Cyber Security Skills in 2018

Cyber Security Skills in 2018

Last week I passed the EC-Council Certified Ethical Hacker exam. Yay to me. I am a professional penetration tester right? Negatory. I sat the exam more as an exercise to see if I “still had it”. A boxer returning to the ring. It is over 10 years since I passed ... Read More
The Role Of Mobile During Authentication

The Role Of Mobile During Authentication

Nearly all the big player social networks now provide a multi-factor authentication option – either an SMS sent code or perhaps key derived one-time password, accessible via a mobile app. Examples include Google’s Authenticator, Facebook’s options for MFA (including their Code Generator, built into their mobile app) or LinkedIn’s two-step ... Read More
How Information Security Can Drive Innovation

How Information Security Can Drive Innovation

Information Security and Innovation: often at two different ends of an executive team’s business strategy. The non-CIO ‘C’ level folks want to discuss revenue generation, efficiency and growth. Three areas often immeasurably enhanced by having a strong and clear innovation management framework. The CIO’s objectives are often focused on technical ... Read More
2020: Machine Learning, Post Quantum Crypto & Zero Trust

2020: Machine Learning, Post Quantum Crypto & Zero Trust

Welcome to a digital identity project in 2020! You'll be expected to have a plan for post-quantum cryptography. Your network will be littered with "zero trust" buzz words, that will make you suspect everyone, everything and every transaction. Add to that, “machines” will be learning everything, from how you like ... Read More
Bot Protection During Signup and Signin

Bot Protection During Signup and Signin

Bots, bots bots. They're everywhere apparently. They are becoming more complex and cause havoc to customer facing identity management systems, IoT devices and more. Fake accounts. Dummy accounts. Redundant accounts. Orphan accounts. Fraudulent accounts. Not to mention DDoS (Distributed Denial of Service) attacks. Mine field.Well, there are certainly some basic ... Read More
A Design for Modern Authentication

A Design for Modern Authentication

The password is dead. Long live the password! I have lost count of how many articles and blogs I have seen with regards to the weaknesses, the management, the flexibility, security, insecurity and overall usage of passwords when it comes to user authentication. We all use them and they’re not ... Read More
The Role of Identity Management in the GDPR

The Role of Identity Management in the GDPR

Unless you have been living in a darkened room for a long time, you will know the countdown for the EU's General Data Protection Regulation is dramatically coming to a head. May 2018 is when the regulation really takes hold, and organisations are fast in the act on putting plans, ... Read More
Why Tim Berners-Lee Is Right About Internet Privacy

Why Tim Berners-Lee Is Right About Internet Privacy

Last week, the "father" of the Internet, Tim Berners-Lee, did a series of interviews to mark the 28 year anniversary since he submitted his original proposal for the worldwide web.The interviews were focused on the phenomenal success of the web, along with a macabre warning describing 3 key areas we ... Read More
Top 5 Digital Identity Predictions for 2017

Top 5 Digital Identity Predictions for 2017

2016 is drawing to an end, the goose is getting fat, the lights and decorations are adorning many a fire place and other such cold weather cliches. However, the attention must turn back to identity management and what the future may or may not hold.Digital identity or consumer based identity ... Read More