Network Detection and Response in a world of staff and talent shortages
Originally Posted: January 14, 2023 Let’s start with the bottom line – Security Detection and Response is about finding and stopping the threats which have managed to get past all other security technologies and controls. Sadly, this is happening with an ever-increasing frequency. Recent high-profile events have shown that perpetrators are still both regularly getting past traditional controls […]
Security Analytics – Business Case
Originally Published: 2021-08-05 I have been interested in Security Analytics for some time now. I wanted to pen a piece about the economics of, and business case for Security Analytics. Achieving a robust security posture is complex and requires many elements operating together and in an optimal manner to successfully lower the risk to reasonable […]
Beyond-Firewalls – Network Security Techniques which every Security Engineer should be aware of
Introduction Over the last decade, Firewalls and Next-Generation Firewalls have almost entirely become the technology used to perform network layer security. While for the most part they perform their intended functions very well, there are several other valuable networking techniques which can also be used to perform security functions. Given today’s almost sole reliance on […]
Zero Trust – In Practice
Originally Posted: 04 August 2019 I have always thought of Zero Trust (ZT) as a nonsensical term as it is simply not possible to operate any IT infrastructure without some level of trust. It is interesting to note that Gartner have also recently referred to Zero Trust as ‘misnamed’ and have developed their own framework […]
Hacked Server Hardware – Network Monitoring Options
Originally Published: 13 October 2018 In the last week we have seen a spectacular report out of Bloomberg in relation to malicious hardware implants within Supermicro server motherboards. The implications of this report are potentially huge. However, the technical details disclosed are minimal and a large number of unanswered questions exist. Personally, I subscribe to […]
An Update on Machine Learning and AI in Security (Sept 2018)
Originally Published: 09 September 2018 I have not written on this topic lately and thought it time to do an update. People may remember a couple of years ago I was very excited by the prospect of utilising Machine Learning (ML) and Big Data Analytics in solving security problems. While there are a number of […]
Unravelling the Furball – A guide for the C-Level Part II
Originally Published: 10 January 2018 I was thinking back over the last few years in Cyber Security and was wondering just how many billions of dollars have gone into this domain. I’m not sure it’s even possible to accurately calculate the figure, but it’s a staggering sum. And guess what, we are still regularly seeing […]
Why Cybersecurity Fails – A guide for the C-Level
Originally Published: 16 May 2017 A short while back Andrew Penn, Telstra CEO, wrote a ‘must read’ article describing how Cybersecurity should be viewed and managed at a Board Level. Let’s call Andrew’s excellent article a ‘Top-Down’ perspective. I am going to try to complement his article with my own perspective, which is more a ‘Bottom-Up’ perspective. In […]
Cybersecurity – The ‘What’ and ‘How’ of Execution
Originally Published: 11 March 2017 In the last few years Cybersecurity has become a hot domain and as a result there have been a large influx of new people into the field. It is relatively easy to construct a Cybersecurity strategy. There are a significant number of places from which this type of material can […]
Applying Data Science within Security Design
Originally Published: 25 November 2016 The concept of Security Zoning, also known as Segmentation, is one of the most important architectural foundations within modern network security design. Security Zoning was first introduced back in the mid 90s when the Firewalls started to hit the market. In those days, firewalls were usually deployed at the Internet […]