Air Gap Anti-Virus Board BYOD CESG Changing 40+ Passwords Commercial Product Assurance Common Criteria Content Validation Cyber Champions Cyber Essentials CyberShield Secure Data Diode Deploying IEGs GCHQ Get Safe Online Governance Government Policy Guards Heartbleed IEG IISP East Midlands Industrial Control Systems Information Exchange Gateways Internet of Things IoT ISO27001 Malicious Software Network Segregation Nexor Archive Nexor Guardian Nexor Sentinel Passwords Phishing PKI Privacy SCADA Secure Email Security Culture SELinux Smart Home SME Trust Two-factor Authentication Unidirectional Network
You cannot beat swimming with others
I don’t normally blog about swimming, but as one of the “others” mentioned, decided I would reblog!
Re-blog: Using Maths to Show that Automated Security Tools do not Provide Security
(Blog first appeared on nexor.com) Automated security tools can be a very effective security tool, but there are pitfalls for the unwary. I will use a couple of well-known maths puzzles to illustrate why these pitfalls exist. 1 = 2 Most 16 year old maths students will be able to provide a convincing proof that…
Re-blog: High Assurance Cyber Security
Reblog. Original (Nexor.com) High Assurance products are needed where information or networks need to be protected from high end threat actors, and you need a high level of confidence that the solution will mitigate the risk. Continue reading High Assurance Cyber Security →
Re-blog: The King is Dead
Reblog. Original (Nexor.com) For the last few years, the cyber security commentary has been if you focus on the basics, and do the basics well, you will prevent 90% plus of cyber security attacks. To many this has been interpreted as doing the “Cyber Essentials”. Then the SolarWinds / Sunburst attack occurred. Doing Cyber Essentials…
Re-blog: A Day in the Life of a CISO
Reblog. Original (Nexor.com) A CISO – Chief Information Security Officer – at an SME is responsible for security operations, securing the business, its technology, and its initiatives, and leading the business’s information security strategy. A CISO must liaise with different areas of the business including IT, HR, and C-level executives to ensure that their objectives…
Phishing Irony
Cyber Security Marketing – Please read your own messages? I just received a marketing email entitled “Your Complete Guide to Phishing”. Interesting. All I had to do to get the guide was… Click on a link (from the unknown source)Provide my name and email address Oh the Irony. “Learn how not to click links and…
I won’t buy your product if it implements “military grade security”.
When looking at commercial or consumer products how often do you seen the phrase “military grade security”, very often as the only nod to the security of the product? Don’t buy it!
Re-blog: Zero-Trust – IT’s an Architectural State of Mind
Reblog. Original (Nexor.com) What Is Zero Trust? The term ‘Zero Trust’ was first coined by John Kindervag in 2010, building off a concept put forward by David Lacey at the Jericho Forum, an international group founded in 2004 that worked to promote deperimeterization. Deperimeterization means to “protect an organisation’s systems and data on multiple levels, by…
New Identity – Old Problem
Like many, during lockdown I’ve been catching up on a number of Webinars. It’s given me the opportunity to do some catch up in the Identity Management field. During the EEMA annual conference, a distinguished speaker observed “We are in danger of re-inventing the wheel, without learning from the past”, which caused me to reflect…
Covid-19 Clearout: Business Cards
The continuing Covid-19 house clearout led to me finding a pile of business cards… The first card, from 1990. An X.400 email address, did anyone every think that would really catch on? Looks like we ran our own PRMD, unusual for a small business. I wonder why our current meeting room is called the Enterprise?…
ILOVEYOU – 20 Years On
This month marks 20 years since the ILOVEYOU virus hit computer networks. For me, it represented a milestone in my security career. Up until that point security was a technical challenge, solving challenges associate with the global distribution of public keys for secure email exchange. (Aside, I’ve blogged on this many times, it is a…
Reblog: What is 2FA and is it really secure
Reblog. Original (TechUK) 90% of security attacks start with a phishing attempt. This is because attackers want to get hold of your password. Once they have obtained this, they can become you, and access wherever you can access. More…
Lockdown 2020 – Learning Python3
Lockdown 2020 – I took the opportunity to learn Python. Wow, developers of today have it so easy!
Security, Privacy and False Positives in the Covid-19 App
The COVID-19 app is being trailed in the Isle of Wight, and has already created lots of public debate. The debate centres around security and privacy. However, there is part of security that has so far not been aired – false positives. Before I discuss false positives, I want to spend a few paragraphs on…
Reblog: It won’t happen to us
Reblog. Original (Nexor.com) When talking to board members and senior executives of SMEs about cyber security, a common phrase we hear is “It won’t happen to us”. This is justified by “We are not sufficiently important”, or “We don’t have anything they would want”. “Well, it did”, Ian Major of… More…
Reblog: How Do You Remain Savvy With Your Supply Chain
Reblog. Original (TechUK) By now, we must all be aware that Cyber Security is a prominent issue – we recently heard mainstream news reports about Ransomware hitting the NHS and often hear about the latest data theft of millions of passwords or credit cards….Home users should be starting to get the message about keeping our…
IISP East Midlands
Reblog: (original Nexor.com) On Wednesday 2nd October, the IISP East Midlands ran its third quarterly meeting kindly hosted by the East Midlands Special Operations Unit (EMSOU). Over 20 security professionals joined to collaborate and explore the latest news surrounding the incident response cycle, covering both what has worked well and learning points from real life…
The last post: CyberMatters comes to an end
CyberMatters started almost 5 years ago, as a proof of concept blog platform for Nexor. Over that time, we’ve covered a wide range of topics from general security advice on passwords, commentary on topics of the day, and discussion of the latest technology concepts Nexor has been working on. Over the last few months I’ve…
Loading…
Something went wrong. Please refresh the page and/or try again.
Once Upon a Camayoc 