Articles by 'Steve Gold'

Blog Author - Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.

By Steve Gold, Posted in Security

Many homeowners invest in home security systems to protect their property and loved ones. These systems often include components such as alarms, surveillance cameras, and access control measures. They act as a deterrent against intruders and provide peace of mind by ensuring the safety and security of the household. Similarly, implementing and managing a firewall on end-user devices can be compared to having a personal security system for digital devices. A firewall acts as a digital barrier, monitoring an... read more.

  • August 01, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts I’ve heard this many times in my life from a bouncer at a club/event. Sometimes it was my ID, sometimes there were too many people already in, and sometimes it was because, well, they just said no. Nightclubs and events employ bouncers to control access and maintain security within the venue. Bouncers act as a barrier between the outside world and the controlled environment inside, ensuring that only authorized individuals are granted entry. Similarly, a firewall can be compa... read more.

  • July 25, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts My girlfriend asks me this question almost every time we leave our home. Why, you ask? Because I’ve forgotten my keys more often than I should and then been locked out. This happens because our front door automatically locks when we leave as a safety precaution. Maybe I need to replace my Ted Lasso “BELIEVE” sign with a “Do you BELIEVE you have your keys?” sign. Automatic session locking is a security feature that automatically locks a user's session on... read more.

  • July 18, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts You may know "Drift Away" is a song by Mentor Williams written in 1970 and originally recorded by John Henry Kurtz on his 1972 album Reunion. Mentor Williams was a country songwriter, and John Henry Kurtz was an actor and swamp rock singer. Dobie Gray then recorded/performed that famous song in 1973. However, that’s not the lesson here, although who doesn’t like useless information? We’re talking configuration drift here folks. Configuration drift refers to the gra... read more.

  • July 11, 2023

By Steve Gold, Posted in Security

Steve’s Thoughts Fort Knox is a United States Army post located in Kentucky and is famous for housing the United States Bullion Depository, which holds a significant portion of the country's gold reserves. Fort Knox serves as a symbol of impenetrable security due to its robust physical and technological defenses. Similarly, in the digital realm, secure configuration acts as a virtual Fort Knox for enterprise assets and software, ensuring that they are protected against unauthorized access, data brea... read more.

  • July 05, 2023

By Steve Gold, Posted in Security

This blog just leveled up. My good friend and colleague Bryon Singh, Director of Security Operations at Railworks Corporation has agreed to collaborate on this blog to bring not only the WHY but also the WHAT & HOW to becoming more secure. Hope you enjoy! Steve’s Thoughts When it comes to protecting sensitive data, encryption is the secret handshake of the cybersecurity world. It's like the clandestine cult language that ensures your information remains secure and impervious to prying eyes. For... read more.

  • June 28, 2023

By Steve Gold, Posted in Security

Hopefully, you get the reference above from the SNL skit. I thought about manipulating Billy Joel’s amazing song ”Say Goodbye to Hollywood” but decided to go simpler. OK, let’s get into it. In today's data-driven world, organizations collect and store vast amounts of sensitive information. However, with the growing number of cyber threats and regulatory requirements, securely disposing of data is just as crucial as protecting it. As part of an enterprise's comprehensive data managem... read more.

  • June 21, 2023

By Steve Gold, Posted in Security

To Retain Or Not To Retain? That Is The question. Memorial Day has passed and summer is here. I don’t know about you but each summer I go through my closet in an attempt to de-clutter. As I stand in my closet looking at clothing that doesn’t fit anymore to donate, or ripped/stained/damaged clothing to discard, all I can think about is Data Retention. I know, right! Wouldn’t it be great if you could simply look at your data like you look at your clothing and know whether it should be kept... read more.

  • June 14, 2023

By Steve Gold, Posted in Security

Let’s start today’s blog with a hearty pat on the back and a big ol’ KUDOS! You get it! You can’t protect what you can’t see. You don’t need to write it on the chalkboard 100 times…unless you’re a huge Bart Simpson fan, then go ahead. Of course, we’re not done with gaining visibility into your environment as you’ll see in future posts. So sorry, not sorry. Now that you have your data inventory, it’s important to know who can access your dat... read more.

  • June 06, 2023

By Steve Gold, Posted in Security

You can’t protect what you can’t see! You can’t protect what you can’t see! You can’t protect what you can’t see!  Anybody seeing a theme here? Establishing a process to inventory where your data lives (on-premises storage, mail platforms, endpoints, mobile devices, cloud storage, cloud infrastructure, blah, blah, blah) is the first step in building a data management framework. The second step is to establish labels for your data to understand what data you shoul... read more.

  • June 01, 2023