Areas Of Expertise
Areas Of Expertise
Michael is an Information Security Professional with 13 years of proven experience. He has experience leading and supporting security projects and initiatives in the healthcare, finance, and advertising industry.
Michael is the founder of CyberSwan Security Solutions, helping SMBs develop effective security strategies. Michael specializes in Data Loss Prevention, implementing and supporting DLP in medium and large global organizations. His expertise lies in providing a DLP road map to protect your confidential data at the endpoint, in transit or network, or data at rest.
Michael currently serves as editor-in-chief and technical writer for PurpleSec.
Recent Articles:
Is your organization in need of a cyber security leader? Find out how a Virtual CISO can manage your security strategy, oversee compliance, and provide staff augmentation.
In this article, we’ll explore the importance of virtual CISOs, their roles and responsibilities, and the top 10 benefits they offer.
A Virtual CISO (vCISO) cost depends on factors such as expertise, business size, and experience, with pricing structures like retainers fees, hourly fees, project-based fees, and equity compensation.
A virtual Chief Information Security Officer (vCISO) is an executive level security professional hired to guide the planning, development, implementation, and on going maintenance of a cyber security program.
The main difference between vulnerability assessments and penetration testing is that vulnerability assessments identify potential weaknesses in an organization’s IT infrastructure through high-level security scans. Penetration testing goes a step further by simulating real-world attacks to test the effectiveness of security measures and provide a more in-depth analysis of the organization’s security posture.
A vulnerability assessment is the process of identifying vulnerabilities and classifying risk in an infrastructure. The assessment also seeks to identify weaknesses in all connected systems to determine the most effective security measures.
Vulnerability management is the process of identifying, prioritizing, and mitigating vulnerabilities in an organization’s systems and networks to reduce the risk of cyber attacks and protect against potential threats.
The top best practices for managing vulnerabilities in the cloud in 2023 include establishing KPIs, staying up to date with threat intelligence feeds, utilizing a vulnerability database repository, and leveraging automation, AI, and ML.
We help you identify and define the top key metrics that your organization can implement to track the progress and state of your vulnerability and patch management programs.
Security awareness training is a formal process that seeks to educate its members about security practices as outlined in the organization’s corporate policies and procedures.
Wireless attacks can be prevented by Turning off unused networking features, Not broadcasting your SSID, Changing the default password and secure it with a strong password…
Network attacks can be prevented by Using an Anti-virus solution, implementing a network monitoring tool, Avoiding trust relationships with unknown entities, Enabling cryptographic network protocols…
If the report contains pages of vulnerabilities and is not clearly presented to your executive management team, it will be difficult to receive continued support for future investments.
In this article, we will explore in detail the factors that determine the average time to patch, and review how PurpleSec’s vulnerability management solution can help reduce the average time to patch your vulnerabilities.
There are 10 steps to building a cyber security program including conducting a security risk assessment, selecting a cyber security framework, developing a cyber security strategy, developing a risk management plan, reating security policies and controls, securing your network, data, and applications…
There are 8 steps to a network security plan which include: Understand your Business Model, Perform A Threat Assessment, Develop IT Security Policies & Procedures, Create A “Security-First” Company Culture, Define Incident Response, Implement Security Controls…
Network security is a combination of technologies, devices, and processes designed to protect an organization’s network infrastructure from unauthorized access, exploitation of its corporate resources, improper disclosure, and denial of services.
There are 5 main steps in performing a successful HIPAA risk assessment including defining key concepts and information flows, defining threats and vulnerabilities, conducting an initial risk assessment, developing control recommendations, and conducting a residual risk assessment.
There are three main types of security controls including technical, administrative, and physical. Most controls in cyber security can be classifed as one of these three types.
CYBER ATTACKS
Cyber attacks and threats can be prevented by being aware of the various types of protocols, exploits, tools, and resources used by malicious actors.
DLP expert Michael Swanagan reviews the best DLP software vendors on the market and provides his insights learned from over 13+ years of experience.
Incident response is one of the 14 requirements outlined in the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171—Protecting Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations, and enforced by the U.S. Department of Defense (DoD).
Data Loss Prevention is a strategy that detects potential data breaches or data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use (endpoint actions), in-motion (network traffic), and at rest (data storage).
Smishing is a cyber attack that uses SMS text messages to mislead its victims into providing sensitive information to a cybercriminal.
Vishing attacks, or voice phishing, is a form of social engineering that attempts trick users into giving up personal or financial information.
MANAGED SECURITY
Endpoint detection and response (EDR) provides an additional layer of endpoint protection that is lacking with traditional anti-virus software.
MANAGED SECURITY
Security Information and Event Management (SIEM) solutions are implemented by businesses to support the management of incidents and events produced by multiple data systems.
MANAGED SECURITY
The main difference between an intrusion detection system (IDS) and an intrusion prevention system (IPS) is that an IDS is used to monitor a network, which then sends alerts when suspicious events on a system or network are detected…