Innovation comes from your last innovation.

Innovation comes from your last creation. It rarely comes in one big idea, but most innovative ideas come in small chunks. You have to be thinking and improving on the current constantly. Ask yourself, how can I make this better. Even if it’s a slight improvement, it could be a game-changer to your business. I can’t remember where I heard this; however, these words have stayed with me. Often, I remind myself to keep pushing improvements on the current. Paraphrasing: You’re not innovating if you don’t have the 20 to 30 year olds on your team. Those are the ones that...

Continue reading...

AWS Elastic Transcoder Adding a Watermark

A developer friend asked me about the challenges of adding a watermark to a video. In the past, I’ve done similar things using video editing tools. However, they asked; was possible to add a watermark during an upload process, but it would need to be done with many videos and have logos and text information overlayed on the video. I wasn’t sure of any tool(s) but heard via another friend that AWS has transcoding tools and might have these capabilities. To add watermarks and text via the upload process, you need to use AWS Elastic Transcoder command-line tools (here) and...

Continue reading...

Cyber Threat Landscape (Pre-Attack) Reducing Social Media Footprint (part 1)

The context of this writing: I took a course on Designing and Building a Cybersecurity Program and have written many papers during the course. Below is a revised/shorten snippet from one of my essay papers. According to the New York Times, hackers are having a field day targeting employees on their social media platforms. This type of targeting isn’t anything new; however, it has been increasing and is attracting new hackers. For most employees, their activities outside of work, like social media platforms, are a personal endeavor they use to connect with friends and family members. Some don’t see how...

Continue reading...

Cyber Threat Landscape (Pre-Attack) Reducing Social Media Footprint (part 2)

The context of this writing: I took a course on Designing and Building a Cybersecurity Program and have written many papers during the course. Below is a revised/shorten snippet from one of my essay papers. In 2020 our country was going through a crisis that has brought many states within our country to a standstill, and our healthcare organization’s services were being maxed out. During that time, our society’s immoral actors used chaos to launch cyberattacks campaigns on many healthcare organizations. These cyber-attacks started with reconnaissance work and information gathering. Many healthcare institutions were getting hammered with attacks reported by...

Continue reading...

Winners in Business

Winners in business don’t think in terms of money but think in terms of winning. Naturally, if you’re winning and succeeding in business, money follows, but money shouldn’t be your objective. Your objective should be to WIN, not sometimes—every time. I can’t remember where I heard this; however, these words have stayed with me. Often, I remind myself to keep pushing improvements on the current. This quote also could relate to anything you do in life. For instance, getting a Win on a work project translates into recognition, building reputation capital, and as someone who gets the job done. Even...

Continue reading...

Ansible – Installing package on AWS EC2 Instance (ec2_instance_info)

This playbook is scripted to connect to EC2 instance via tags, then install the system package(s). The example below shows how to install Git, however, this can be any package. Order of things: You will obviously need to change the playbook values below in the script to match your AWS information. The values that need to be changed are highlighted in purple. Enjoy! Order of things:1. Get the ec2_instance_info,2. connect via ssh into the instance, and3. install git (could be any package).

Continue reading...

What if you are compromised by a Zero Day?

First, to mitigate zero-days, you must have systems and people in place that can quickly locate zero-day exploits and patch them as soon as found. However, zero-day exploits are the most challenging digital attack to prevent and fix; once they’re discovered, it takes highly skilled IT professionals to promptly understand the problem and its impacts on the organizational infrastructure. Once the discovery has been made, you’ll need to mobilize a team to get it done promptly.  Mobilizing a team should have an Incident Response Plan. An incident response plan is a set of instructions to help IT staff detect, respond to, and...

Continue reading...

BitSight

BitSight: https://www.bitsight.com/ There are many vulnerability scanning tools in the marketplace, each with specialty solutions. These tools are for scanning other sections of the IT Domains, but it’s all a mesh of tools that solve a particular job. BitSight takes it a bit further, which does a scan and compare. BitSight is a cybersecurity rating company that analyzes your organization’s security. It scans your entire infrastructure, alerts you on vulnerabilities, and rates your security risk. The neat thing about this SaaS software, it gives you a security score like a credit score. Think of it as a gap analysis; the...

Continue reading...

Application Layered Security

In an IT organization, you have Layered Security which is layers of controls within your system. Think of it as an onion with multiple layers. At each layer, the controls prevent attackers from getting to the core.  Building an application, you will also need these same types of layers of control. As a Web Application developer, I build layers of controls into applications, for example; the development application layers for security I would include are: The end-user layer: Write front-end code JS to sanitize strings and data, and validation where needed Adding Authentication using Multi Factor-Auth (MFA) Back-end controller authenitcaiton...

Continue reading...