Business Email compromise
Read More: Business Email compromiseBusiness Email Compromise (BEC) is a Social engineering attack and one of the most likely to succeed and provide a large benefit for the attacker. I have a recent example with a conveyancer where their email footer stated “We will not request money via email” – well in their final email requesting funds they removed…
Customer ignores MSP advice and is breached?
Read More: Customer ignores MSP advice and is breached?In the case of ever increasing and tightening reporting requirements and breached clients potentially being sued for damages, it is your reputation as the MSP that will be affected in a blame game scenario.
91% of Cyber Attacks are Email initiated!
Read More: 91% of Cyber Attacks are Email initiated!91% of Cyber Attacks start with email according to Microsoft, yet email is the least exciting area for us to focus our Cyber security efforts in. Quote from The Register (ignore the sarcasm): “That being the case, why is Microsoft bothering to sound the alarm? Well, 91 per cent of all cyberattacks originate with email, according to…
Pfizer up and win $90
Read More: Pfizer up and win $90$90 (at least) for completing a Pfizer survey…. amazing but how did they know I have just had my first Pfizer jab? It surely is not a coincidence, or is it? This is a classic Phishing attempt, using the knowledge that scammers have about us socially, in this case the biggest broadest brushiest brush that…
Data Protection as an afterthought
Read More: Data Protection as an afterthought8 Terabytes lost….. 14 Terabytes of data recovered from a data migration gone wrong….. that was called a deletion of data not a migration when I worked as a Sys admin or a “Career limiting move”. Considering that the parts of a data migration plan I would outline involve: 1. Assess what data needs to…
Employees vs Home owners
Read More: Employees vs Home ownersOr a look into the psychology I have written about this before and today I saw a question today on linkedin related (Thanks David) …….. But I ran out of words to post as a comment. I want to start by suggesting that often security officers and auditors do not think about the companies assets…
Teach your employees information security
Read More: Teach your employees information securityWhen it comes to securing an organisations digital assets there are several approaches to minimising the risk as there is no solving a moving target. One that is not given the priority is the most obvious and the largest source of risk to a business: people, that is you and me, we are idiots and…
Articles, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Privileged Access Management, WTH
Privilege access Management
Read More: Privilege access ManagementPrivileged Access Management, cyber attacks often still operate primarily on the premise that a logged in user has privileged access to their workstation or Laptop, this aspect has never changed despite platform providers ‘improving’ their security models over time.
Partnering done right
Read More: Partnering done rightResellers are ambulance chasers! They came into the deal after I had already sold the product to the customer and wanted to make money from my hard work, I’m the vendor sale rep, I know what the customer needed and I sold it! I’ve lost count of the number of times that I’ve heard words…
Are you an MSP and want to ask a question about ‘how to’ with Microsoft Security? QR code for my WhatsApp group.
About me
I am passionate about Australian organisations improving their cyber security posture, where possible I want to help improve by sharing the questions that I am asked along with some answers, there are many cyber security experts who have a vast amount of knowledge to share, if I can help to aggregate some of this then it is achieving my objective to improve the security posture for all businesses.
I am a current member of AISA Australia (Melbourne), and though I am not a cyber security expert I am a Microsoft Cyber security Expert by certification. I am an enthusiast and continue to learn every day from every conversation I have.
.
Recent Posts
- Microsoft Defender for Endpoint Intro video
- Kasaya CEO says MSP’s will benefit by Vendor Consolidation?
- When to Microsoft Sentinel and when to just XDR!
- Microsoft Sentinel Log ingestion from Business Premium
- Total Tools Totally messed up – Credit card details stolen for 30k customers
Tags
#acsc (2) #asd8 (2) #kicksecio (16) 101 (3) ACSC (2) AI (3) Alan Metcalfe (6) Artificial Intelligence (4) ASD 8 (2) Breach (15) Cyber Security (38) Data leakage (6) Data Protection (5) Endpoint Detection response (3) Extended Detection Response (3) GenAI (2) Generative AI (3) Kicksecio (3) Managed Detection Response (6) Managed Service Provider (6) Microsoft (20) Microsoft Defender for cloud (2) Microsoft Defender for endpoints (11) microsoft licensing (2) okta (2) Safeworlds (9) Safe worlds Safeworlds Safe worlds IPTV Alan Metcalfe (7) Sentinel (4) SIEM (5)
Recent Comments
Archive
- November 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- December 2023
- September 2023
- August 2023
- July 2023
- March 2023
- January 2023
- December 2022
- November 2022
- October 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2020
- April 2018
- September 2016
- May 2016
- October 2014
- September 2014
- August 2014
- July 2014
- May 2014
- February 2014
- January 2014
- July 2011
- July 2010
- May 2010
- March 2010
- July 2009
- June 2009
- March 2009
Categories
- ACSC
- ACSC essential 8
- Active Directory
- Active Roles Server
- Advanced Managed Detect Response
- AI
- Airlock Digital
- Alan Metcalfe
- AMDR
- Apple
- Application Control
- Architect
- Articles
- Artificial Intelligence
- As Secure As Practical
- ASAP
- ASD
- ASD 8
- ASD essential 8
- Attack surface reduction
- Australian cyber security centre
- Azure Active Directory
- Azure Application Proxy
- Backup
- Bing
- Bitlocker
- Blog
- Bombs
- Breach
- Business Email Compromise
- CASB
- ChatGPT
- CIS 18
- CISA
- CISA Scuba
- Citrix
- Client Access Security Broker
- Cloud
- CoPilot for Security
- Crowdstrike
- Cyber risk
- Cyber Security Framework
- Data Breach
- Data Loss Prevention
- Data Protection
- Defender for O365
- Dell
- Device
- DLP
- DMARC
- Do something
- Email Archiving
- Endpoint Detection Response
- EndPoint Protection
- Entra identity
- EPP
- Exam prep
- Extended detection and response
- Extended Detection Response
- Facebook scams
- Fake news
- FIM 2010
- Funny
- GDAP
- Gen AI
- Global Warming
- Hiring
- HP
- Identity Access Management
- Incident response
- Industry
- Information Protection
- iPad
- IT secrets
- IT senior
- JGES
- Journalistic flare
- Just good enough security
- Kin
- Large Language Model
- Large Language Models
- Least privilege
- M365
- Mac
- mac mini
- Machine Learning
- Macro
- Malware
- Managed Detection Response
- MDR
- MFA
- Microsoft
- Microsoft Autopatch
- Microsoft Azure Active Directory
- Microsoft certification
- Microsoft Defender
- Microsoft Defender Application Guard
- Microsoft Defender for Cloud
- Microsoft Defender for Endpoint
- Microsoft Defender for Endpoint Server
- Microsoft Defender for Identity
- Microsoft Defender Vulnerability Management
- Microsoft Endpoint Manager
- Microsoft Intune
- Microsoft licensing
- Microsoft purview
- Microsoft Sentinel
- Migration
- Mimosa
- Mitre Att&ck
- ML
- money
- MSP
- Multi factor Authentication
- multifactor authentication
- MVCS
- NAS
- NASA
- Network detection and response
- NIST CSF
- O365
- Office 365
- Office Macro
- Open source
- Operating System Hardening
- Opinion
- OSX
- PAM
- people
- Phishing
- Pig Butchering
- Planning
- poor performance
- Privileged Access Management
- Process
- Protection
- Purview Information Protection
- Quest
- Quest Software
- Ransomeware
- Ransomware
- Recession
- Recovery
- repair Disk
- Safe Worlds' IPTV
- Safeworlds
- Safeworlds IPTV
- Safeworlds itv Alan Metcalfe
- safeworlds tv
- SAN
- Sandbox
- SASE
- Scam
- Scams
- SCUBA
- Search
- Secure Access Service Edge
- Security
- Security Assessment
- Security information event management
- Security posture
- SIEM
- Single Label Active Directory
- Single Sign On
- slow
- Social Media
- Software Industry
- Solutions Architect
- SSO
- Storage
- Supplier Breach
- Tablets
- Terminal services
- Tethering
- Thin Provisioning
- Threat and vulnerability management
- Threat Hunting
- universal logic
- VMware
- vWorkspace
- Wifi
- Windows 10
- Windows Autopilot
- Windows Sandbox
- WTH
- Xbox
- XDR
- Zero day
- Zero Trust Network Architecture
- ZTNA