When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that […]

There’s a lot of webinar action at the moment. I’m running one on 5 June with one of my technology partners(see here) and another of my partners has one 11 […]

And today’s fire drill is…: […] Cisco said that without updates any VIRL-PE or CML products that are deployed in standalone or cluster configurations will remain vulnerable to the same […]

Expect this to affect privacy and data security legislation, but we can’t say how until we see the text of the legislation…: […] The text of the proposed legislation (the […]

I like the list in this article. One thing I’d add is: “Target training at those that show the most risky behaviour” which probably goes along with “Make training and […]

Part of the challenge in fighting this is that communications from Google (and Microsoft) usually contain clickable buttons so that users are habituated into trusting the click-through. I’d prefer the […]

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. […]

I strongly suspect that Israel won’t be the only target for attack. If you work with Industrial Control Systems, look for IOCs now…: Israel successfully thwarted a major cyber attack […]

What due diligence do you undertake when signing up a new supplier, and how often do you review their security status?…: Less than two years ago, in June 2018, when […]

I’ll add to the point made by the man from Dell: GDPR shouldn’t be a “compliance tick box”. If you’re going to be spending on compliance then it would be […]