LOGIN

Blog

In the News Legislating Software Security Read More
March 2, 2023 -

Today when I sat down to work, I had a number of questions sitting in Twitter and Slack about a Wall St. Journal article covering a new national cybersecurity strategy focus on insecure software. The headline was "Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity." As a software security professional, I […]

Read More
Philosophy Hierarchy of Security Needs - Part 2 Read More
February 28, 2023 -

In our first post on this topic, we introduced the Hierarchy of Security Needs and tied it to psychology and why we thought it fit nicely in a discussion of security maturity. The TL;DR of that post is that it is handy to have a model for how foundational a particular security tool, function, control […]

Read More
Matt's Take Acknowledging Carri Craver Read More
February 28, 2023 -

I never thought about writing a post like this, but I can't think of much else to do in this moment so ... here goes. Yesterday, another DFW entrepreneur pointed me to this heartbreaking post on LinkedIn sharing the news that Carri Craver passed away last weekend. I met Carri at a BigDOCC (Big D […]

Read More
Getting Started in Cybersecurity Read More
February 28, 2023 -

At Jemurai, we understand that the thought of cyber attacks can be overwhelming and concerning. For over a decade, we’ve helped clients with Application Security, Penetration Testing, and other aspects of cybersecurity consulting. In that time, we created a tool called securityprogram.io (SPIO) where clients can manage their security program in a straightforward framework which […]

Read More
Implementing a Security Program with SPIO Read More
February 28, 2023 -

Jemurai is a developer-focused cybersecurity firm that aims to help client teams make pragmatic decisions about audits, code, infrastructure, and processes. After years of consulting engagements, we discovered that many start-up to mid-sized businesses needed an easier way to implement a security program not only to have a strong security posture but also to handle […]

Read More
Introduction to Security Standards Read More
February 28, 2023 -

A security standard is a framework that an organization can use to improve their cybersecurity posture. Each set of standards outlines techniques for protecting the cybersecurity environment of a user or organization, including networks, devices, software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks. […]

Read More
Introduction to Security Training Read More
February 28, 2023 -

Your organization’s security posture might have world-class policies and procedures in place, but that won’t matter if your staff doesn’t know how to adhere to them and implement them. All members of your staff should have security awareness training, as well as training around any specific policies that must be adhered to, and training around […]

Read More
Introduction to Procedures Read More
February 28, 2023 -

A procedure documents, in operational detail, how to perform specific tasks to ensure adherence to and compliance with a cybersecurity policy. Some procedures may be explicitly related to security, such as how to reset a password.  Others may be more general, such as requiring background checks during the hiring process. That is one reason these may […]

Read More
Introduction to Security Policies Read More
February 28, 2023 -

Security policies are documents that help to define expectations around security, ensuring the confidentiality, integrity, and availability of information and resources within an organization.  They serve as a guiding landmark for navigating security.  When thought of abstractly, policies can be considered as the “what” is going to be done. Once approved and implemented, security policies […]

Read More
Vendor Management Start Here: Vendor Management Read More
February 7, 2023 -

Vendor management concerns all of the vendors, partners, or subcontractors your organization relies upon in order to operate. With the rise of remote working, your staff is probably leveraging a variety of digital tools to ease collaboration and communication. Your security posture is only as good as the security used by the vendors you partner […]

Read More
1 2 3 12
Menu
Menu
© 2019-2023 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram