Conversations in Risk-Based Security

MLK Day & the Great Cybersecurity Employment Gap

Posted by Angela Dogan on Jan 21, 2019 4:34:50 PM

Lynx Technology Partners is a minority, veteran owned, woman lead company so we know firsthand the reason for the holiday. We understand that it was created to be a day of service. Our employees work hard to support our clients by performing services for them and going above and beyond the call of duty but they also do the same in our communities. There’s a HUGE GAP in Cybersecurity Careers and  part of our mission to serve the community is to educate others and expose them to Cybersecurity careers. So, this past week one of our own, Angela Dogan, Director of Vendor Risk and Compliance Services, spoke to the Atlanta Girls Schools, STEAM students about the meaning of Cybersecurity and all of the possible Careers in the industry. This is one of the many ways Lynx Technology Partners decided to perform their day of service.

Read More

2018 Best and Brightest Companies to Work For

Posted by Doug Yarabinetz on Jan 14, 2019 12:11:21 PM

Lynx proudly announces their selection as a National Best and Brightest Companies to Work For winner. This award recognizes companies that excel at employee relations, use innovation to motivate employees, implement creative compensation programs and more. Winners will be recognized by National Association for Business Resources (NABR) at the National Best and Brightest Summit – Illuminate 2019 symposium and awards gala on September 15-17, at the Renaissance Chicago Downtown Hotel, located at 1 W Wacker Drive, in Chicago, IL.

Read More

Personal Data, Privacy and Information Security

Posted by Mitch Sowden on Nov 19, 2018 1:52:58 PM

A privacy program can be multi-dimensional and broken up across the enterprise to align with where the competency lies. But the privacy professional must connect the dots across the whole program. Here are 5 examples of work-streams that could form a privacy program.

Read More

October brings National Boss's Day! Celebrating Our CEO, Gina Mahin

Posted by Kayla Badini on Oct 18, 2018 12:49:06 PM

In honor of National Bosses Day this month, we wanted to share an article posted by Security Current about our boss here at Lynx!

Gina Mahin, Chief Executive Officer, Lynx Technology Partners

Gina Mahin is a problem solver. It’s just part of her DNA. She puts that quality to work every day for the clients and partners of Lynx Technology Partners, where she is both CEO and role-model for her technical teams.

Read More

Are Your Cyber Warriors Combat Ready?

Posted by Sam Friedman on Sep 21, 2018 10:37:40 AM

Military strategy and training changes with every conflict and governmental paradigm shift. The only publication that has maintained relevance in the last 2500 years, is Sun Tzu’s The Art of War. I read this book only after I finished my military career, while I was studying for my degree in Counter-Terrorism, and only then could I relate back to my military service and understand why I was trained that way. Sun Tzu only talks about training once in the thirteen chapters but it is a chapter worth reading, “Victory goes to the army who has better trained officers and men [and women]”.

Read More

Topics: cyber range

What is the Business Case for MSSP?

Posted by Rajni Goel on Sep 4, 2018 10:59:24 AM

Much has been written about the benefits of an MSSP, especially if you are a big organization.  It allows for a consistent, centralized, and transparent view into your organization’s security platform.  But, how do you decide if an “in-house” security management program is effective enough? What is the cost-benefit analysis when deciding to budget expenses for in-house versus out-sourcing?

Read More

Topics: cybersecurity, MSSP

Case Study: Nuclear Industry

Posted by Teresa Maugeri on Aug 9, 2018 10:25:10 AM

Background:
The nuclear industry is struggling to meet compliance deadlines and find dedicated, knowledgeable resources who can be embedded into the existing workforce and function as a cohesive team. A typical nuclear plant contains thousands of Critical Digital Assets (CDAs) that need identified attributes collected and assessments conducted. With many plants identifying over 80 required attributes for each of thousands of devices, these projects can quickly become overwhelming.

Read More

Strategic Compromise Allows Attackers to Undermine Supply Chain

Posted by Doug Yarabinetz on Jul 9, 2018 2:24:51 PM

One-Fifth Of Enterprise Respondents Reported A Third-Party Breach according to Forrester's Top Cybersecurity Threats of 2018.

Strategic Compromise Will Allow Attackers To Undermine Your Supply Chain

Your partners are also under threat: 21% of global enterprise network security decision makers have experienced a security incident involving a third party . Third-party risk is frequently discussed as an exposure due to data shared with partner companies and data processors. This type of downstream risk can sometimes put people in mortal danger as with the TigerSwan breach, where a third party leaked resume information for foreign nationals that included admissions of their complicity with US forces and home contact information.  Too frequently, supply chain issues that are upstream to your organization are ignored and incidents go unnoticed and unpublicized.
Read More

Topics: cybersecurity

Practice Cyber Combat on a Cyber Range

Posted by Joseph Wilson on Jun 28, 2018 11:38:36 AM

Cyber security is a skill based occupation.  The only way to improve a cybersecurity expert skill set, is by accumulating hands-on experience.  Similar to fighter pilots, who don’t often face the challenges and threats of the real world , training cybersecurity experts can be effective only  by simulating hyper-realistic scenarios which allows cybersecurity individuals and teams to face a real threat, and improve their skills based on the experiences.

Read More

Topics: cybersecurity, cyber range

A Chat with Larry Newfield: Don’t Be an Information Hoarder

Posted by Joseph Wilson on May 24, 2018 10:27:23 AM

What are the most important principles in information security?
Data Minimization and Frictionless Security. Data minimization is a real key. You can’t lose, nor hurt clients’ privacy if you are not maintaining things someone wants to steal. This also makes it easier to protect what data you do have. If you have fewer categories of data, it is easier to sort out what you need to protect to the highest level versus elements that are not quite as sensitive, or about clients. In thinking about data minimization, you must always be asking: Why was this sent to us? Why should we be storing it? Are there govt regulations that force me to store it for a minimum timeframe?

Read More