Articles In Security

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Catch Me If You Can (2002), Frank Abagnale successfully impersonates pilots, doctors, and lawyers—not by hacking systems, but by exploiting trust. People believe the uniform, the letterhead, and the signature. The deception works because there’s no reliable way to verify identity at a glance. Email spoofing works the same way. Messages look legitimate, appear to come from trusted senders, and... read more.

• April 28, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In The Lord of the Rings, the One Ring is small, unassuming, and even useful—at first. It grants power and convenience, but every additional moment it’s worn increases risk, influence, and loss of control. The danger isn’t obvious until it’s too late. Browser and email client extensions often play the same role in enterprise environments. They look harmless, promise productivity, and... read more.

• April 21, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In The Matrix Reloaded (2003), the Merovingian controls access to critical pathways inside the Matrix. He doesn’t stop everyone—he decides who and what is allowed to pass. Information still flows, but only through channels he permits. That selective control is what gives him power. CIS Safeguard 9.3 is built on the same principle. Network-based URL filtering isn’t about blocking the intern... read more.

• April 14, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In CSI: Crime Scene Investigation (2000–2015), the most important moments don’t happen when evidence is collected—they happen when investigators review it, correlate it, and challenge assumptions. Bags of evidence sitting on a shelf solve nothing. The case only breaks when someone sits down, replays the data, and asks, “What does this actually tell us?” That is the core idea be... read more.

• April 07, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Blade Runner 2049 (2017), the central mystery hinges on memory. What was recorded, what was preserved, and what was lost determines who can understand the truth and who remains in the dark. The film makes a simple but powerful point: without reliable memory, reconstruction becomes speculation. CIS Safeguard 8.10 is built on that same idea. If audit logs are not retained long enough, incidents can’t... read more.

• March 31, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Apollo 11 (1969), hundreds of engineers didn’t sit scattered across the country making independent decisions. Instead, Mission Control in Houston became the single place where telemetry, voice communications, and system status converged. When something changed on the spacecraft, everyone who needed to know saw the same data, at the same time, and acted from a shared understanding. That is precisely... read more.

• March 25, 2026

By Bert Amodol, Posted in Security

AI is everywhere in 2026. It writes your emails, summarizes your meetings, generates your vacation photos (that you didn’t actually take), and occasionally makes you wonder if it’s quietly coming for your job. But in cybersecurity, AI isn’t just helpful, it’s chaotic neutral. Because while defenders are using AI to stop attacks, attackers are using the same technology to get better at launching them. So, the real question is: Is AI your security team’s new MVP… or the... read more.

• March 25, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In Star Wars: A New Hope (1977), when Han Solo is asked how he’ll evade Imperial forces, he doesn’t talk about grand strategy—he talks about what he’ll do at the controls of the Millennium Falcon. The outcome of the chase depends not on intent, but on the specific actions taken in the cockpit. In cybersecurity, command-line activity is that cockpit. CIS Safeguard 8.8 recognizes that... read more.

• March 18, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In The Truman Show (1998), Truman Burbank slowly realizes that his world isn’t random. Every street he walks down, every destination he tries to reach, is subtly redirected or observed. What finally tips him off isn’t a single event, it’s the pattern of where he’s allowed to go and where he isn’t. That idea maps well to CIS Safeguard 8.7: Collect URL Request Audit Logs. In mode... read more.

• March 04, 2026

By Steve Gold, Posted in Security

Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation In the 1993 film Jurassic Park, there’s an iconic scene where Lex Murphy stares at a 3D file system and exclaims, “It’s a Unix system! I know this!” What makes the moment memorable isn’t just the line—it’s the idea that understanding the underlying system reveals what’s really happening behind the scenes. In cybersecurity, DNS query audit logs play a very simi... read more.

• February 24, 2026