Cyber Incident Response // Cyber Security // Cyber Crime // Cyber Terrorism // Cyber Defense
Justifiably you have the questions poking around in your head about why you should limit physical access to data? The answer is quite simple::: first of all let’s start with a definition of what I actually try to express with this statement. Physical access refers to any one of your employees being able to plug … Continue reading Physical access to data is restricted?
If you years ago I was contacted by an internationally operating law firm. They had very special requirements as to their data protection. I never did ask about the emphasis they had towards their clients security. We did get to work though, and created a solution that was highly individualized, and fulfilled pretty much all … Continue reading Police Proof local storage/raid proof
It regularly makes you wonder how many organizations have their servers and other critical infrastructure in rooms marked clearly as the server and communication room.
I hope I will be stating the obvious in this post; but I have seen so many things going wrong that I will risk repeating myself! On location back ups are totally cool! They are directly connected to your ethernet, have blazing accessibility rate, superb file transfer speeds, and a variety of other bills and … Continue reading Why you need on-location and co-location backups and why they should be encrypted
The full impact of Australia's new law to crack down on encryption is still unknown. From what can be read currently, and currently available information the very broad and vague law is introduced to request the assistance of technology companies storing data in the country to make it available for law-enforcement. And the vagueness … Continue reading New encryption law: Australia first Orwellian state?
One of the most costly cyber threats/risks is CEO fraud.
What is the "Advanced Cybersecurity Risk Assessment Checklist" (ACRAC)?ACRAC allows any organisation to assess a status quo of their cybersecurity. It's a thorough, and constantly updated checklist to reduce common cyber threats organisations are confronted with. Its goal is to raise awareness for vulnerabilities, thereby neutralising a majority of threat vectors an organisation sees itself … Continue reading Project: Advanced Cybersecurity Risk Assessment Checklist
Differentiating the terms risk, vulnerability, and threat is quite difficult in a cyber security setting. This post intends to give a clear outline.
Removable media still presents one of the greatest threats; this post outlines one solution of how to deal with it properly.
Cyber insurance is becoming every increasingly important product for most organizations. Finding an insurance policy, and an underwriter to understand the risk is very difficult.
With a potential bandwidth of the deep web increasing, it turns more and more into a profitable marketplace. Most recently, employers have sprung up, looking for qualified personnel. Work without the pension scheme’s, 9 to 5, and other inhibiting factors.
Cache currency is a blessing for law-enforcement because it allows them to trace back the origins to a crime. When criminals are forced to resort to crypto currency, the game changes.
The next generation of phishing attacks is there. Brace yourselves, and mitigate!
Cybercrime comes in many forms industrial espionage is one of them. Today, we are not even safe from paper shredders in the offices anymore.
CEO fraud is one of the most devious forms of cybercrime, and social engineering. The most complex form was experienced, and the risk for future attacks was mitigated.
Software that it’s not regularly updated presents at risk. However, sometimes it is out of our influence whether or not a software remains up to date. If the software vendor does not provide updates and patches in time, and option to deal with such situations is to isolate software in virtual machines etc.
This post is about the security risks of having exposed RJ 45 sockets and your organization.
In July 2018, I was invited to provide a briefing to the Special Committee on Terrorism of the European Parliament about the risks of cyber terrorism on critical infrastructure and public spaces.