Articles In Security

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Why Every Organization Needs an Inventory of Authentication and Authorization Systems Identity is the new perimeter. As organizations adopt cloud services, remote work, and third-party integrations, the number of systems that manage authentication and authorization has grown, often without centralized oversight. That’s where CIS Safeguard 6.6 comes in. What is CIS Safeguard 6.6? CIS Safeguard 6.6, p... read more.

  • September 30, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Jurassic Park and the Forgotten Gatekeepers: Why You Need an Inventory of Authentication and Authorization Systems In Jurassic Park, the park’s downfall wasn’t just the dinosaurs, it was the lack of control over who had access to what. Dennis Nedry, the disgruntled systems engineer, had unchecked access to critical systems. When he disabled security to steal embryos, no one knew how to stop him... read more.

  • September 24, 2025

By Bert Amodol, Posted in Security

Many cybersecurity mistakes continue to be observed in 2025 despite the availability of advanced security tools and ongoing awareness efforts. These errors range from simple oversights to choices made for convenience, each potentially increasing the likelihood of security incidents. Below is an overview of ten common cybersecurity mistakes that still persist. Using Weak Or Default Passwords In 2025, some individuals continue to use weak passwords or leave default credentials unchanged. Weak or default pa... read more.

  • September 15, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation CIS Safeguard 5.6: Centralize Account Management In Thor: Ragnarok, there’s a memorable and comical scene where Thor is trying to escape Sakaar aboard a QuinJet. Thor starts the QuinJet with the panel green. QUINJET (V.O.): Voice verification required. THOR: Thor. QUINJET (V.O.): Access denied. THOR: Thor, son of Odin. QUINJET (V.O.): Access denied. THOR: God of Thunder. QUINJET (V.O.): Ac... read more.

  • August 19, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Mission: Impossible and the Mystery of Service Accounts — Why You Need an Inventory In Mission: Impossible, Ethan Hunt and his team rely on stealth, precision, and insider knowledge to infiltrate secure systems and extract sensitive data. But imagine if the IMF (Impossible Mission Force) didn’t know who had access to what. Chaos, right? That’s exactly what happens in many organizations wh... read more.

  • August 13, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation The Last of Us” and the Last Line of Defense: Why Remote Wipe Matters in Cybersecurity In HBO’s The Last of Us, society collapses after a fungal infection turns most of humanity into mindless, infected hosts. The few survivors cling to safety behind fortified walls, constantly on guard against threats that could breach their defenses. It’s a gripping metaphor for the modern cybersecurity l... read more.

  • July 29, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In the TV series 24, Jack Bauer races against the clock to stop cyberattacks, terrorist threats, and national crises. Every second matters. A moment of inaction can lead to disaster. That same urgency applies to CIS Safeguard 4.10, which emphasizes the importance of automatically locking portable end-user devices after a short period of inactivity. Because in cybersecurity, just like in&... read more.

  • July 22, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation The Matrix and the Power of Choosing the Right Reality In the 1999 sci-fi classic The Matrix, Neo is offered a choice: take the red pill and see the truth, or take the blue pill and remain in a fabricated illusion. This iconic moment is more than just cinematic gold, it’s a perfect metaphor for CIS Safeguard 4.9, which urges organizations to configure trusted DNS servers on all enterpri... read more.

  • July 15, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Do more with less. That’s the core idea behind CIS Safeguard 4.8, which advises organizations to uninstall or disable unnecessary services on enterprise assets and software. Why? Because every extra service is a potential doorway for attackers. To illustrate this, let’s look at a survival lesson from The Walking Dead. The Walking Dead and the Dangers of Unsecured Doors In The Walking Dead, sur... read more.

  • July 08, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation CIS Safeguard 3.12 mandates the segmentation of sensitive data while it is stored. This strategy involves categorizing and handling data according to its sensitivity, thus ensuring that the most critical information receives the highest level of protection. Data segmentation involves dividing data into distinct categories based on its sensitivity. Sensitive information, such as financial records, personal d... read more.

  • June 17, 2025