Use a Risk Assessment to Kick off a Robust Information Security Program in 5 Easy Steps
Learn how to leverage a risk assessment to quickly jump-start an Information Security Program (ISP). These five steps will help your organization take a successful risk assessment and turn it into actionable items to improve security.
5 ‘Quick Wins’ Small Business Can Achieve to Massively Improve Security
Quick Wins are easy adjustments or configuration changes, often without purchasing additional software or licenses, that can pay dividends in reducing cybersecurity risk to an organization.
AI Impact on Small Business Cybersecurity
With the explosion of AI headlines in recent months, what security implications do small businesses face? In this post, explore recent AI / GPT advancements and how to become more resilient to AI assisted threat actors.
Learning From Security Headlines - May 2023
Review some of the top security headlines of May 2023 and how they offer lessons to improve security.
The Safeguards Rule and What it Means for Small Businesses
The Safeguards Rule compliance deadline is June 9th, 2023. Learn which organizations are impacted and what requirements must be met to ensure compliance.
Year in Review: 2022 Small Business Security Report
After our inaugural year, Thoreson Consulting is excited to provide insight into the challenges that small business face when it comes to cybersecurity.
Building a Cybersecurity Strategy: Endpoint & Server Hardening
Building a Cybersecurity Strategy: Endpoint & Server Hardening
Building a Cybersecurity Strategy: Vulnerability Management
Effectively running a vulnerability management program can be extremely challenging as there are so many flaws and vulnerabilities released every day. It is imperative to have a plan in place so that the ones that really matter are addressed in a timely manner.
![How to Gut a Phish [Dissecting a Phishing Email]](https://images.squarespace-cdn.com/content/v1/6188193b83e39013a5df2da7/1694713129637-IZKMHT1CGOKH02B734CU/daria-nepriakhina-guiQYiRxkZY-unsplash.jpg)
How to Gut a Phish [Dissecting a Phishing Email]
I received an email today informing me that the ThoresonConsulting.com domain could not be renewed. Lets dig into how we recognized this as a phishing attempt and learn how attackers prey on phishing victims.
Building a Cybersecurity Strategy: Identity Access Management
Identity Access Management has everything to do with the ‘Who’ of and organization. All the various types of accounts and their associated privileges fall into this category. Without strong Identity Access Management practices, the compromise of a single user can spell disaster for an organization.
Building a Cybersecurity Strategy: Asset Management
The first, and arguably most important, fundamental component to ‘Building a Cybersecurity Strategy’ is Asset Management. The reason is simple:
It is impossible to secure something if the organization is unaware it exists.
Building a Cybersecurity Strategy: Introduction
Running a business is hard enough as it is without having to worry about hackers putting you or your customers at risk.
Throughout the series, the most important fundamentals of cybersecurity will be distilled into applicable takeways that organizations can leverage to improve their resiliency to attack.
Staying Safe in the Current Cyber Threat Landscape
With the current geopolitical headlines, now more than ever is the time to become aware of what cyber threats exist and what mitigations can be put in place. This post serves as a quick, high-level, reference explaining common attack vectors and offering several key steps to take in hardening your organization.