Until recent years, there haven't been many informative and reliable data sources which we can use in cyber security to learn about where data breaches come from, how likely they are and what costs are associated. For many years cyber security professionals were mostly playing guessing games and relying on their direct experience to help... Continue Reading →

After spending a while working for and with startups, small & medium enterprises, I've noticed some trends. For each company I've been associated with, I've noticed one of the following problems with regards to cyber security: They don't know what they don't knowThey know, but they can't afford the fixThey do things, but they are... Continue Reading →

A security expert, when sitting on the leadership team, can help an organisation meet their objectives by reducing the likelihood and cost of a security breach. This is especially the case for organisations who consider themselves as risk-takers. A full-time security leader or chief information security officer (CISO) is going to cost some pennies. Clearly,... Continue Reading →

Want to win a big exciting client?Have they asked you to complete a lengthy, jargon heavy cyber security questionnaire?Want to answer it well and impress them along the way?Contact me.Not ready to part with your hard-earned cash and want to do it in-house? Great. You're in the right place.I've been on both sides of the... Continue Reading →

At the beginning of November, a number of news websites reported 10 million hotel-related guest files have been open to the whole internet since 2013. A total of 24GB of data which includes guest names, national ID information, credit card details, you name it. Yours and my data is probably included. This is just one... Continue Reading →

*I am not an expert on health, infections or medication, take my advice on dealing with Coronavirus with a pinch of salt. But, do take the cyber security advice with a little more salty-assurance* You've probably heard of the Coronavirus. You've probably heard of cyber security, too. But how are they similar? It's quite simple... Continue Reading →

I know what you’re thinking. But I ask you to read some of the arguments in this article before making judgements 🙂 Firstly, some background. I work in cybersecurity. Like many people in the cyber industry, I am a big advocate of multi-factor authentication (MFA). It is especially useful for those with poor password hygiene,... Continue Reading →

What if the number of data breaches we see are injecting fear into those ultimately responsible for company losses? What if boards of directors and security leaders are unknowingly letting fear drive their decisions? What if those decisions lead to unnecessarily large security teams, ridiculous cyber budgets and every tool in the Gartner magic quadrant? ... Continue Reading →

As you probably know, cyber insurance is one of the trending topics in infosec at the moment. So let’s have a little internal debate to help understand it.  I recently saw that a number of councils in Florida, US have taken up cyber insurance. Why? Because as a governmental department, they have little budget for... Continue Reading →