Dan Lorenc

If the Red Team acts like villains to test critical systems, is the CISO Blue Team a cybersecurity superhero force? On this episode of the IT’S A Tech Podcast, Ben McFarland, NYSOC Shift Lead and Anthony Mosher, CIRT Incident Response Analyst share insights about how the Blue Team keeps NYS systems secure, what our guests learned at the recent NYS Cybersecurity Conference, and how you can also be a cybersecurity hero. https://lnkd.in/e99wtZ6p

18

1 Comment

🥁Drumroll, please....We’re thrilled to unveil the Zero Networks + CyberArk Integration live at this year’s CyberArk #Impact Conference, April 9–11 in #Boston! For the first time (in foreverrr🎵), #CyberArk customers can close privileged ports like 3389 (RDP) without adding friction to authentication or logon workflows. This game-changing integration enhances security by ensuring all RDP connections are routed through CyberArk's Privileged Session Manager (PSM). 📅 Don't miss Nicholas DiCola breakout session on Thursday, April 10th, 2:30 – 3:15 pm ET to get an expert’s view on how the integration: ✔️ Ensures operational continuity ✔️ Protects every asset with network #microsegmentation—stopping lateral movement and #ransomware in their tracks ✔️Applies Just-in-Time (JIT) #MFA at the network layer for airtight access control ➕More on the integration here: https://hubs.li/Q03g7xgJ0

62

8 Comments

MA is training the cybersecurity workforce of tomorrow. The MassCyberCenter’s Security Operations Center (SOC) / Cyber Range Initiative is an innovative model for cybersecurity resiliency & workforce development through CyberTrust Massachusetts. The SOC Range Initiative, utilizing $21 million in funding from the State of MA, supports the creation of Security Operations Centers (SOCs) at MA colleges to build a diverse cybersecurity workforce & improve statewide cyber resiliency. Through grants & partnerships like CyberTrust MA, the initiative addresses workforce shortages, underemployment & the need for affordable cyber training & business development hubs. A recent Boston Herald op-ed spotlights how CyberTrust MA is defending vulnerable communities while growing the cybersecurity talent pipeline. Read the article: tinyurl.com/bcyberh #MassCyberCenter #MassTech #Cybersecurity #WorkforceDevelopment #MassachusettsInnovation #CyberTrustMA 

9

🔒 With the rollout of NERC CIP-015-1, critical infrastructure is under even greater scrutiny. Our CISO Chad E. LeMaire chats with security leaders from Midcontinent Independent System Operator (MISO) and ISO New England Inc. about how we're helping them improve detection, investigation, and response capabilities, streamline compliance, and defend against advanced threats. ▶️ Watch the conversation: https://xtra.li/4mok1xV

42

Edgewater Federal Solutions, Inc.'s latest blog dives into how our R.E.A.C.T. (Rapid Exposure Assessment & Compliance Tracking) tool is transforming cybersecurity operations by detecting compromised credentials and identity threats before they escalate into incidents. 🔍 No internal access required 💡 Real enterprise use case 🛡️ Zero Trust-aligned Learn more about our R.E.A.C.T. tool here: https://lnkd.in/eQNquwpf #Cybersecurity #ThreatDetection #ZeroTrust #REACT #InnovationInAction

21

Jimmy Park and Kathryn Shih take a look at the players of autonomous remediation, and its role as a game changer for security and IT teams. Check out their key takeaways from the Autonomous Remediation – Market Map in this week's 30th #MarginofSafety blog: https://lnkd.in/dsMwnzV9 #autonomousremediation #DevOps #cybersecurity #agenticAI

9

In an IT world full of abstraction, overlays, and virtualization, it's important to remember the physical infrastructure that supports all those things. So let's get inside Mass IX, the Massachusetts Internet Exchange, to get a holistic view of the logical architecture and protocol mechanics of peering and Internet exchanges, as well as the iron, steel, and glass of Internet infrastructure that keep all the bits moving. Our guide is James Jun, IP Core Network Architect and Managing Director at TOWARDEX and the Director of Mass IX. We talk about how early exposure to Cat3 Ethernet cabling hooked James on networking, the operational and technical challenges of running an IX, and why James is excited about the future of colos. Listen here or wherever you get your podcasts - https://lnkd.in/d3YzwrPD

29

3 Comments

I was honored to take a sneak peek at the upcoming release of ‘Mastering Windows Server 2025’, written by Jordan Krause and published by Packt Publishing. The title, "Mastering Windows Server 2025," lives up to its name. It's a pragmatic, hands-on field guide that speaks the sysadmin language. It knows we operate in hybrid, regulated, uptime-obsessed environments. The tone is refreshingly direct (my preferred tone 😊 ), with step-by-step labs you could hand someone that is new to Windows Server and have confidence they won't break production. The book balances the core fundamentals we've relied on for years to include Active Directory, DNS, DHCP, and Group Policy all the while recognizing that we live in a cloud world. It's not just another dry manual. It's a guide to navigating the future while still respecting the past. A book must earn its place on a server veteran's shelf. This one does, and here are three key reasons why: 1. We've been hearing about "the hybrid cloud" for years. This book provides a clear, no-nonsense look at how to make it work. It dives deep into Azure Arc, not as a buzzword but as a tool for managing our existing, on-prem infrastructure. For the first time, we get clear guidance on how to use Arc-tied pay-as-you-go licensing and how hotpatching can give us monthly patches without reboots. Again, the author is direct about the benefits, like using Arc to manage a fleet of on-prem servers from a single pane of glass, which saves us from logging in to a hundred different boxes. 2. Remember the old days of in-place upgrades? We'd do a full backup, cross our fingers, and hope it didn't brick the server. This book highlights a critical feature we all wish we had years ago! Microsoft now supports N-4 jumps (2012 R2 → 2025) and even a Windows Update-driven upgrade. For anyone who must manage a "brown-field" estate with servers of varying ages, this is gold. It offers a clear, documented path to modernizing infrastructure without scheduling a week-long outage and bringing the entire business to a halt. The book's practical walkthroughs on this topic alone make it worth the price of admission. 3. We’ve been dealing with security since before it was cool. This book understands that. It emphasizes a secure-by-default posture by highlighting features like Credential Guard being on by default and the fact that SMB over QUIC is now native in Standard and Datacenter editions, not just Azure Edition. It gives you the "what to do now" and "what to plan for" by explicitly listing deprecations like NTLMv1 and older TLS versions. This section is a ready-made checklist for a security audit and gives us the ammunition we need to finally clean up old, insecure protocols we’ve been trying to retire for years. The book will be available on Veteran’s Day (November 11th) and is available for pre-order from Amazon at https://lnkd.in/gbZvQ9wh. #alwayslearning Reshma Raman

11

2 Comments

Tired of playing the compliance "checkbox game"? NYDFS, SEC, CMMC... It's easy to get lost in the sea of regulations. But surface-level discussions aren't enough to truly defend your environment. Tim Tipton Jr. recently spoke at the NYS Cybersecurity Conference, sharing how to decode these regulations and build unified, scalable compliance architectures that protect your business, not just your audit report. Discover how to move beyond compliance theater to strategic risk management: https://lnkd.in/gAFVHt96 #Arctiq #ArchitectSecurity #Compliance #NYSCSC #NYDFS #SEC #CMMC

15

The nightmare scenarios that keep cybersecurity experts awake. In the latest #GISEC podcast, John Ballentine (OT Cybersecurity Lead, Port Authority of NY & NJ) reveals how we can protect lives in critical infrastructure. Watch the full episode: https://lnkd.in/dUEEvH5t #CyberSecurity #CriticalInfrastructure #TunnelSafety #DisasterPreparedness #TechRisks #OTSecurity #HumanSafety Hosted by: Neet Bherwani

10

1 Comment