Insight

Q1/21 a symposium was hosted in the US under the title ‘Thinking Outside the SCIF’ (Sensitive Compartmented Information Facility) to put forward the case for the utilisation of OSINT (Open Source) within the US Military and Intelligence Communities. John McLaughlin (CIA) kicked off day one by correctly pointing out that there was nothing new about open-source (OSINT), and paid tribute to how, in the conditions of the Pandemic, the utilisation of OSINT methodologies within the...

Many organisations that are turning to DevOps are struggling with various security challenges along the way. In “The Ultimate Guide of Orchestrating Security and DevOps,” tracing those obstacles to a lingering “cultural conflict” between the developers and security teams. Security teams are struggling to keep up with the pace that DevOps teams are used to, for instance, while DevOps teams are culturally resistant to anything like security and testing that could potentially disrupt their work...

When we read about cyberattacks in the news, they typically involve a well-known brand or large enterprise. The perception is the bigger the organization, the greater the impact. However, the recent attack on Microsoft Exchange Servers is expected to impact over 60,000 organisations. Indeed, this is likely to be higher given that recent research has found more than 10 different advanced persistent threat (APT) groups are exploiting the Microsoft Exchange vulnerabilities. The worst part, however,...

By Chris Sedgwick, director of security operations at Talion Cryptocurrencies are a topic that touches many areas; not only finance and investing but technology and even political arenas. Although apolitical in itself, it is the structure behind these cryptocurrencies that make them a much talked about subject amongst political purists from across the political spectrum. This structure can be boiled down to the following; think of cryptocurrencies as a ‘big spreadsheet’, and when you ‘mine’...

Between August 2020 and February 2021, “the agencies”, National Institute of Standards and Technology (NIST), National Security Agency (NSA) and National Cyber Security Centre (NCSC) had all published final or preliminary (beta) guidance for Zero Trust (ZT) that is applicable to all sizes of organisations. I would suggest to you that the agencies are experts in the field of cybersecurity. So why are these being ignored by vendors, analysts and consultancies to promote products and...

RosRed orange. Lemon yellow. #ff4500. #6699cc. Whether using pigment or light, when it comes to creating colours, the second word in the colour is the primary colour, and the first word is the descriptor. In “red orange,” it’s an orange colour with red; “#6699cc” is a grey with blue added. It’s the same idea when talking about culture. For “DevSecOps culture,” culture is the primary word and DevSecOps describes that culture. I'm going to talk...

The events of 2020 from a cybersecurity perspective have brought to light the significance of diversity for businesses of all sizes. Facing a more diverse range of challenges than most will have experienced before required an equally diverse range of coping mechanisms and responses to navigate accelerated digital transitions. The move to remote working placed strain on communications, data sharing, client management and – underpinning it all – security. Yet, while many are all too...

In the last year, the vast majority of us were compelled to reimagine the conventional office space; transforming dining room tables and ironing boards into desks, and sofas into our go-to spot for conference calls. Like dominoes, one company after another has announced their intention to adopt long-term, or permanent, remote working.   There are, undoubtedly, a great number of benefits arising from this transition for both employers and employees alike. On one hand, employees can...

For the average SME, cybersecurity can be a scary thing to think about. Without the funding, expertise or staff to throw a dedicated cybersecurity team at the problem, it is incredibly common for security to fall through the cracks when businesses are developing and growing at lightning speed.  Small businesses often don’t see themselves as a likely target, but when you look at the data, small businesses are breached at an alarmingly regular rate. -...

Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority. The rise of mobile healthcare The coronavirus pandemic introduced many stressful conditions for healthcare providers – treating an ever-increasing number...