ProCircular Information Security Experts Corner

Brandon Blankenship

Recent Posts

Normalization of Deviance in InfoSec

Posted by Brandon Blankenship on Mar 10, 2020 2:13:57 PM

Before a company starts down the path of information security, there’s often a looming feeling that something isn’t right and that the steps to fix it will take effort. I liken it to a messy room that they’ve simply closed the door on, so they can try to forget there is a mess to clean up. Every time they walk by the room, they feel a twinge of embarrassment or a spark of motivation to tackle the problem; however, that emotion lessons every time they walk by until the feeling evaporates. Now the messy room has been “normalized.”

Read More

Getting Ready for CMMC – Capability Maturity Model Certification

Posted by Brandon Blankenship on Dec 20, 2019 6:45:00 AM

If you’re in the Department of Defense supply chain, you’ve become familiar with DFARS and the corresponding NIST SP 800-171 r1 over the last few years. It is a list of 110 controls that you need to be compliant with in order to continue supplying certain contracts.

Read More

Topics: Cybersecurity, Information Security, DFARS, cybersecurity plan, NIST

Incident Response Planning 101

Posted by Brandon Blankenship on Jun 27, 2019 4:42:15 PM

Cybersecurity breaches are becoming more and more prevalent. In fact, it’s been estimated that there were almost 5 billion records breached in 2018. Many organizations spend thousands of dollars on security breach prevention tools, but won’t take the time to create a formal process of identifying, responding to, and communicating an incident.

Read More

Topics: Cybersecurity, Data Breach, Data Security, Incident Response, security incident handling, security incident response

Cybersecurity: Real vs. Checking the Box

Posted by Brandon Blankenship on Feb 28, 2019 3:38:00 PM

The reason we wear our seat belts is not to avoid getting a ticket from the police, but rather to avoid a potential injury in a car accident. This analogy is an easy way to describe the difference between box-checking security and real security, and it's instantly understood regardless of technical knowledge. This message resonates with executives, because they typically prefer to “get to the point” and correctly protecting their data is “the point” of cybersecurity.

Read More

Topics: HIPAA, Information Security, consumer security, Data Security, Data Protection, Vulnerability Assessment, it risk assessment, DFARS, cybersecurity plan, NIST

Let your Risk Register be your Guide

Posted by Brandon Blankenship on Jan 30, 2019 12:46:00 PM

“What are the top 7 things you can do to protect your business from hackers?”  Have you ever read a list like that on the internet? In the cybersecurity realm, they’re everywhere. I’ve even assembled and presented one of those lists to a group of business owners myself. They tend to point out things like user awareness training, patching and passwords.  All noble things to get your arms around, of course, but are they useful to a client?  Sometimes I feel as though those lists, as true as they are, are about as useful as telling a football team to “score touchdowns”, or “guard the quarterback.” Yeah, I know that scoring touchdowns is good… but how? 

Read More

Topics: Cybersecurity, HIPAA, DDOS, it risk assessment, cybersecurity plan, NIST

ProCircular is a Full-Service Information Security Firm

We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

  • Breached or hit with ransomware?
  • Don't know where to start? 
  • Looking to confirm your security with a third party?

Secure your future with ProCircular.

Recent Posts

Subscribe to Email Updates