Many critical services like banks, wireless providers, and cable companies add another layer to that security by posing a security question to validate that the person logging into an account is really that person. As an example, some of these questions can include:
In what city did you meet your spouse/significant other?
Recently, I’ve been on a mission to tighten my company’s security presence, such as disabling SSL 3.0 and TLS 1.0 on all systems that don’t rely on the protocols and replacing self-signed certificates on management consoles with CA trusted certificates.
During this mission, I’ve come to our wireless lan controller. Now this WLC doesn’t have the standard Cisco IOS like all of their switches and security devices. Instead, it uses an IOS that provides a usable web management interface that doesn’t rely on a Java program like ASDM.
In a previous article, I mentioned storing important backups in the cloud. I’m generally cautious when it comes to storing private information on other people’s infrastructure. Although cloud providers can have pretty good standards in terms of security and privacy, I need a way to encrypt my data to feel secure that no one, other than myself, can view my documents.
That’s where Cryptomator comes into play. It can create a secure vault within your cloud folder that’s fully encrypted.