Blog

CIS 13.9 - NAC

CIS 13.9 is heavy.  It requires big investments in the most expensive network gear, requires a fair amount of work to maintain, and can break systems if people make mistakes.  It provides good protection from expert onsite attacks: nothing gets to talk unless it’s allowed.  

CIS 1.3-5 - Discovery

CIS 1.3 - 1.5 use technical solutions to find all the IT Stuff for you, and report it back to your central inventory. They suggest three approaches, but there are bunches.

CIS 1.2 - Standard Work

There are several standard processes that most organizations will need to keep the inventory healthy and credible.  Some can be integrated with existing processes, but none can be totally eliminated.  CIS 1.2 proscribes the largest and most important kind of standard work: triage.  

CIS 1.1 Part 2 - Useful Information

CIS 1.1 contains the core mission of CIS 1: have an accurate Inventory of IT Stuff.  The other CIS 1 controls are just supporting ways that help deliver that core mission. 

CIS 1.1 - the Mission

CIS 1.1 contains the core mission of CIS 1: have an accurate Inventory of IT Stuff.  The other CIS 1 controls are just supporting ways that help deliver that core mission. 

CIS 1 Explained

The CIS Controls say the most important thing to do to secure your computers is to have a list of all your stuff. They’re a little unclear by what this means and how it helps.

Troy Hunt on success

I enjoyed this recent piece by Troy Hunt, the celebrity creator of havibeenpwned.  He departs from his usual technical topics, instead discussing the skills he's had to practice in the last year to stay effective while under more stress.