Author: Al Berg

Too much information?

An interesting piece in the Harvard Business Review highlights the one of the challenges information security professionals face when dealing with security awareness; we actively…

Continue Reading

It could happen to anyone…

The headline is eye catching: a data breach at a highly respected security training organization when an employee falls for a phishing email. It is…

Continue Reading

EmailRep – Squeezing actionable info from malicious email addresses

Yes, I know it has been quite a while since I have posted anything to the old blog, but I do have an excuse… in…

Continue Reading

The elusive USB drive attack

Stories of hackers attacking companies by dropping malware infected USB flash drives in the firm’s parking lot are a standard infosec cautionary tale – don’t…

Continue Reading

Securing the real perimeter – part 2

In my last post, I went on about how the real perimeter of your network is at your users’ workstations. The actions that humans take…

Continue Reading

Securing the real perimeter – part 1

I was thinking about the way that the concept of a “perimeter” has changed in the time I have been in information security. (Obviously, I…

Continue Reading

The biggest cloud threat? Us!

Another cloud security issue caused not by the cloud, but by how people use the cloud.  Security firm Sophos has been taking a look at…

Continue Reading

We’re number 1!

Something for those of us who have to continue to remind our executives how important it is to continually increase our cybersecurity budgets… Global insurer…

Continue Reading

Living off the land – EFS Ransomware

Attackers have responded to improved security against malware in Windows environments by “living off the land” (LOTL) – using the tools already present in the…

Continue Reading

Recognizing and dealing with insider risk

I came across an interesting white paper from the deep mists of the past (2011) which is as relevant today as it was back when…

Continue Reading