Mr and Mrs CISO: Security in the Age of the Lockdown

With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits ... Read More

Dispelling 5 Myths and Misconceptions Surrounding File Integrity Monitoring (FIM)

File integrity monitoring (FIM) started back in 1997 when Gene Kim launched Tripwire and its “Change Audit” solution. Just a few years later, Change Audit became FIM; this rebranded tool worked with the 12 security controls identified in Visa’s Cardholder Information Security Program (CISP). CISP became PCI DSS 1.0, and ... Read More

Why You Need a Concrete Incident Response Plan (Not Strategy)

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response. The panel was hosted by another security professional, and over 50 professionals from the industry were present in the audience. I’ve worked in information ... Read More

All I Want for Christmas… Is a New SSL Certificate

On Thursday 6th December, 2018, I realized how dependent I was on my mobile phone having an internet connection. That particular day, I was out and about away from Wi-Fi networks. The first time I noticed I had no connectivity was when I used my phone to check if my ... Read More

Infosecurity Europe 2018: Being the First to Respond in the Digital World

The world is full of first responders. You may not realize it, but you will know someone who is a first responder. Typically, one would associate a first responder with the three main emergency professions: Ambulance, Police and Fire. Within the Ambulance profession, that person who is first on the ... Read More
How PCI/DSS Compliance Can Protect Your Systems against New Ransomware Threats

How PCI/DSS Compliance Can Protect Your Systems against New Ransomware Threats

Two significant ransomware attacks occurred in the first half of 2017. The first outbreak took place on May 12, 2017, when WannaCry leveraged a known Windows exploit to infect hundreds of thousands of vulnerable computers around the world, including 34 percent of UK National Health Service (NHS) trusts. Less than ... Read More