Employee Login Customer Login
Menu

Blog Categories

Articles by 'Steve Gold'

Blog Author - Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.

My House. My Rules.

My House. My Rules.

By Steve Gold, Posted in Security

If you’ve ever challenged a rule your parents set, you’ve probably heard the phrase, “As long as you live in my house, you’ll live by my rules”. Sometimes, if you’re lucky, it’s followed up with, “You can do whatever you want when you have your own home”. So, what do these painful childhood memories have to do with security? I’m so glad you asked! Your parents established certain rules/processes to ensure that the home, and everyone in it, is prot... read more.

  • May 16, 2023
Support Your Local Software

Support Your Local Software

By Steve Gold, Posted in Security

Hopefully by now you’re seeing a trend. You need full visibility into your environment and you also need both the visibility and capability to remove any unauthorized assets or software. I know this may seem kind of basic, but remember, we are only at Control 2. Wait till we get to Control 17 and start discussing Incident Response. But let’s not get ahead of ourselves just yet. After all, we are working with a prescriptive, prioritized, and simplified set of best practices. In the previous blog... read more.

  • May 09, 2023
Making a List and Checking it Twice

Making a List and Checking it Twice

By Steve Gold, Posted in Security

Okay, so it’s not Christmas time but my hair is getting grayer (whiter) and I’m feeling quite jolly talking about security. And because you’ve been so good reading this blog, you deserve a gift. The gift of reusability. Now, I’m not talking about that button down shirt you wore yesterday on your video calls hanging over your chair. I’m talking about using the same tool you use to inventory your assets to inventory your software. Most commercial tools that do one will also do t... read more.

  • May 02, 2023
No Shirt. No Shoes. No Access!

No Shirt. No Shoes. No Access!

By Steve Gold, Posted in Security

Ok, so that’s not exactly what the sign typically says but you should have your own sign that says “No Approval. No Authorization. No Access!” No one wants uninvited guests in their home/party just like no wants unauthorized, unapproved assets on their network. You need the visibility to know who/what is on your network and the ability to remove them if they’re not authorized. Those unauthorized assets can unknowingly expand your blast radius and increase your attack surface. Wheth... read more.

  • April 25, 2023
What's Your Blast Radius?

What's Your Blast Radius?

By Steve Gold, Posted in Security

Don’t know what a blast radius is, well let’s turn to our friend Wikipedia: “The distance from the source that will be affected when an explosion occurs. A blast radius is often associated with bombs, mines, explosive projectiles (propelled grenades), and other weapons with an explosive charge.” From a security perspective, blast radius is used “to designate the impact that a security breach of one single component has on the overall environment. Reducing the blast radius of a... read more.

  • April 18, 2023
Implementation Groups

Implementation Groups

By Steve Gold, Posted in Security

“There can be only one” If you’re a fan of the movie Highlander like I am, you remember that line. Now, we’re not talking about immortals killing each other until only one remains. We’re talking about security and how to get started. Although, if you post comments on that, perhaps I can start another blog, but I digress. CIS agreed with Connor MacLeod of the Clan MacLeod and felt that there can (should) be only one task for people to start their cybersecurity journey and crea... read more.

  • April 11, 2023
How to Start a Security Program

How to Start a Security Program

By Steve Gold, Posted in Security

Security: the final frontier. These are the safeguards of the CIS Critical Security Controls. It’s ongoing mission: To protect organizations, To seek out security gaps and misconfigured systems, To boldly go where few security professionals have gone before. Hi, I’m Steve Gold. Cybersecurity Practice Director for Gotham Technology Group and a little bit of a closet Trekkie. I’ve spent my career working for organizations that truly help people. From Wyse Technology, which minimize... read more.

  • April 04, 2023

Stay in the loop

Be the first to know about our latest events, webinars, and job openings!

Get to know us

Work with Us

Contact Us

Headquarters:
Gotham Technology Group, LLC
5 Paragon Drive
Suite 103
Montvale, NJ 07645

  • Get help:
© 2024, Gotham Technology Group, LLC.