Blogs

Re-blog: High Assurance Cyber Security

Reblog. Original (Nexor.com) High Assurance products are needed where information or networks need to be protected from high end threat actors, and you need a high level of confidence that the solution will mitigate the risk. Continue reading High Assurance Cyber Security →

Re-blog: The King is Dead

Reblog. Original (Nexor.com) For the last few years, the cyber security commentary has been if you focus on the basics, and do the basics well, you will prevent 90% plus of cyber security attacks. To many this has been interpreted as doing the “Cyber Essentials”. Then the SolarWinds / Sunburst attack occurred. Doing Cyber Essentials … Continue reading Re-blog: The King is Dead

Re-blog: A Day in the Life of a CISO

Reblog. Original (Nexor.com) A CISO – Chief Information Security Officer – at an SME is responsible for security operations, securing the business, its technology, and its initiatives, and leading the business’s information security strategy. A CISO must liaise with different areas of the business including IT, HR, and C-level executives to ensure that their objectives … Continue reading Re-blog: A Day in the Life of a CISO

Phishing Irony

Cyber Security Marketing – Please read your own messages? I just received a marketing email entitled “Your Complete Guide to Phishing”. Interesting. All I had to do to get the guide was… Click on a link (from the unknown source) Provide my name and email address Oh the Irony.   “Learn how not to click links … Continue reading Phishing Irony

Re-blog: Zero-Trust – IT’s an Architectural State of Mind

Reblog. Original (Nexor.com) What Is Zero Trust? The term ‘Zero Trust’ was first coined by John Kindervag in 2010, building off a concept put forward by David Lacey at the Jericho Forum, an international group founded in 2004 that worked to promote deperimeterization. Deperimeterization means to “protect an organisation’s systems and data on multiple levels, by … Continue reading Re-blog: Zero-Trust – IT’s an Architectural State of Mind

New Identity – Old Problem

Like many, during lockdown I’ve been catching up on a number of Webinars.   It’s given me the opportunity to do some catch up in the Identity Management field. During the EEMA annual conference, a distinguished speaker observed “We are in danger of re-inventing the wheel, without learning from the past”, which caused me to reflect … Continue reading New Identity – Old Problem

ILOVEYOU – 20 Years On

This month marks 20 years since the ILOVEYOU virus hit computer networks.  For me, it represented a milestone in my security career.  Up until that point security was a technical challenge, solving challenges associate with the global distribution of public keys for secure email exchange.  (Aside, I’ve blogged on this many times, it is a … Continue reading ILOVEYOU – 20 Years On

Reblog: What is 2FA and is it really secure

Reblog. Original (TechUK) 90% of security attacks start with a phishing attempt. This is because attackers want to get hold of your password. Once they have obtained this, they can become you, and access wherever you can access. More…

Reblog: It won’t happen to us

Reblog. Original (Nexor.com) When talking to board members and senior executives of SMEs about cyber security, a common phrase we hear is “It won’t happen to us”. This is justified by “We are not sufficiently important”, or “We don’t have anything they would want”. “Well, it did”, Ian Major of… More…

IISP East Midlands

Reblog: (original Nexor.com) On Wednesday 2nd October, the IISP East Midlands ran its third quarterly meeting kindly hosted by the East Midlands Special Operations Unit (EMSOU). Over 20 security professionals joined to collaborate and explore the latest news surrounding the incident response cycle, covering both what has worked well and learning points from real life … Continue reading IISP East Midlands

The “NHS” Attack

The poor and inaccurate reporting of the NHS Ransomware incident over the weekend has irked CyberMatters into coming out of hibernation. With so much to say, it’s hard to know where to start. Not targeted First the NHS was not targeted by a Cyber Attack. The attack affected ANY system that was vulnerable; the sad … Continue reading The “NHS” Attack

PKI – is there a better way?

PKI is a technology that has stood the test of time, but it is let down by high running costs and poor implementation.

Loading…

Something went wrong. Please refresh the page and/or try again.