In an IT world where budgets are shrinking but responsibilities are growing, it’s becoming far too commonplace to see teams of only one or two people attempt to manage technology for an entire organization.
Not only are they trying to manage a data center, they are also tasked with managing an entire workforce and the inevitable load of tech-related issues that come with it.
When it comes to juggling many different responsibilities, some things may slip through the cracks. That’s life – it happens. But when it comes to your organization’s data security – you want to make sure that security is not the project that falls behind in maintenance. Businesses can’t afford to be hacked, and not just because data would be lost. It also affects the bottom line. If the average server rebuild costs $60,000, having to rebuild multiple compromised servers can quickly become costly.
So you’ve hired an IT guy who doesn’t have a background in security. (Not everyone can be as skilled as our Security Evangelist, Dave Plzak.) When it comes to security – information is key. Here are three free resources that the Sentinel IPS team recommends for those starting out in security:
The SANS Institute is a security research and education organization that provides training and certifications. But what may be more valuable to the people looking to quickly learn more about security are the continually updated papers, blogs, webcasts and newsletters maintained at the organization’s web site. The site hosts more than 2,000 white papers and 10 separate blogs.
The institute is also the organization behind the Internet Storm Center, a provider of free analysis and warning services to thousands of Internet users and organizations. The center actively works to fight back against malicious attacks by collecting millions of intrusion detection log entries every day from more than 500,000 IP addresses in over 50 countries.
Visit the SANS Institute web site at Sans.org.
Dark Reading is another security community. Like the SANS institute, the site includes access to current research, news and commentary. Hosted by Information Week, Dark Reading focuses on 10 areas of security: attacks and breaches, application security, cloud security, data leaks and insider threats, endpoint security and privacy, mobile security, network and perimeter security, risk management and compliance, security management and analytics, and vulnerabilities and threats.
You do have to register for the site, but registration is free and worth it. On top of getting to read an unlimited number of articles, you can also get involved in the discussions following each.
Read Dark Reading at DarkReading.com.
While the SANS Institute and Dark Reading and many other security-focused sites are very regularly updated, there’s nothing like the immediacy of social media for keeping up on the latest in security.
Security sites, magazines and experts are all on social media talking about latest threats and trends. Take well-known security expert Brian Krebs for example. Not only does he run the popular blog Krebs on Security, but he also has active accounts on Twitter and Facebook.
And Krebs isn’t alone. There’s a great community of network security people out there on social media. If you haven’t already, create your own social media accounts and start following network security professionals and journalists.
On Twitter? Follow these people and organizations for security news & insights:
Brian Krebs @briankrebs
Sentinel IPS @sentinelips