Blog
185 - Classifying data properly
It's nice to imagine a world with proper classifications and access control systems.
184 - How much trust in zero-trust do you have?
Zero-trust is the new saviour of all of our security woes, but I suspect that the effort and impact of it is wildly underestimated by most people.
183 - Does it matter who your adversary is?
There's a lot of emphasis in threat intelligence about understanding our adversaries.
182 - Protecting the things protecting your infrastructure
Back in the good old days, we had really simple systems and services. We had J2EE stacks and servers, and our systems communicated via JNDI lookups which totally couldn't be abused when logging things.
181 - Cyber Command and Control
If we assume for a minute that you aren't perfect, that somehow, an adversary has gotten onto one of your users endpoints. What happens next?
180 - Securing the software supply chain requires action now
There's a lot of noise around the "software bill of materials" concepts at the moment. This work has been going for years, but really stepped up a gear after both Solarwinds and then log4shell compromises.
179 - Managing a wide ranging and long running incident
Happy new year!
178 - Will 2022 be the year of ransomware?
As we go into the next year, the question that flows around is whether ransomware will continue to be the threat to watch in 2022.
177 - Automation accelerates our accuracy
Automation can be seen as a way to make jobs easier, to reduce the grunt work.
176 - The Red Queen Problem
"Well, in our country," said Alice, still panting a little, "you'd generally get to somewhere else—if you run very fast for a long time, as we've been doing."
175 - Privatising our risk
Ciaran Martin makes excellent points today in this assessment that we have privatised our security risks in a way that prevents control.
174 - One Team, Two Team; Blue Team, Green Team
Within security we often think a lot about the bad guys, the red team, and how they work, how they can compromise our systems.