Securing the Nut Between the Keyboard and the Screen
In April of this year the first Bsides London Security Event was held. I was honoured to be one of those selected to present at the event. The presentation “Layer 8 Security: Securing the Nut Between the Keyboard and the Screen” focuses on why security awareness programmes fail in many organisations and outlines how to […]
Operation Shady RAT Claims Widespread Espionage
Today McAfee released a report (PDF File) called Operation Shady RAT highlighting what it claims to be evidence of ongoing attacks against commercial and government organisations all around the world. These victims also include the United Nations secretariat and the Olympics Committee for an Asian country. It appears the attacks have been ongoing since mid-2006 and impacted […]
Morning Ireland Interview On Arrests of Alleged Lulzsec Member
Earlier this morning I took part in RTE Radio 1’s Morning Ireland show. I was invited onto the show to talk about the arrest of an alleged member of Anonymous and Lulzsec. The person arrested is an 18 year old teenager called Jake Davis, also known by the online alias Topiary. He was arrested by […]
Fighting Viruses; Defending the Net
There are a number of people in the infosec industry who can be classified as an industry leader. Mikko Hypponen, who works with the Finnish anti-virus company F-Secure, is one of those people. Mikko recently gave a talk titled “Fighting Viruses; Defending the Net” at the prestigious TED Conference held in Edinburgh last week. Have […]
Business Assurance in the 21st Century
As you may recall from my “Outlook is Cloudy” post I am the Chief Operations Officer for the Common Assurance Maturity Model (CAMM). I have been involved with CAMM for nearly two years and it has been a pleasure to work with some brilliant minds and excellent people on the project. Earlier this week the […]
Call for Papers for IRISSCERT Conference Closing Soon
The annual IRISSCERT Cyber Crime conference is due to be held on November 23rd this year. As usual the conference is an opportunity to learn about the latest threats in cyber crime and strategies to deal with those threats. IRISSCERT has has its call for papers open for the past few weeks and it is […]
"ISO 27001 In A Windows Environment" Book of the Year Award
I was pleasantly chuffed to find out at Infosecearlier this year that my book “ISO 27001 In a Windows Environment” came runner up in the IT Governance Book of The Year Award. The awards were based on a combination of the number of copies sold and the votes received in an online poll. Thank you […]
Team Cymru CSIRT Assistance Program
Team Cymru is a well respected computer security research organisation and provides a lot of high quality information to the community. One of the services they offer is the Team Cymru CSIRT Assistance Program (CAP) which is a service aimed at Computer Security Incident Response Teams at either regional or national level. The CAP provides […]
Importance of Log Files
The Sunday Times carries a story about the Fine Gael security breach back in January of this year. The paper states that the company, Election Mall, who were hosting the Fine Gael website at the time of the attack were not able/or would not provide the log files to An Garda Siochana and the Data Protection […]
Attrition.org Posts a Rebuttal to my Lulzsec Post
Subsequent to publishing my “Lulzsec Ups the Ante” post attrition.org and I had a very interesting discussion on my criticisms of Lulzsec using criminal methods to highlight the weak security used by the companies that were breached. Attrition.org has posted a rebuttal to my post and highlights issues that Attrition.org has with my post. The topic of how […]