Probably one of the most interesting questions to ask when reviewing a cyber crisis reaction document is the phone number of the cloud hosting platform that is chosen to be the one to store the back ups of all critical systems of an organization. Chances are that the survival of your company relies on this … Continue reading Is your cloud service provider contactable in case of crisis?
Month: May 2019
Why you need on-location and co-location backups and why they should be encrypted
I hope I will be stating the obvious in this post; but I have seen so many things going wrong that I will risk repeating myself! On location back ups are totally cool! They are directly connected to your ethernet, have blazing accessibility rate, superb file transfer speeds, and a variety of other bills and … Continue reading Why you need on-location and co-location backups and why they should be encrypted
New encryption law: Australia first Orwellian state?
The full impact of Australia's new law to crack down on encryption is still unknown. From what can be read currently, and currently available information the very broad and vague law is introduced to request the assistance of technology companies storing data in the country to make it available for law-enforcement. And the vagueness … Continue reading New encryption law: Australia first Orwellian state?
You seriously have to regularly upgrade your printer firmware!
When I heard this argument for the first time over a decade ago I thought it would never be a thing. I was to be proved wrong! A few years ago, I was hired to figure out how a perpetrator got into a corporate network. Like so often, my blue-chip/fortune 500 colleagues had failed to … Continue reading You seriously have to regularly upgrade your printer firmware!
Why you need a patch and update policy, and protocol
Here is an example of why it's a pretty good idea to have an update policy in place...
Protecting your organisation from the risk of social engineering
Humans are still the weakest link in cyber security, and they lack training to become aware of the risks. This is a very good example.
Protecting your organisation from CEO fraud
One of the most costly cyber threats/risks is CEO fraud.