
Josue Ledesma
Josue Ledesma is a writer, filmmaker, and content marketer living in New York City. He covers information security, tech and finance, consumer privacy, and B2B digital marketing. You can see his writing portfolio on https://josueledesma.com/Writing-Portfolio
-
Data Security
Jul 08, 2022
What is the CIA Triad?
When most people think of the CIA, they picture suits and ties, espionage, and James Bond. But the CIA triad (which stands for confidentiality, integrity, and availability) protects organizations from a different type of danger. The CIA triad we’ll be discussing is a security model designed to guide an organization in establishing its security infrastructure. It consists of key principles and objectives for information security programs and strategy development.
Josue Ledesma
5 min read
-
Data Security
Jun 30, 2022
IDS vs. IPS: What Organizations Need to Know
Network administrators need to employ tools to protect their network and prevent malicious actors from gaining access. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) are categories of tools commonly used for this purpose. It’s important to know the difference between them, which are best for certain types of organizations, and how to maximize their effectiveness.
Josue Ledesma
5 min read
-
Data Security
Jun 29, 2022
What is Open XDR? Benefits and Security Comparisons
In an ever-changing cybersecurity environment, organizations must adapt their security tech stack in order to better secure themselves. As environments get more complicated, open XDR has emerged as an advanced detection and response tool companies should consider.
Josue Ledesma
5 min read
-
Data Security
Jun 24, 2022
Evil Twin Attack: What it is, How to Detect & Prevent it
As Wi-Fi has become increasingly abundant across many private and public spaces, it has become a breeding ground for malicious hackers and bad actors. One of these attacks is known as the evil twin attack, which takes advantage of individuals looking to connect to Wi-Fi via their devices.
Josue Ledesma
5 min read
-
Privacy & Compliance
Jun 03, 2022
NIST 800-53: Definition and Tips for Compliance
Not all organizations have the cybersecurity expertise to build their own security team, processes, and systems to protect, secure, and proactively take care of their companies. Some use frameworks, like the NIST 800-53 to help guide and implement the right security controls in place. In this article, we’ll go over the NIST 800-53 framework, identify the companies that need to comply with the standard, and how you can use it to improve your own company’s security posture. Quick review: What is NIST 800-53? Who must comply with NIST 800-53? What is the purpose of NIST 800-53? What is the difference between NIST 800-53 and other frameworks? What are the benefits of NIST 800-53? A breakdown of security and access control families in the NIST 800-53 Framework NIST 800-53 compliance best practices
Josue Ledesma
4 min read
-
Data Security
Apr 07, 2022
CCSP vs. CISSP: Which One Should You Take?
As part of your professional development in the cybersecurity industry, you’re likely going to face a decision on which certification you should obtain first. This usually pits CCSP and CISSP against each other and what you should choose depends on several key considerations.
Josue Ledesma
5 min read
-
Data Security
Mar 18, 2022
What Is a Botnet? Definition and Prevention
The majority of cyberattacks these days come in the form of automated attacks, made possible by botnets. But what is a botnet? It’s a way for hackers to leverage a collection of compromised devices to carry out various types of attacks.
Josue Ledesma
4 min read
-
Data Security
Dec 08, 2021
What is an APT?: Advanced Persistent Threat Overview
An advanced persistent threat or APT is an attacker that lurks within your environment for an extended period of time, drops malware and other malicious software in your environment, and exfiltrates valuable data.
Josue Ledesma
4 min read
-
Data Security
Oct 12, 2021
gMSA Guide: Group Managed Service Account Security & Deployment
In any organization, there are a number of automated tasks, applications, or devices running in the background of any device across a network. One of the best ways to manage and secure these automated processes is to leverage group Managed Service Accounts or gMSAs.
Josue Ledesma
5 min read
-
Data Security
Aug 04, 2021
What is Two-Factor Authentication (2FA) and Why Should You Use It?
Two-factor authentication (2FA) is one of the most effective ways to reduce the risk of your employees falling victim to an account takeover, potentially exposing your organization’s sensitive assets and accounts.
Josue Ledesma
5 min read
-
Data Security
Aug 04, 2021
What is Threat Modeling and How To Choose the Right Framework
Threat modeling is a key responsibility for any cybersecurity team that is looking to protect their organization and their organization’s assets. It’s designed to help cybersecurity teams proactively find and identify potential risks and threats, working through scenarios, response models, and other forms of threat detection.
Josue Ledesma
5 min read
-
Data Security
Jul 07, 2021
Everything You Need to Know About Cyber Liability Insurance
Cyber insurance is a necessary component of any IT or cybersecurity department responsible for protecting the assets, data, reputation, and bottom line of a company in the face of cybersecurity threats. While prevention is an important aspect, there’s no tool, solution, or strategy that’s 100% guaranteed to prevent a company from succumbing to a potential attack.
Josue Ledesma
4 min read
SECURITY STACK NEWSLETTER
Ready to see the #1 Data Security Platform in action?
Ready to see the #1 Data Security Platform in action?
“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”
Michael Smith, CISO, HKS
"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."
Deborah Haworth, Director of Information Security, Penguin Random House
“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”
Al Faella, CTO, Prospect Capital