Blog
65 - How much privacy do we expect?
Privacy is a really interesting concept to study. People have lots of different mental concepts of privacy, and oftentimes those concepts don't entirely align with other humans conceptions of the same behaviours. Couples talk about wanting privacy to be a couple together, and sometimes individuals wants privacy from their partner. Groups of people who socialise build "private parties" and ways to segment themselves, and we tend to just keep using the same word over and over.
64 - We need to stop operating IT like it's 1999
We see this again and again, but the ransomware attacks on enterprise It estates in local government in the US (which are the ones we know the most about) just shows that many small to medium size organisations still haven't got the memo.
63 - Put more security in your SaaS
When we talk about companies moving to "the cloud" we tend to mean the migration from data center to hyperscale cloud data center. People moving their servers from an on-premise or colocated data center into Azure, Google Cloud, AWS or similar.
62 - The next big malware that wasn't
The sky is falling, BlueKeep will result in thousands of compromised computers, you must patch now.
61 - Just because it’s basic doesn’t mean it’s easy
There's a great post by Emma W of the NCSC linked below that talks about why patching is often described as basic, even though doing it can be really hard.
60 - Is it Cyberwar or Cyberespionage?
The shift in policy of moving the reins of power of offensive cyber from intelligence organisations like the NSA or GCHQ over to military organisations like the US CyberCommand or the Ministry of Defence is an interesting one.
59 - How confident are you that your defences work?
How confident are you in your defences? You've got firewalls, WAF's and even a segmented network. Maybe you have to leave your phone outside before go into your office, have badges that need a pin as a second factor and armed guards who watch everyone coming and going?
58 - Phishing just works
Remember from the Verizon Data Breach survey earlier on in the year featured in Cyber Weekly 51, 94% of malware is delivered by email, and Phishing is still the most common threat action carried out in breaches.
57 - Malware is still your biggest threat
Are you worried that nation states are coming to get you? That the cyber criminals will breach your systems and steal all of your data?
56 - How can we be more positive in security?
Cybersecurity is a pessamists game right? We are constantly talking about and worrying about being attacked, about what is the worst that can happen, about the nations in a constant state of cyberwar!
55 - Raising the baseline of security
I've been involved in a bunch of conversations recently around "baseline controls". What is the difference between different security controls, and how should we decide where to invest our money.
54 - The more things change, the more they stay the same
Iran's conducting disinformation campaigns, Baltimore shows that people aren't patching at all, let alone fast enough, the Huawei discussion rages on.