Require MFA for Externally‑Exposed Applications This article is part of our ongoing CIS IG1 series focused on practical, high‑impact security controls. In this section of the framework, identity takes center stage. Rather than focusing on new tools or complex...
Trending at Forthright.
Secure by Design, Not by Accident: CIS Controls 4.1 & 4.2
by Heath Gieson Every device you deploy and every application you install arrives configured for ease of use, not security. When was the last time someone examined the configuration of your network switch? What about the network-connected printer that has been sitting...
CIS IG1 Control 3.6: Encrypt Data on End User Devices—Because Lost Doesn’t Have to Mean Exposed
by Heath Gieson As we continue our weekly journey through the CIS IG1 controls, each safeguard builds on the operational foundations we’ve been establishing from the very beginning of this series. Our early controls focused on visibility—knowing what assets exist,...
Global Conflicts Escalate: 4 Critical Cybersecurity Changes For Businesses
When geopolitical tensions rise, widespread cyber activity follows. Recent attacks connected to events involving Israel, the Gulf States, and India are a reminder that cyber conflict rarely stays regional for long. New attacks are not just coming from...
When It’s Time to Let Data Go
by Tim Marley Over the last few weeks, we have been building the foundation of a responsible data management program. In CIS Control 3.1, we talked about establishing a data management program and why organizations need a structured approach to governing their...
Cyber Security Action Month: Backups Are Boring—Until You Need a Restore
By Heath Gieson, CISO / EVP of Operations, Forthright Let’s be honest—no one ever needs a backup… until they do. Backups are one of those things we...
Cyber Security Action Month: Know What You Own—The Case for Asset Inventory
By Heath Gieson, CISO / EVP of Operations, Forthright Welcome back to our Cyber Security Action Month series. So far, we’ve talked about enabling...
Cyber Security Action Month: Know Your Users, Secure Your Access
By Heath Gieson, CISO / EVP of Operations, Forthright As we continue our Cyber Security Action Month series, we’re shifting our focus from login...
From Awareness to Action: Forthright’s Cyber Security Action Month
By Heath Gieson, CISO / EVP of Operations, Forthright October is widely recognized as Cyber Security Awareness Month—a time when organizations and...
Invest Smart, Grow Fast: Your Small Business Guide to IT Expense Planning
Without realizing it, technology can drain your business budget. One day, everything seems manageable, and the next, you’re left wondering where all...
Is Your Smart Office a Security Risk? What Small Businesses Need to Know About IoT
Your office thermostat, conference room speaker, and smart badge reader are convenient, but they’re also doors into your network. With more devices...
Upgrade Smarter: Build Your IT Refresh Plan
Nothing throws off your day like a frozen screen or a sluggish computer. If you run a small business, you’ve probably dealt with outdated tech more...
A Small Business Guide to Implementing Multi-Factor Authentication (MFA)
Have you ever wondered how vulnerable your business is to cyberattacks? According to recent reports, nearly 43% of cyberattacks target small...
Backup & Recovery Made Simple for Small Businesses
What would happen if your business lost all its data tomorrow? Would you be able to recover, or would it grind your operations to a halt? Every...









