How the pandemic changed everything and nothing

Posted by:

This is a quick look back over the last six months or so: what’s changed in the world of work and cybersecurity and how businesses have responded. I wasn’t sure how to title this post. I don’t think words like ‘review’, ‘lessons learned’ or ‘takeaways’ really do the scale of the situation, but ‘What the …. just happened?’ seems a bit strong.

That being said, from my research and conversations with people in the companies that have ...

Read More →
0

Ransomware Going Nowhere – Healthcare Beware!

Posted by:

My friends who are lucky enough to still be employed throughout the pandemic appear to be split into two camps. Half seem to be spending much of the day staring out of the window, largely unproductive, the bosses’ gaze concentrating on other areas like the distracted Eye of Sauron. The other half are working three times as hard to make up for the colleagues who are furloughed or are unlucky enough to have been cut.

One set ...

Read More →
0

Phishing is a Popular Hobby for Coronavirus Scammers

Posted by:

In these strange times, increasing numbers of us are confined to the home with little but our concerns for neighbours and loved ones, and hopefully some work, to keep us going. But those with an entrepreneurial spirit and complete moral bankruptcy really are going all out to make sure that their criminal chums or their state-level paymasters profit from this crisis at the expense of the rest of us.

This pandemic really does provide a golden opportunity ...

Read More →
0

Recognizing and Beating the Coronavirus Scammers

Posted by:

If the internet is to be believed, up to 10% of the world’s population are in quarantine, or at least in lockdown, to prevent the spread of the coronavirus.  That’s a few hundred in the US, the same in Europe, a few thousand in a ship off the coast of Japan, oh and about 760 million people in China!

On the face of it, that’s quite scary. ...

Read More →
0

Backup Strategy in six points (and a free mnemonic)

Posted by:

Good backup strategy = a better night’s sleep. It’s as simple as that.  It’s also difficult to get right and needs constant tweaking, not just because the amount of data we’re producing is growing exponentially, but also because the options for quick, secure backup are increasing, and that’s a very good thing!

Conversely, bad backup strategy is worse than useless as you can pay a lot of money for a big bag of false hope.

Why ...

Read More →
0

The current state of privacy laws in the USA 2020: what you need to know

Posted by:

After the introduction of the CCPA in 2018 a whole slew of states got on board the data privacy bandwagon, and it looked like there was real momentum in the direction of increased rights for citizens over their own data.  By the middle of 2019 more than a dozen states had introduced some kind of privacy bill, either from scratch or as an amendment to existing privacy laws.

So how has that turned out?

Well, if you’re an advocate for increased user ...

Read More →
0

How to evidence your way thru compliance

Posted by:

I’m not usually a fan of nouns being used as verbs.  As Calvin said to Hobbes in Bill Watterson’s wonderful comic strip, “Verbing weirds language”.

I mean, who really ‘dialogues’ with colleagues, or  ‘greenlights’ tasks for them to ‘action’? 

But there’s one denominal verb https://en.wikipedia.org/wiki/Denominal_verb (yes of course there’s a word for it) which I find myself using, and that is ‘evidencing’. This is a wonderfully concise way of saying “proving ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

Are employees really the weakest link in your cyber-defense strategy?

Posted by:

It’s been touted for awhile that people, be they employees, business partners or consultants, are the true weakness in the cyber defenses of an organization.

It is people – all with some level of access to the inner sanctum of the network – that have been a main focus for malicious agents (aka “the bad guys”).

It isn’t rocket science as to why – as technology gets more complex and savvy, it is more difficult to sneak into a system undetected from ...

Read More →
0
Page 1 of 2 12
})
SEC Cybersecurity Exams