Leadership

Cyber Leadership – Real Life Incidents over the years!

Introduction

I’ve been around a bit now, I started ‘playing’ with technology very young as a kid! Wolf 3D/Doom era etc (ok even before that but whatever) …

In my professional career I’ve worked with literally hundreds of companies, from mega to small, from household names that sell games consoles through to orgs that sell you yummy food! I’ve worked across loads of industries from government through to manufacturing. I’ve dealt with major incidents for the finance sector, healthcare but also, I’ve been inside a range of networks for some time.

Read more “Cyber Leadership – Real Life Incidents over the years!”
Leadership

The business ‘value’ of Cyber Investments

A massively common analogy I see in security is the idea that security is like paying for insurance incase something goes wrong. I think this is great if you have 3 seconds only to describe security, but that’s not really how I have conversations with people. A sound bite isn’t reality, and to be honest I personally find that rather meaningless. I also know that many people don’t like or even pay for a range of insurance so when we look at how we try and improve digital security from a whole of society perspective, I think this phrase doesn’t work, it’s too narrow…

Read more “The business ‘value’ of Cyber Investments”
Defence

A threat actor is inside your perimeter… what routes…

Ok that subject is massive…so this is a bit more of a targeted thought process to consider.

Each network is unique and technology deployments vary. One time I was in a network that was almost entirely Apple MacBooks and a door control panel…. which was ‘fun’.

So this is a general list of some things to consider if you have tech deployed such as:

  • Active Directory
  • Printers
  • SCCM
  • MSSQL
Read more “A threat actor is inside your perimeter… what routes are there for attacks?”
Defence

What are the top Active Directory Security vulnerabilities I…

Ok so here’s the thing, I do NOT like getting pwn3d! I think you probably would rather your organisation does not too!

What I really don’t want to occur is a ransomware event! They suck, they are like a digital bomb going off.

So I’ve knocked up a quick list to get people thinking (these are NOT all the vulnerabilities I networks you should care about.. but they are some that could lead to a ransomware event!)

Read more “What are the top Active Directory Security vulnerabilities I care about?”
CTI Investigation Demo Threat Intel

Threat Analysis Tools

I’ve not blogged in a while, but I wanted to put down a note of some useful tools people can use to help them combat cyber crime.

This isn’t going to be an in depth look at each tool, however I do want to, in the near future, try and do some demos/videos etc. of how to investigate potential/suspected or identified threats. I’ll drop a list of some of the useful tools below and also do a quick demo of investigating an event (from this blog)

Read more “Threat Analysis Tools”
Education

Cyber Tips for Normies (without the FUD)

The Cyber Threat landscape in 2023

The digital world is complex and cyber threats appear to be around every corner. What we need to do however is look at how we can enable people and keep them safe from common (realistic) threats that they will almost certainly face (rather than saying everything is a risk!), The intent of this post is to tackle key common threats, risks and vulnerabilities (and countermeasures). It is high level, it is a generic and general, it is not a bespoke tailored guide for each person. It does not cover every single risk scenario someone may face, it simply looks at what I think people may want to focus on (given what I see). (I’m having to caveat this loads to try and stop the tin foil hat loonies making a scene about edge cases I haven’t covered)

Read more “Cyber Tips for Normies (without the FUD)”
Education

Protective DNS (PDNS) by NCSC UK adds UK schools

This week NCSC have begun accepting UK schools for access to the PDNS.

https://www.ncsc.gov.uk/blog-post/introducing-pdns-for-schools

to register (if you are eligible) use this URL: https://www.protectivedns.service.ncsc.gov.uk/pdns

you can view the terms and conditions here: https://www.signin.service.ncsc.gov.uk/terms-and-conditions

PDNS is a protective DNS service which helps protect public sector organisations (and private sector services who deliver government services)

  • Government
  • Healthcare
  • Local Authorities
  • MOD

https://www.ncsc.gov.uk/information/pdns

PDNS is delivered by Nominet. Read more “Protective DNS (PDNS) by NCSC UK adds UK schools”

Defence

No one is responsible for your OWN Cyber Defences…

Introduction 

I talk to hundreds or maybe even thousands of people online. I work in the Cyber security industry, I worked previously with central government, local authorities, finance, third sector, healthcare, defence and well most verticals of business. I often see people comment online about how “GCHQ has failed” or some other silly nonsense when it comes to an organisation (not GCHQ) being victim to a cyber incident. 

I fear the world has watched a few too many Bond and Bourne films and let’s their imaginations run wild! The true reality of defending cyberspace is frankly vastly different to what I think people believe it is.

Read more “No one is responsible for your OWN Cyber Defences other than you! “
Hacking

The Manual Version 2.0

Working in Cyber security can expose you to all kinds of information. I’m an offensive and defensive security architect and occasional (haha that’s daily right!) pew pew slinger (pentester) and I am also a threat intelligence practioner (CTI) (we need The Many Hats Club back!). Which is why sometimes when things appear on the internet I think I decide to take a look.

Read more “The Manual Version 2.0”