Articles In Security

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation CIS Safeguard 3.11 mandates the encryption of sensitive data while it is stored, also known as "data at rest." This includes data stored on various mediums, such as hard drives, databases, and cloud storage. Encrypting data at rest ensures that even if unauthorized individuals gain access to the storage media, they cannot easily read or use the data without the corresponding encryption keys. The Importance... read more.

• May 20, 2025

By Ken Phelan, Posted in Security

Fort Pulaski was completed in 1847. Built as a response to the War of 1812, it was a state-of-the-art fort built to protect the port of Savannah. Its walls were 11 feet thick and the moat was eight feet wide. But the real genius lay in its location. On an island in the middle of the Savannah River, it was a full mile from the nearest land on Tybee Island. It could not be approached by land. The smoothbore cannons of the time had a range of about half a mile, therefore land-based cannons could not be brought... read more.

• May 15, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation CIS Safeguard 3.10 mandates the encryption of sensitive data while it is being transmitted over networks. This includes data shared between internal systems or data exchanged with external parties. The goal is to protect the data from eavesdropping, tampering, and unauthorized access during its journey from one point to another. By encrypting sensitive data in transit, organizations can significantly reduce... read more.

• May 13, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Encrypting Data on Removable Media: The "Q" of Cybersecurity In the thrilling world of James Bond, "Q" is the gadget master, equipping 007 with state-of-the-art technology to keep his missions secure. From encrypted briefcases to self-destructing drives, Q ensures that Bond's classified information remains out of enemy hands. In the realm of cybersecurity, encrypting data on removable media plays a similarl... read more.

• May 06, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Documenting Data Flows: Navigating the Maze of Cybersecurity with Pac-Man In the world of cybersecurity, documenting data flows is as essential as navigating through a complex maze. Much like Pac-Man, the beloved arcade game character who zips around collecting dots and avoiding ghosts, organizations must meticulously track and understand the pathways that their data takes. This process is encapsulated in C... read more.

• April 29, 2025

By Bert Amodol, Posted in Security

When most individuals think about hacking, they often envision someone in a hoodie typing intensely in a dark room with green code streaming across the screen. Actual penetration testing is somewhat less cinematic; nevertheless, it remains an intriguing process that requires meticulous planning, extensive knowledge of cybersecurity and cybersecurity tools, and a strategic approach. In this post, we will provide insight into a real-world penetration test conducted for a mid-sized technology company. The det... read more.

• April 23, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Establishing and Maintaining a Data Classification Scheme: The "Sorting Hat" of Cybersecurity If you are a Harry Potter fan, you know the Sorting Hat plays a pivotal role in determining the future of young witches and wizards by categorizing them into one of the four Hogwarts houses: Gryffindor, Hufflepuff, Ravenclaw, or Slytherin. You probably also know which Hogwarts house you want to be in. This classifi... read more.

• April 22, 2025

By Ken Phelan, Posted in Security

I spent some time with the CrowdStrike team last month going through their annual Global Threat Report. If you haven’t seen it, please do. This should be required reading for every cyber operator - https://go.crowdstrike.com/2025-global-threat-report.html 79 is the percentage of breaches that occurred without malware. Hence the much-used quote, “hackers don’t break in, they log in.” For years a quick explanation of cyber-attacks read as follows: Software has vulnerabilities. Ha... read more.

• April 10, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Safeguarding your software ecosystem is crucial, and ensuring only authorized libraries are used is like assembling a trusted team of superheroes. CIS Safeguard 2.6: Allowlist Authorized Libraries epitomizes the meticulous selection process of the Avengers’ roster in the Marvel Universe. The Avengers' Assembly Just as Nick Fury carefully selects each Avenger based on their abilities and trustworthine... read more.

• January 28, 2025

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation Ensuring that only trusted software can run on your systems is like casting a powerful spell to ward off dark forces. CIS Safeguard 2.5, "Allowlist Authorized Software," is akin to the protective enchantments used at Hogwarts School of Witchcraft and Wizardry to keep out dark magic. The Sorting Hat of Software Think of the allowlist as the Sorting Hat at Hogwarts. Just as the hat sorts students into houses... read more.

• January 21, 2025