Here is another example of a data breach at a council. Although breach implies someone broke in and stole the data – as opposed to what happened which was that the Council employees themselves just sent the sensitive information out as part of a Freedom of Information (FOI) request – …
GitHub to require 2FA for all users by end of 2023!
GitHub is a valuable resource to software developers and so it is a key tool being used in many software supply chains. And we now know how vulnerable we all are to software supply chain hacking – look at this example. So my response when I saw this was the …
Continue reading “GitHub to require 2FA for all users by end of 2023!”
Something for the weekend – #BeCyberSmart
I am going to keep it simple today as it is the weekend – and I want to get on and make some jam today! When I am solving cybersecurity issues for clients – often very discreetly – I use the Triple A theory to help them understand what has …
Continue reading “Something for the weekend – #BeCyberSmart”
It cannot all be serious… #BeCyberSmart
Today’s security snippet comes from Randall Munroe at xkcd – pop over there now and have a look: https://xkcd.com/2522/ I have to agree with sentiment of the comic, multi-factor authentication (MFA, but see note below) can be difficult to set up, no one does it the same, authenticator apps can …
Triple AAA – the most important concept in information security
Authentication – Authorisation – Accountability For good security you must authenticate (A number one) who has access to your information. Then, once they have proven beyond a doubt who they are, that should authorise (the second A) them to access only that information they are entitled to and no more. …
Continue reading “Triple AAA – the most important concept in information security”
