Is Microsoft Purview going too far, or not far enough?
Read MoreIs Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate Sabotage, Gifts and Entertainment.
Once the horse has bolted – or detection and response should not be an early stage cyber resilience control
Read MoreOr in other words detection and response solutions should not be a first step in a cyber resilience strategy – after the horse has bolted is too late to be worried about how the animal got out of the stable. The Australian Cyber Security Centre does not even list Endpoint detection and Response solutions in…
Data is difficult!
Read MoreKnow your Data? (link below)….. Data is difficult, Categorising and securing Data is difficult, I personally rate this as a 4 or 5 out of 5 stars in my Cyber Security complexity Framework. Meaning that it is my opinion that this is not the place that most organisations looking to reduce their Cyber Risk should…
Data Incontinence – when leaks sneak out
Read MoreTo prevent data being used against you in the future either through competitive, intellectual or malicious usage or publication? What should you do?
Client Access Security Broker (casb)
Read MoreA Client Access Security Broker is a an important component in an enterprise organisation. A Client Access Security Broker or CASB for short provides: 1. Identify; 2. Protection; 3. Detection capabilities for the organisation on the NIST CSF framework model. How it does this is by inspecting traffic that is being sent to and from the Internet, either just the source and destination or through deeper inspection of the contents of the data being transmitted between source and target.
Data Leakage Protection, preventing loss of data
Read MoreWho owns the Data? does the business expect SecOps or IT to manage? (Hint: very often “yes”) Where is the budget for managing the DLP solution coming from after implementation? Is the business going to accept the inconvenience of DLP rules “upsetting” their daily workflows” Will the business get sufficient value from the ongoing investment What Data needs “Loss Prevention”, is there a better way to do DLP, because maybe the business only needs to protect accidental emails etc (Hint: often yes)