ICS
Breach - At a Manufacturing Plant Near You Soon
30 November 2015
Following the cyber attack on the Iranian nuclear facility in 2010 the
cyber threat to national security and critical national infrastructure
has become an area of increasing concern for governments. Although the
cyber threat against national infrastructure ... Read
More
Toll
Fraud - Old Hacks Die Hard
31 July 2015
Forgotten by many, reported on by the few and rarely disclosed by those
affected, toll fraud has never gone away and is on the increase. With
single breach losses reaching in excess of $100,000 the illegal use
of an organisations telecommunications can ... Read
More
Back
to Basics - Good Security Starts With Solid Foundations
30 April 2015
The
fundamental principles of good security are simple and very easy to
understand however many organisations fail dismally to apply them. It
appears that there is a distinct lack of recognition of the importance
of getting the basics right before adding security ... Read
More
ICS
Security - An Alternative Perspective
31 January 2015
Based on
the lessons learnt in cyber security the tech industry would turn back
time do things differently if it could. Everything from protocol design,
OS design, network design and the technologies enterprises have adopted
might be done differently ... Read More
Reflecting
on Reflections on Trusting Trust
31 October 2014
Back in
1984 Ken Thompson delivered his Turing Award lecture entitled, 'Reflections
on Trusting Trust'. His speech described a very simply attack on compliers
that became known as the 'trusting trust attack'. Thompson demonstrated
how to introduce a backdoor ... Read More
IPv6
Security Risks and Busines Benefits
31 July 2014
It
is nearly 20 years (1995) since the standard for IPv6 was proposed in
RFC1883. Even back in 1995 it was obvious that the 32bit IPv4 address
space would become exhausted due to the exponential growth of the internet.
The problem was exacerbated as ... Read More
Things
to Think About with the Internet of Things
27 May 2014
It
was around 5 years ago that the term 'Internet of Things' (IoT) was
proposed proposed. However, not many people I speak to outside of the
tech industry have ever heard the term or know what it is. This limited
understanding among general consumers is ... Read
More
Avoiding
the Security Skills Gap
31 March 2014
There
is no denying that there is a global shortage of skilled security professionals
or as I like to say, 'security people'. The issue is so widely recognised
that governments are concerned. Initiatives in the UK have been launched
to find security talent ... Read More
The
New Modus Operandi for Security Operations
31 January 2014
The
security profession has never been winning the war on cyber crime. However,
for many years it has been able to keep pace with it and provide a reasonable
level of defense that allowed most of us to sleep soundly. Unfortunately
times have changed ... Read More
The
3Ps - Passwords, Patching and People
31 December 2013
We
all know that there is no 'silver bullet' when it comes to defending
against cyber threats. There probably won't be a 'silver bullet', at
least for the foreseeable future. However, a model does exist to achieve
good security in the form of layered security ... Read
More
Next
Generation Malware - Just a Thought
30 November 2013
In
1983 Matthew Smith wrote the computer game Manic Miner for the ZX Spectrum.
This was Britain’s first software blockbuster game. He was 17
years old when he alone wrote the game. He said in an interview in 1983,
“I think it's going to get to a ... Read
More
The
Power of Security Awareness
23 October 2013
Security
awareness is one aspect of security that I often see overlooked, and
more specifically not prioritised. What is it that makes intelligent
business leaders fail to see the business benefit of security awareness.
Many security professionals also show little ... Read
More
|