Here are some articles I’ve published via LinkedIn. Connect with me on LinkedIn here.
Build your own vendor cybersecurity questionnaire
Published 20 July 2020
If you’re wrestling with cybersecurity due diligence for your supply chain, but not sure where to start, here are some ideas!
Prove your worth with ROSI, InfoSec posse!
Published 25 February 2020
If you’re in security analysis or management you need to be in a position to prove the value of your initiatives. If you’re not sure where to start, you’ll find this article to be a useful primer. Don’t be put off by the dull acronym!
Are exploit authors criminals?
Published 21 January 2020
Could security researchers go to prison just for doing their jobs? The Computer Misuse Act seems to open up that possibility. What do you think?
Security as a differentiator
Published 24 December 2019
Is information security a means to an end? Or an end in itself? Can you ever use security to sell your business?
As you enjoy some turkey, mince pies, mulled wine and chocolates during this season, why not spend a moment considering how 2020 can be the year that security makes your business better. I’m sure there’s nothing you’d rather do.
How to speak good like wot I do
Published 7 December 2019
Bothered by vocal tics? Not sure when to use reflexive pronouns? When we communicate, a little polish – not airs and graces, but conscious improvement – can go a long way. Here are some thoughts on how we can avoid misrepresenting ourselves when we speak.
Gigantic data breach! What to do?
Published 25 November 2019
You may have read the recent news about the 1.2bn records ‘data breach’. Concerned if you’re affected? (Yep, you are affected.) Unsure what to do?
Here I attempt to demystify this unwelcome revelation and offer some practical suggestions for those with privacy concerns.
Many Fine Acronyms (or how MFA saves the day)
Published 13 November 2019
Passwords aren’t enough anymore. But acronyms like ‘MFA’ and ‘2FA’ can easily seem intimidating or technical. Which is a shame, because all we’re doing is MPB – Making Passwords Better.
Hopefully this article will clear things up. (Spoiler: it’s easy!)
Cybersecurity: It’s [Not] All About the Money
Published 6 November 2019
Is the way to improved cybersecurity spending increasing amounts of money? Throwing more resource at the challenge?
In most areas of life, we realise that to get better, we need to practise. I suggest that information security is no different.
What do you think?
Patch or be Pwned
Published 28 October 2019
Are you keeping Microsoft Office updated? If not, you’re at serious risk of a data breach, identity theft, or fraud.
Infosec Ethics – Ten Commandments
Published 21 October 2019
Do we need an ethical framework for information security? I think it could help. So here’s my starter for ten.
Ten Dangers of Generic Accounts
Published 14 October 2019
You wouldn’t share a toothbrush; don’t share a user account.
Infosec Ethics & Virtues – the why
Published 9 October 2019
Some say “do no harm”ā. As information security professionals, why not instead say, “Do good – and lots of it?”ā
Don’t Be Chicken Little
Published 4 October 2019
As cybersecurity practitioners, we have a duty to resist the urge to cry wolf.
