I have implemented information control for one-person organisations – because even a small organisation will have some need to share information with other people and organisations. It is an essential step in any IT and Cyber Security Audit to examine who, has access to what information and what steps are …
Back-to-Basics – A Phishing Email Primer
I am having a break this week from the “Wednesday Bit”, but what I do have for you is my today is my completed Phishing Email Primer. However my track record for these Back-to-Basics mini-series is that they do not stay “complete” for very long, so do keep an eye …
Credentials are King
Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
Back to Basics – The Collection II
This week the Wednesday Bit is for reminding you about my collection of mini-series and back to basics cyber security primers. There have been a number of additions, updates and changes since I first ran a “Collection” article. Why am I doing this? Because we can all benefit from some …
The Principle of Least Privilege and Authentication, Authorisation and Accountability – A Primer
Authentication, Authorisation and Accountability (AAA) and The Principle of Least Privilege (PoLP) come together in this primer to give you a basic understanding of the importance of knowing who is accessing your information and how much they can access. Another important idea covered here is what happens when something goes …