[Carlos Martes]

In 2020, major security concerns included ransomware attacks, phishing scams, and data breaches, especially as many people stated working from home due to the pandemic. Cybercriminals took advantage of weak home networks and unpatched systems. Phishing emails pretending to be from health organizations also became common, tricking users into giving away their personal information or installing malware. Companies responded by improving cyber awareness training, requiring multi factor authentication and using VPNs to secure remote connections. Many organizations also increased their investments in cloud security endpoint protection tools to monitor and defend devices outside the office. another key response was better incident response training, ensuring quick recovery if an attacked occurred. These actions helped businesses adapt to the growing cyber threats and protect sensitive data while maintaining productivity in remote work environments. Overall, 2020 was a year that highlighted how essential cybersecurity is for every organization.

[Carlos Martes]

One of the Top 10 OWASP security principles is broken authentication and session management. This principle focuses on protecting user account and sessions from being hijacked or misused. If authentication processes are weak, like using default passwords, not enforcing strong password policies or even allowing sessions to stay active too long, attackers can easily gain authorized access. Once inside, they can steal data, impersonate users, or damage systems. Implementing proper controls such as multifactor authentication, secure password storage ( using hashing and salting), and automatic session timeouts is critical to prevent this. It’s also important to avoid exposing sensitive information in URLs or logs. This principle is vital because authentication is often the first defense line in any system. It it fails, all other protections can become useless. Ensuring strong and secure authentication helps maintain the confidentiality, integrity and trust of both users and the organization.

[Carlos Martes]

Hello Caleb!
Great points i should say. I agree that mobile threats have grown more advanced with AI-driven scams and data collection. your mention of phone addiction is also important because it often is overlooked as a security and mental risk. Awareness, balance and consistent device updates are essential to maintaining privacy and well being.

[Carlos Martes]

Mobile devices face several potential risks that continue to evolve with technology. One major risk is malware, often disguised as legitimate apps or downloads, which can steal data, track activity, or gain unauthorized access to accounts. Phishing attacks have also increased, where hackers send deceptive messages through email, txt or social media to capture login credentials or financial information. Additionally, public WIFI networks pose serious security threats because they allow attackers to intercept data or inject malware. Another concern is outdated software, which leaves devices vulnerable to known exploits. Lost or stolen devices can also expose personal and corporate information if proper encryption or remote wipe features are not enabled. To protect themselves, users should regularly update software, avoid suspicious links, use strong passwords, enable multifactor authentication, and connect only to secure networks. These precautions significantly reduce the risk of compromise and safeguard data.

[Carlos Martes]

Thanks Nick! The team would escalate incidents based on impact and urgency, minor issues would go to support leads, while major incidents reach management and security. Only authorized communication officers address customer or media. Also include evidence handling procedures, saving logs, screenshots and cloud data for forensics and also future legal reference.

[Carlos Martes]

Hello Misty,

Great response! I like how you explained the value of third party audits in keeping companies trustworthy and compliant. You made it clear how they helped identify risks, improve operations and build stronger reputations. Your summary also shows why outside reviews are basically important for long-term success.

[Carlos Martes]

A competent incident response within a company requires clear policies that guide employees and management on what to do during a security event. First, there should be an incident response policy that defines roles and responsibilities making sure everyone knows who to contact and what actions to take. This avoids confusion during crisis. Second, a communication policy is important to control how information is shared both inside and outside the organization. This prevents the spread of false details and protects sensitive data. Third, a data protection and backup policy ensures that important information can be recovered quickly if compromised. Regular testing of backups should be also included. Additionally, an access control policy limits who can access critical systems, reducing the chance of insider threats. Finally, a training and awareness policy helps employees recognize threats and act quickly. Together, these policies build a strong effective response.

[Carlos Martes]

A third party audit is valuable because it provides an independent and objective review of an organizations processes, security and compliance. Unlike internal reviews, outside auditors can see weaknesses or risks that employees might overlook. This helps build trusts with customers, partners and regulators by showing that the organization is committed to transparency and accountability. One of the biggest benefits of a third party audit is proving compliance with industry standards, such as ISO, HIPAA or PCI-DSS. Meeting these requirements helps avoid legal or financial penalties and strengthens the organizations reputation. It also reassures clients that their data and interests are being protected. Additionally, audits often identify areas for improvement, leading to stronger internal controls and better efficiency. While they can be time consuming, and costly, the long term benefits such as risk reduction, customer confidence, and industry credibility, make them essential for sustainable business growth. Hope this helps!

[Carlos Martes]

Personally, I see Jesus as my Lord and Savior, my King, my advocate and of course a gentle Father. I have been reading His words almost daily, trying to reflect and trying to walk with Him through my journey. I understand that it is a lifelong journey, but it is a well worth gift to be able to spend an eternity with Him in the end. I have not sense any of my spiritual gifts yet, but i am letting Him wait for the right time to reveal that to me in His will. There are some days where it is hard and not be distracted by worldly things, but at the end of the day, i always try to talk to him and ask for forgiveness of the things i shouldn’t have done. The Holy Spirit inside is our guide, and since my salvation, I have been hungering to learn more and to be closer to him more than ever.

[Carlos Martes]

Hello Isabelle!
Great post! When planning a network, policies are very important because they guide security and user access. Each organization is different, but policies help create order, protect information and ensure compliance with laws. Clear rules for privacy, permission and remote access make the network safer and easier to manage for everyone. Thanks for a great month guys! Blessing to all.

[Carlos Martes]

When you are planning a network, strong design policies are very important to ensure the system works well both now and in the future. One of the most critical policies is security. A network must have rules that control who can access it and how data is protected, such as through firewalls, strong passwords and encryption. Without security, the network becomes an easy target for attacks. Another key policy is scalability. A good network design should be able to grow as the company or organization grows. This means making sure there is room to add new devices, users, and applications without needing to completely redesign the system. Finally, a quality of service policy helps keep important traffic flowing smoothly. By prioritizing business critical applications such as video calls or database access, the network reduces delays and ensures users can stay productive. Together, these policies create a reliable and an effective network.

[Carlos Martes]

I find this devotional very interesting. To me, it explains that God has given us everything we need. When He explains “standing idle in the marketplace”, it can mean that even though God has given us spiritual gifts to work in His kingdom, we tend to often be distracted by what’s around us, chasing after things that aren’t necessarily important, but rather on His glory. We often find ourselves seeking constantly for that ministry of of work that we are called to do, but as life goes on, standing still, we become engulf in those moments. When we allow these distractions, it takes away of of building His kingdom. staying vigilant, patiently, and trusting Him fully will allow us to pursue that focus and enjoy what He has bestowed upon us.

[Carlos Martes]

Great explanation Isabelle!
You made it clear how virtual cloud environment’s differ. Virtualization relies on one computers resources to create multiple machines, while cloud computing pulls from many computers over the internet. That helps how why cloud computing is more flexible for scaling up or down, especially for business that grow quickly. I also like how you pointed out that virtualization needs a hypervisors, while cloud computing relies on internet based tools. The difference is important since it shows the technology behind both methods.

[Carlos Martes]

This topic is very deep, only because I fall victim in thinking that I need to be able to do good things, only to remind myself that no matter what I do or anyone does, we can never be perfect. We have to accept that and strive to actively rely, love and share our walk with Christ towards everyone. I honestly do not consider myself a good person, only because of things I have done in the past, but it doesn’t not hinder my belief and love for Him. Jesus stated that we must pick up our cross daily, meaning that everyday is an ongoing battle, a spiritual warfare that everyone endures once they have accepted Jesus as their Lord and Savior. It is NOT an easy route, but a route worth enduring just to be with our Father eternally.

[Carlos Martes]

A virtual environment an a loud environment share similarities, but they are different in key ways. First, a virtual environment runs on a local server or computer where multiple virtual machines share the same physical hardware. A cloud environment, on the other hand, delivers these resources over the internet from remote data centers. Second, virtual environments usually require the organization to buy, manage and maintain its own hardware, while cloud environments reduce that burden by letting third party provider handle infrastructures. Third, scalability differs in which virtual environments have limited capacity based on existing hardware, while cloud environments allow quick scaling up or down on demand making them more flexible and cost efficient. In short, virtualization focuses on creating multiple systems on one machine, while cloud computing delivers shared on demand resources remotely, combining virtualization with network access, storage and managed services.

[Author]

Posts