Category: useful stuff

Resource: AWS Security RampUp Guide

It seems like Amazon Web Services (AWS) is on every employer’s most wanted skills list. As more organizations make the decision to replace or augment…

Continue Reading

Security awareness materials you can use – “Why we fall for cons”

One of my favorite parts of my job as a CSO is building security awareness amongst my colleagues. I really believe that the time put…

Continue Reading

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

US DoJ guidance on responding to and reporting cyber incidents

When thinking about how to respond to cyber security incidents, you need to think about how your organization will engage with law enforcement – and…

Continue Reading

OWASP API Top 10 Security List

If your organization is developing software, chances are that your developers are building application program interfaces (APIs) to allow interoperability between your code and code…

Continue Reading

How authentication methods stack up

Here’s a nice resource from iDaptive’s blog on the relative merits of various common types of authentication technologies – interesting quick read.

Continue Reading

NIST & Microsoft partner for patching pointers

The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…

Continue Reading

Good security advice from down under

For many organizations, especially small businesses, the thought of starting any kind of cyber security program can seem daunting. With all of the threats out…

Continue Reading

Good privacy advice from the US DoD

The US Department of Defense has put out a nifty guide on how to protect your privacy on social media sites such as Facebook, Instagram,…

Continue Reading

Security risks from domain typo squatters

One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…

Continue Reading