This week I have been discussing user and systems monitoring with a client’s senior management team. Their immediate response was that they did not want to spy on their staff as they trusted them – and to be fair they are appear to be a friendly supportive organisation. However my …
Control your information
I am in the middle of another IT and Cyber Security audit for an organisation and as part of that report I have been asked to look at their SharePoint configuration. IT was set up in rush during the first lockdown and the board and CEO are not sure about …
Real Incident Response
What is your incident response plan if a hurricane is going to cross where you live and/or work? Johannes Ullrich who writes for SANS has written about his preparations. I am not going to say much about them – they are a description of a technical response to a serious …
Ransomware will always be changing – so does your response
As cyber security professionals come to understand the current ransomware threat and vendors and MSPs provide services and training to deal with the threat – the threat actors will always change their tactics. Here is one of the latest – using torrents to extract data from compromised systems: Clop ransomware …
Continue reading “Ransomware will always be changing – so does your response”
Defence-in-Depth – The Next Step
Yesterday I wrote the opening chapter of this defence-in-depth article – I looked at how anti-virus protection can be side-stepped by threat actors and that staff cyber awareness training is needed to provide another layer to your defences. That was a human addition to your defence-in-depth and today we are …
