Leadership

Current State Cyber Challenges and why communication is important

Currently I’d list some of the major challenges we face as a civilisation as the following (clearly not exhaustive etc.)

  • The general population largely don’t understand cyber
  • Lots of people think there is nothing they can really do
  • People have shockingly bad personal cyber security
  • A large number of organisations have shockingly poor cyber security postures
  • People’s passwords are often ridiculously weak
  • People re-use passwords all the time
  • People seem to believe we have “magic nation state cyber shields”
  • Organisation’s largely do not invest adequately in cyber security
Read more “Current State Cyber Challenges and why communication is important”
Defense

Defending Against Direct Authentication Attacks in Microsoft Office 365

Whilst conducting security testing and assurance activities, I went looking to show logon events in Office 365. My first query was on IdentityEvents, this led to a view of a multi month attack by a threat actor/s against a tenent, followed by exploring the rabbit hole of logs and computer systems. This blog summarises some of the methods and findings when considering threat hunting and authentication defences for Office 365. (bear with me I am tired so this might need a bit of a tune up later!)

Read more “Defending Against Direct Authentication Attacks in Microsoft Office 365”
Ubuntu Logo Guides

Cyber Essentials for Ubuntu Servers

I thought about doing a step by step bash script or CLI walkthrough but decided to go with the high levels steps. If we wanted to ensure our Linux servers are configured in alignment with Cyber Essentials what are the main areas we need to consider? For this I’m using Ubuntu Server as a base, I’ve not gone through every line in the standard but these should be in line with the 5 areas and fit within the Cyber Essentials theme. As always there are many ways to skin a cat! (don’t skin cats they are frens!). Anyway hope this is useful.

Read more “Cyber Essentials for Ubuntu Servers”
Leadership

What is a “Winning Cyber Security Strategy”?

A winning cyber security strategy should have several key components.

First, it should involve a thorough assessment of your organization’s current security posture, including identifying any potential vulnerabilities or weaknesses. This assessment should be ongoing, with regular updates to ensure that your security measures are keeping pace with the evolving threat landscape.

Read more “What is a “Winning Cyber Security Strategy”?”
Education

Enterprise Technology Generalisations

I’ve waked around one of two organisations, across a load of verticals and well I see people post things online about common technology generalisations and frankly it sometimes leaves me wondering what networks they have been in, but also am I just on another planet? So, I thought I would jot down some notes on common tech I see in orgs during my business travels but also on in the ciberz! It’s not a list of everything I see, it’s just what appears in my head as quite bloody common.

Read more “Enterprise Technology Generalisations”
Leadership

UK laws and cyber security considerations for business

I am not a legal export! Haha get used to saying that a lot if you work in cyber and are not in fact a legal expert! I wanted to put together a list of common laws that people should be aware of when doing business in the UK, it’s just a starter for 10 and there are likely others, but this should get people started for their security awareness and security policy documentation:

Read more: UK laws and cyber security considerations for business
  • Data Protection Act 2018
  • Freedom of Information Act
  • Communications Act
  • Computer Misuse Act 1990
  • Investigatory Power Act 2016 (IPA)
  • Theft Act 1990
  • Terrorism Act 2000
  • The General Data Protection Regulation (GDPR)
  • The Privacy and Electronic Communications Regulations 2003 (PECR)
  • The Regulation of Investigatory privacy Act 2000 (RIPA)
  • Official Secrets Act 1989 (OSA)
  • Companies Act 2006
  • Copyright and Design patents Act 198
  • Trademarks Act 1994
  • The Malicious Communication Act 1988
  • Forgery and Counterfeiting Act 1981
  • Police and Criminal Evidence Act 1984
  • Contracts (Rights of Third Parties) Act 1999
  • Fraud Act 2006
  • Network and Information Systems Regulations 2018 (NIS)
  • Telecommunications (Security) Act 2021
  • The Bribery Act 2010
  • Freedom of Information Act 2000
  • Defence of the Realm Act 1914

can you think of any others that I should add?

Thanks Gary and Kevin and the other AVIS I can’t name for inputting!

Education

Information Security Risk Management 

I wrote this in 2018 and don’t believe it ever made it to the interwebs, so I’m basically posting as is with an extra section for some useful links! Hopefully it still stands the test of time!

Risk Management doesn’t have to be risky! 

Risk assessments are complex, they require cross domain knowledge and generally do not deal in absolutes. Threats, vulnerabilities and asset intelligence is combined, weighed and assessed, leading to the construct of a risk assessment document. It can be easy to overcomplicate this process, which in turn (in my experience) often leads to far wider reaching consequences (the business starts to bypass security management or take short cuts), so I thought I would write a short post to clarify what I’ve seen work out in the field. So, to start with let’s try and align on what exactly a risk is. 

Read more “Information Security Risk Management “