Category: useful stuff

Recognizing and dealing with insider risk

I came across an interesting white paper from the deep mists of the past (2011) which is as relevant today as it was back when…

Continue Reading

Can experience be a hindrance in making security decisions?

Some interesting insight from the Harvard Business Review’s January 2020 IdeaWatch section: A study looked at how people react to information which indicates that a…

Continue Reading

Juice Jacking – meh!

Lately, I have been seeing a number of posts and articles warning us all not to use publicly available USB charging points due to the…

Continue Reading

Resource: AWS Security RampUp Guide

It seems like Amazon Web Services (AWS) is on every employer’s most wanted skills list. As more organizations make the decision to replace or augment…

Continue Reading

Security awareness materials you can use – “Why we fall for cons”

One of my favorite parts of my job as a CSO is building security awareness amongst my colleagues. I really believe that the time put…

Continue Reading

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

US DoJ guidance on responding to and reporting cyber incidents

When thinking about how to respond to cyber security incidents, you need to think about how your organization will engage with law enforcement – and…

Continue Reading

OWASP API Top 10 Security List

If your organization is developing software, chances are that your developers are building application program interfaces (APIs) to allow interoperability between your code and code…

Continue Reading

How authentication methods stack up

Here’s a nice resource from iDaptive’s blog on the relative merits of various common types of authentication technologies – interesting quick read.

Continue Reading

NIST & Microsoft partner for patching pointers

The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…

Continue Reading