Cybersecurity Starts in the Boardroom
I wrote about the potential victim base that any WordPress cyber security issue exposes last week: WordPress is always a target Have a read of that article if you do not understand why WordPress, WordPress plugins and user authorisation, need careful management in any cyber security plan. To reinforce the …
In case you missed the memo passwords are important. Storing them in plain text where threat actors can eventually get access to them is a really bad thing. Misconfigured Firebase instances leaked 19 million plaintext passwords (bleepingcomputer.com) It is even worse if those passwords are associated with other sensitive information, …
The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions. This principle is one I always enforce in cyber security as it is a powerful way of defending the most …
Continue reading “Why the “Principle of Least Privilege” works and something for free…”
This article was previously published on CyberAwake but as it discusses some fundamental ideas about mobile device security and app stores, I thought it should be published here as well. Following on from my two latest articles looking about device security (linked below), I am coming back to the subject, …
Continue reading “Device Security (Pt. 3) Just One More Thing…”
Regular readers will know the importance I attach to software and firmware patches as part of any cyber security plan. In fact, with most projects, managed and monitored updates one of the first things we implement across an organisation as it gives an immediate win for improved cyber security. Restarting …
