Recently, I have been talking a lot with clients about risk. Some clients can see the point and are moving with us to work on those risks, others are harder to convince. I have an article on CyberAwake looking at the start of a risk journey: Risk. Where do you …
Authentication – Who Do You Let In?
Authentication, Authorisation and Accountability. This is the first part of a three-part series looking at the basics of the cyber security principle of “AAA”. Today we will start with Authentication It seems the easiest of principles. Everyone needs a username and password (credentials) to access any of your organisation’s systems. …
Risk Analysis – How to eat a very large quadruped!
Today we are going to look at the very first meeting I have with clients where we look at risk analysis. This is not a blog about eating an elephant – that is a figure of speech – although I do have a book that includes a paragraph or two …
Continue reading “Risk Analysis – How to eat a very large quadruped!”
Patches and Updates. When they go wrong…
I am always pushing the necessity of keeping up with patches and updates – they are everyone’s essential step for good cyber security. However here is the warning tale for when things go wrong at the vendor end: HP rushes to fix bricked printers after faulty firmware update (bleepingcomputer.com) When …
Millions of websites use WordPress…
…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …
