A couple of weeks ago I wrote a post giving some advice on what you should do first if you find yourself in charge of cyber security at your organisation. You can read it here. I thought I'd follow up on that post, with some...
Data breaches have been in the news a lot recently. We've had the Panama Papers, which have caused so many unflattering headlines for many of our clearly above board and honest guv'nor world leaders. A large amount of data apparently from Qatar National Bank turned...
I do a fair bit of training, and often I find people have come along on a intro to cyber security course because they have suddenly found themselves responsible for security in their organisation. So regardless of whether you are new to security, or an...
The idea of disruptive hacking has long been a favourite of the media and certain talking heads. The idea that a dedicated team with laptops could take out the power and other critical services across a whole country is one that captures the imagination, and...
I read with interest a post by Elliot Atkins, a friend and former colleague. You can read his post here. I agree with all of his points, but there is one bit in particular I want to dwell on today, as I think it has wider...
I've been working with a client recently on incident response, and was reminded how useful it can be to use scenarios to develop your process. I have long been an advocate of testing earlier in the development of an incident response plan - come up...
A couple of weeks ago I was reviewing my spam folder, and I saw this: (click to embiggen). I immediately burst out laughing, and was very impressed indeed with whoever had done this. This is an incident This was a pretty standard phishing email. It used the tried an...
Speaking last week at GCHQ in Cheltenham, the Chancellor announced the creation of a new 'National Cyber Centre' (NCC). You can read the full text of his speech here, and some highlight factoids here. I recommend at least reading the highlights, though there is a...
Last summer JP Morgan Chase 'fessed up to an enormous breach that impacted some 80 million customers. Headlines at the time were alarming, with speculation even amongst security professionals and seniors in government that this must be the work of a state sponsored group. Who else...
TalkTalk today finally revealed that 157,000 customers had details stolen in the recent hack. That's less than originally feared, but is still far from good. There is also some further information from Channel 4 about how the breach unfolded. If that story is accurate, and...