Blog Grid

The Crucial Function of Cybersecurity Policies in Organizations

October 3, 2023

The importance of cybersecurity cannot be emphasized enough in today’s connected society. Digital technology is at the core of every part of our lives; therefore, organizations must construct their defenses against cyber-attacks using cybersecurity policies as the framework. In this post, we will go into what typically makes up a security policy, as well as how to distinguish between control objectives, standards, guidelines and procedures. We will also look at why cybersecurity policies are so essential.

A Roadmap to Developing Your Community Cybersecurity Program

April 17, 2023

To help you get started in developing your community’s cybersecurity program, the CIAS-ISAO has four initial, critical steps to guide you. Each step includes specific ways to help you accomplish them.

Collaboration and Consensus: Using the MITRE ATT&CK Framework

February 15, 2023

The MITRE ATT&CK framework is one of today’s most significant and publicly available cybersecurity knowledge bases. Organizations, cybersecurity analysts and practitioners should use MITRE ATT&CK because it fosters greater awareness of the security posture by gaps in defenses. More importantly, the ATT&CK lists methods to mitigate or interrupt attacker attempts to perform the specific technique. Moreover, the framework is designed to be used at all levels of the organization, from analysts to leaders. This article highlights the framework’s tactics with examples of how to share information within your organization.

Introducing Alan CyBear, the Smokey of Cybersecurity

November 14, 2022

The cultural icon Smokey Bear, with his yellow hat and wildfire prevention tagline, has been familiar to Americans for decades. Likewise, McGruff the Crime Dog, who encouraged the public to “Take a bite out of crime.” These famous characters has helped encourage a culture of security. But what about a culture of cybersecurity?

Since cybersecurity is a shared responsibility, the UTSA Center for Infrastructure Assurance and Security (CIAS) has launched Alan CyBear™, a new mascot to promote a more secure nation through cybersecurity awareness, prevention and defensive efforts.

Think like a Hacker, a Defense Strategy

October 18, 2022

A good defense requires that IT security professionals think like an attacker to defend their organizations tactically and preemptively. In general, security professionals need to develop “oblique thinking,” enabling an adversarial mindset that focuses on identifying assumptions and determining if and how these assumptions can be violated. This article focuses focus on the (1) reconnaissance, (2) scanning (3) and gaining access phases of hacking and how to defend against them.

Engaging your Leadership in Cybersecurity

September 14, 2022

Over the years, the security industry has been encouraging the highest levels of leadership to become more involved and knowledgeable in cybersecurity. Organizational leaders that need to be aware of cybersecurity are at all levels. Leaders can be the CEO, the board of directors, the school superintendent, a department head or a team lead. These leaders do not focus on the cybersecurity day-to-day details, but they do have unique roles in helping their organizations manage cybersecurity threats. Now is a great time to work with the leaders in your organization to be more cyber-knowledgeable and cyber-prepared.

Incident Response – Lessons to be Better Prepared

June 21, 2022

Incident response addresses the question: “How well did you prepare?” Your response to that question is directly related to your preparation. This supports the adage that an ounce of prevention is worth a pound of cure—or response. This article takes a look at five basic lessons to consider when mitigating incidents to help you prepare and prevent a potential cyber incident.

Incident Response Plans (Webinar)

June 7, 2022

Incident Response Plans are critical to an organization's ability to minimize damage caused by threats, including data loss, abuse of...

A Whole-Community Cybersecurity Program

March 17, 2022

A community with an established cybersecurity program and established information sharing processes will be much more likely to be able to effectively respond to cyber events impacting them. This article introduces the topic of whole-community cybersecurity programs and five key reasons why they are needed.

An Introduction to the CISA Reporting System (Webinar)

February 14, 2022

Register for a one-hour webinar on October 26th with the CIAS-ISAO Associate Director of Technology and Research Dwayne Williams, as he provides insights into no-cost tools that can help you monitor and secure your organization’s IT infrastructure.

How the CIAS-ISAO can Assist You with Your Cybersecurity Program

February 9, 2022

The CIAS-ISAO was established to help states, local jurisdictions, tribes and territories (SLTTs) to establish comprehensive cybersecurity programs by using the Community Cyber Security Maturity Model (CCSMM). This multi-dimensional model provides a roadmap and common point of reference for organizations looking to create viable and sustainable cybersecurity programs.

No Cost Training Resources through the NCPC

January 19, 2022

Since 2004, members of the National Cybersecurity Preparedness Consortium (NCPC) have been working with the Department of Homeland Security (DHS) to provide research-based, cybersecurity training, exercises and technical assistance to local jurisdictions, counties, states and the private sector. These resources are available at no cost to participants! Learn more about these resources here!

Have You Identified Your IT High Value Assets?

November 11, 2021

In today’s increasingly connected world, it is more important than ever to ensure an organization’s information and information systems are protected from cyber threats. Every organization has critical information and technology assets that are essential and require enhanced security. However, due to finite organizational resources, a deliberate and strategically-focused approach is needed to identify – and secure – the most important assets. Gain a better understand of why formally identifying your high value assets – and mission essential functions – are critical to supporting your organization’s ability to conduct business.

Combatting Disinformation

October 20, 2021

The Center for Infrastructure Assurance and Security (CIAS) at The University of Texas at San Antonio has frequently used disinformation and misinformation in its community cybersecurity exercises to impact the ability of first responders to accomplish their mission. Consequently, it is our recommendation that communities need to be prepared to counter disinformation attacks that may occur in the community.

Basics of Identification and Risk Management

September 10, 2021

When it comes to cybersecurity, it is common to hear statements that you can’t protect against all attacks and be absolutely secure. Because of this, the goal of organizations should not be to try and make their computer systems and networks absolutely secure but rather they should concentrate on managing the risk to the organization. One necessary factor in risk management is an understanding of your IT environment including what systems and software you utilize.

Communities to Become More Cyber Secure Thanks to $1.67 Million NSA Grant

September 7, 2021

The National Centers of Academic Excellence in Cybersecurity, as part of the National Security Agency (NSA), has awarded a grant in the amount of $1.67 million to the CIAS to help communities become more cyber secure nationwide. The CIAS will work with multiple communities during the two-year grant, beginning with Angelo State University and the city of San Angelo.

Members: Register Here for Free Access to the No Cost Tools Webinar for Improving Your IT Infrastructure

September 2, 2021

As a member, your ticket to the upcoming Webinar “Continuity Planning” is FREE. Just go here to register.

Low Cost Tools Webinar to Improve Your IT Infrastructure on Oct 26

September 2, 2021

Article on Creating a Culture of Security in K12 Education

A Culture of Cybersecurity Begins with Hometown Security

August 17, 2021

Cyberattacks are occurring at the state and local level, impacting government, small businesses, academia and industry sectors, which ultimately impacts the individuals throughout the community. A whole-community approach needs to be taken by communities to protect their citizens. This begins at the K-12 level, helping educators access the tools and resources they need to create better cyber-aware citizens and support a growing cybersecurity workforce.

Attacks on Critical Infrastructures and Protecting Them

July 7, 2021

We know our infrastructures are targets for cyberattacks, both for cyber criminals as well as nation-states. Understanding the types of cyber attacks on critical infrastructure provides lessons on how to defend and protect against such attacks. This article also provides 11 steps that communities can take to prepare for an attack on one or more of their critical infrastructures.

Load More Posts

Beautiful way to show your posts