Artificial Intelligence – Managed Detection and Response
Read MoreTwo buzzwords applied to almost all Cyber Security companies products today are: Artificial Intelligence and Machine Learning or AI and ML. What exactly the AI or ML technology in these solutions and managed service offerings we consume are providing, is open to debate; as is the depth of implementation and integration. However there are great…
shutting down a phishing site
Read MorePhishing is one of if not the highest success rate cyber security attacks that we are likely to suffer. According to the FBI’s Internet Crime Complaint Centre (IC3), phishing accounted for 30,48% of all received complaints in 2020, making it the area with the highest victim count. https://www.techradar.com/author/fernando-cassia Being that most of my readers have an…
Human error, human error, ho hum…
Read MoreDo the easiest(cheapest) thing first that give your the biggest benefit or the first 80% of a job takes 20% of the time, both statements lead to a conclusion that it is most efficient to work on what is going to be most affordable and easy first. The article I have linked reports that the…
Single Sign On (sso)
Read Moreredentials, that credential is able to be used by each system querying a central system (Authentication service) to provide the user access to a service or system. This is different from a Password manager or “Screen Scraping” where a user name and password is “replayed” into the session.
ASD essential 8, ACSC, ACSC essential 8, ASD, ASD 8, Australian cyber security centre, Cyber Security Framework
101 Cyber security primer
Read MoreCyber Security assessments are critical to understanding where your organisation is maturity wise.
Data Leakage Protection, preventing loss of data
Read MoreWho owns the Data? does the business expect SecOps or IT to manage? (Hint: very often “yes”) Where is the budget for managing the DLP solution coming from after implementation? Is the business going to accept the inconvenience of DLP rules “upsetting” their daily workflows” Will the business get sufficient value from the ongoing investment What Data needs “Loss Prevention”, is there a better way to do DLP, because maybe the business only needs to protect accidental emails etc (Hint: often yes)
Starting out – New Security officer
Read MoreStarting out with an organisation and don’t know where to start?
Articles, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Privileged Access Management, WTHPrivilege access Management
Read MorePrivileged Access Management, cyber attacks often still operate primarily on the premise that a logged in user has privileged access to their workstation or Laptop, this aspect has never changed despite platform providers ‘improving’ their security models over time.
