BSIT380-T302 - Week 4 Blog

 The detection of threats at their early stages depends on continuous monitoring of endpoints, networks, and email systems. The 8th chapter this week talks about how organizations can achieve real-time systems visibility through the implementation of SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response) tools. These tools collect logs and detect irregularities while performing automated response procedures. The exploitation of email continues to be one of the most common attack methods, so organizations must actively monitor for phishing attempts, malicious attachments, and unusual login behaviors.

The identification of malicious activity depends heavily on data analytics through pattern recognition. Security teams can identify potential threats at an early stage by performing scheduled data analysis reviews, which examine login times, IP ranges, and unusual user behavior. The review process enables incident response while simultaneously enhancing long-term threat intelligence capabilities/ The proactive security approach transforms cybersecurity into a strategic framework that matches the requirements of contemporary enterprises.  

Thanks for stopping in today for a quick blog!

-Derek-

Comments

Post a Comment

Popular posts from this blog

BSIT380-T302 Week 2 Blog

 This week’s readings really emphasized how foundational agreements and proactive analysis are to a strong cybersecurity posture. One key takeaway for me came from the deep dive into Service Level Agreements (SLAs) . SLAs are more than just technical checklists, they are legal and operational frameworks that define accountability, especially when it comes to security. In an environment where companies outsource critical infrastructure to third-party vendors, clearly defined SLAs are what ensure providers deliver not just uptime, but compliance with security protocols like data encryption, vulnerability patching timelines, and incident response commitments. From Chapter 4, I found the section on threat intelligence particularly compelling. The idea that cybersecurity is not just reactive but also predictive stood out. Gathering, analyzing, and applying threat intelligence helps organizations stay ahead of attackers. Whether it’s understanding threat actor motives or identifying in...
Read more

BSIT380-T302 Week 1 Blog

Hello and welcome to my first entry in what I hope becomes a valuable space for sharing insights, experiences, and lessons learned in the world of cybersecurity, system hardening, and network risk management. My name is Derek Talbott, and I am currently the Site IT Manager at Michelin in Junction City, Kansas. With over a decade of hands-on experience in IT, ranging from systems administration and Active Directory management to executing cybersecurity compliance rules across global infrastructures, I’ve learned just how critical strong security practices are in maintaining operational stability. Before transitioning into the civilian IT world, I served in the U.S. Army as a 15N Avionics Mechanic, 15F Aircraft Electrician, and 25B Information Technology Specialist. Those years taught me how to stay calm under pressure, lead by example, and treat every piece of technology as mission-critical, skills that continue to guide my approach to IT security today. I’m currently wrapping up my ...
Read more

BSIT 220-T301 Week 7 Blog

 Good Evening, Welcome back to my weekly blog where we talk about what is going on in this weeks course work. One thing that stuck out to me this week was SONET and SDH. Lets dig a little deeper on some similarities and differences between the two.  SONET - Synchronous Digital Hierarchy was standardized by the ANSI (American National Standards Institute) defines a hierarchy of interfaces and frame formats for transmitting multiple digital bit steams over optical fiber.  SDH - Synchronous Digital Hierarchy was standardized by the ITU-T (International Telecommunication Union - Telecommunication Standardization Sector). It is largely compatible with SONET but has some technical differences.  SONET uses Optical Carrier (OC) levels to designate different transmission rates. The basic unit is the Synchronous Transport Signal (STS) which is like the European STM-1 (Synchronous Transport Module Level 1) in SDH. SDH uses Synchronous Transport Module (STM) levels to designate ...
Read more