by Heath Gieson Years ago, I worked with a client to implement multi‑factor authentication across their organization. As part of the project, they gave us a list of users who required MFA and explained that this represented all the active users in the business....
Trending at Forthright.
Why “Default Closed” Is a Business Advantage: CIS IG1 Controls 4.4 and 4.5
by Heath Gieson Some attacks are sophisticated. Weeks of reconnaissance, carefully crafted messages, and quiet exploitation in the background. But plenty of real-world incidents begin with something far simpler: a device answering traffic it never needed to...
The Unlocked Screen in the Corner Office: What CIS Control 4.3 Requires and Why Biometrics Make It Easier Than You Think
by Heath Gieson Some attacks are sophisticated. Weeks of reconnaissance, carefully crafted phishing emails, vulnerabilities quietly exploited in the background. But some of the easiest wins for an attacker require nothing more than a moment of opportunity and an...
Secure by Design, Not by Accident: CIS Controls 4.1 & 4.2
by Heath Gieson Every device you deploy and every application you install arrives configured for ease of use, not security. When was the last time someone examined the configuration of your network switch? What about the network-connected printer that has been sitting...
CIS IG1 Control 3.6: Encrypt Data on End User Devices—Because Lost Doesn’t Have to Mean Exposed
by Heath Gieson As we continue our weekly journey through the CIS IG1 controls, each safeguard builds on the operational foundations we’ve been establishing from the very beginning of this series. Our early controls focused on visibility—knowing what assets exist,...
CIS IG1 Spotlight: Why a Software Inventory Is More Than a Security Requirement
One of the themes we keep hitting in the CIS IG1 series is simple: you can’t protect what you don’t know you have. That’s true for hardware—and it’s...
CIS IG1 Control 1.2: Why Addressing Unauthorized Assets Matters—and How to Do It Easily
When we kicked off this series with Control 1.1: Establish and Maintain a Detailed Enterprise Asset Inventory, we focused on the Identify security...
CIS IG1 Control 1.1: Establish and Maintain a Detailed Enterprise Asset Inventory
By Heath Gieson If you don’t know what you have, how can you protect it? That simple question is why the very first control in the Center for...
CISOs’ Security Priorities: The Augmented Cyber Agenda—and How Forthright Is Leading the Way
Cybersecurity leaders are facing a rapidly evolving threat landscape. According to CSO Online’s latest Security Priorities Study, CISOs (Chief...
The Root of All Operational Problems: Misalignment Between Technology, People, and Process
By Heath Gieson What if I told you that the biggest challenges in your growing business most likely are not about money, talent, or even...
Creating Meaningful Processes: The Three Keys to Success
By Heath Gieson Creating process is a process itself. It’s not just about writing steps on paper—it’s about building something people will follow,...
Operationalizing Security and Compliance: Why You’re Already Doing It
By Heath Gieson What if I told you your organization is already practicing cybersecurity—even if you’ve never written a single security policy?...
The Digital Frontline of Modern Manufacturing in South Florida
Manufacturing has always been about precision—machines, schedules, and quality moving in harmony. But today, reliability extends beyond the factory...
How Cybersecurity Consulting Reduces Insurance Premiums for Manufacturers
A New Metric for Cyber Maturity Cyber-insurance premiums have quietly become a scorecard for how seriously a business takes cybersecurity. For South...
