On The Terrace Tech

The Colorful Spectrum of Cybersecurity: The Various Views That Define Our Digital Defense In the colorful world of technology, everyone has a different vision. But when it comes to cybersecurity, these perspectives do not affect the usability of products only, they determine how we protect our tech stack.  The Security Strategists: The  Deep Blues of Defense Strategists are the type that analyze technologies with their analytical thinking skills and strategic planning skills, which are in the shades of blue and grey. They have a step-by-step approach toward each new technology: "What risks are there to this? How does this fit into our  defense-in-depth strategy?" To them, technology is not just the capabilities but a system with all its elements having to be tested for security before being accepted. They are for the systems that are robust and can withstand an attack while maintaining business operations, rather than having features that are pretty on the surface. The...

The Incident Response (IR) family of controls is designed to ensure that organizations have the capabilities, processes, and tools to effectively detect, respond to, and recover from security incidents. These controls are critical for maintaining the confidentiality, integrity, and availability of data when an incident occurs. IR-1: Incident Response Policy and Procedures Control Overview IR-1 requires organizations to establish and maintain incident response policies and procedures that clearly define the approach to handling security incidents. These policies must cover everything from identifying incidents to post-incident reporting. Example: A cloud provider works with a federal agency to create an incident response policy that includes detailed steps for identifying and reporting incidents, escalating issues, and ensuring timely recovery. The policy outlines the roles and responsibilities of the incident response team, as well as how communication will be handled internally and...

The Security Assessment (SA) family of controls, derived from NIST 800-53 Revision 5, plays a pivotal role in keeping systems secure over time. What Are the Security Assessment (SA) Controls? The SA family of controls focuses on ensuring that security controls are assessed for their effectiveness and are continuously monitored throughout the life of the system. This means checking whether the security measures in place are not only effective but remain effective and up-to-date as time progresses. For FedRAMP Moderate, these controls are crucial because: They ensure security controls are evaluated regularly. They support continuous monitoring for vulnerabilities or weaknesses. They establish corrective actions when necessary. SA-1: Security Assessment and Authorization Policies and Procedures Control Overview SA-1 requires the development of security assessment and authorization (A&A) policies and procedures. These procedures outline the process for conducting security assessm...

Understanding Protection (SC) These controls focus on protecting system boundaries, communications, and preventing unauthorized data exposure. Let's break down the key SC controls with examples. SC-1: Policy and Procedures This foundational control requires documented policies and procedures for system and communications protection. Example: SYSTEM AND COMMUNICATIONS PROTECTION POLICY Version: 2.1 Last Updated: 2025-01-02 1. PURPOSE This policy establishes requirements for protecting the organization’s cloud infrastructure and communications. 2. SCOPE Applies to all cloud systems within the authorization boundary. 3. POLICIES 3.1 Encryption Requirements - All data in transit must use TLS 1.2 or higher - All data at rest must use FIPS 140-2 validated encryption - Key rotation required every 365 days 3.2 Network Security - All external connections must traverse a DMZ - Firewall rules follow deny-by-default principle - Monthly review of access control lists 4. PROCEDURES 4.1 Firewall ...