Technical debt is what you are adding to every time you choose an easy or quick solution now, rather than looking at longer-term strategies. It is the technical expression of ‘failing to plan is planning to fail.’ And it has consequences.
The Great Firewall of China
From microblogs to what Google and Amazon says, China knows full well that unlimited, unaccountable and unsubstantiated news reports on the nation is simply not in its best interests, or pointedly its cultural interest! That may also mean news reports that are factually correct.
Cyber Security Hiring
Whether you’re a seasoned cybersecurity professional or are looking to transition into the industry, it’s hard to know how to grab the attention of hiring managers and ultimately improve your chances of making it to the next stage.
Here are eight top tips from Renana Friedlich-Barsky, Director and Global Head of Cybersecurity Operations at PayPal, a proven leader in this space who’s reviewed more than her fair share of applications over the years.
Cyber Security
Especially while many people are still remote, technology has become more and more central to people’s lives, and we are talking about ways that things will or will not return to normal. As we hear about more and more cyber security incidents, each supposedly carried out by ‘sophisticated threat actors with unprecedented capabilities’, it’s time to talk about the mystique of cyber security and the problem it has with public perception.
TSCM in the Workplace – How to Provide an Accurate Quote For Services
Planning and considerations to take into account when putting together a quote for providing TSCM services. The ability to accurately quote for a TSCM inspection has many permutations, and each TSCM provider has its own formula for quoting. This article looks at the main criteria you need to take into consideration.
Introduction to Steganography
All the techniques of steganography share one core concept, trying to hide a message. When children draw stick figures as secret messages to each other, they are practicing steganography. Modern steganography is usually a lot more malicious. It is used in malware command and control and the exchange of illicit information and material. If you do not know where to look it is frighteningly hard to detect.
How anonymous are your conversations, really?
Maybe you’re a close protection officer, trying to arrange a safe route through a dangerous location, or a surveillance specialist trying to communicate with others in your team.
Perhaps you just don’t trust the local government. Whatever the situation, it’ll almost certainly be easier to focus on the task at hand if you aren’t worrying about whether your messages were possibly subject to being intercepted.
Cybersecurity Series – Artificial Intelligence, Machine Learning, and Bias
In this article, I’ll take a look at artificial intelligence, particularly the machine learning area, a basic overview of how it works, and the dangers of over-reliance on an algorithmic approach to analysis.
Managing Your Digital Footprint
In the world of protective services, we are often charged with the responsibility of having to manage and reconcile between safety and access for our protectees.
As business owners, employees, independent contractors or just private citizens we too are challenged with the dichotomy of managing our personal and professional lives on social media.
New Data Highlights Cyber Security Skills Shortage
The report showed a growing awareness amongst CSOs about the increasing importance of cyber security, with 54% describing it as a ‘strategic priority.’ But a lack of available talent is preventing many businesses from implementing their cyber security strategies.
Hiding from OSINT
It often comes as a surprise just how much is available, and the nefarious uses it can be put to. OSINT can be applied towards defensive purposes, but we will be looking only at malicious purposes. One of the biggest challenges of OSINT is not merely recognising it as a threat, but encouraging the behavioural change needed to protect against it widely enough. It is not enough simply for a principal to stop posting Instagram pictures of their travels in order to hide them – their colleagues, friends, family, and employees also need to be aware of the need to take care with information which could be misused.
How To: Secure Calls and SMS with Signal
Signal uses phone numbers to identify contacts, however encrypted messages and calls use a data connection with a secure tunnel between participants. Intervening servers or infrastructure do not have access to the encryption keys, and so cannot realistically eavesdrop on any communications even if compromised. On Android Signal can be set up to replace your default text message client, and will handle unencrypted SMS messages as well.
How to be Cyber Safe When on Public WiFi
Connecting your device to the World Wide Web isn’t an issue when you’re at your place. It’s relatively safe, simple to do, and free of crowded traffic. When you leave the safety of your home to a public area, the story changes. When you connect to public Wi-Fi in different places, making certain you can still connect with people, read online news, and work remotely, are you aware of the risks?
UK Cybersecurity Industry Experiences Rapid Growth
The number of active cybersecurity firms in the UK has increased 44% – up from 846 in 2017 to over 1,200 at year-end 2019. This growth is the equivalent to a new cybersecurity business being set up in the UK every week
Read the report that concluded Saudi Arabia hacked Jeff Bezos’ phone
The hacking of Mr. Bezos is particularly sensitive because of his ownership of The Washington Post, which had published coverage critical of the kingdom and had retained Jamal Khashoggi
The Man in the Middle – Intro to Cybersecurity
Welcome to a third article in the series looking at introductions to cyber security. We’ll be looking at a type of attack which most people will be familiar with in principle, if not in technical practice.
The basic idea is simple – an attacker sits between two trusting parties, intercepting their communication and impersonating each to the other. Obviously this is somewhat harder in practice where people are, for example, sitting in a room together, but even a phone call gives potential for an eavesdropper or impersonator.
Social Engineering and Cybersecurity
We’ll be looking at a collection of tactics used by attackers to bypass security technology by targeting the weakest link – the human in the chain.
Social engineering is really just an overly technical term for knowing how to persuade people to do something against their best interests or against their better judgment.
OSINT: Do You Know How to Stay Protected?
The best protection against such SIM swapping methods is simple. Buy a dual SIM phone with a second pay-as-you-go number on a separate provider, which is used only for these authentication purposes. Since nothing is tying the number directly to you, it becomes much more challenging for an attacker to carry out a SIM swap.
Preparing for the General Data Protection
When the Data Protection Act 1998 was implemented nearly two decades ago, fewer than 10% of UK households had internet access. The technological world has moved on at an exponential pace since then, and a new law was required to reflect and address the current and foreseeable trends in technology and the use and misuse of personal data by organisations. Massive data breaches seem to be in the news every day now – and it was clear that the security of personal data was not being given a high enough priority.
Intelligence 2.0
Although the underlying principle of understanding ‘capability and intention’ and the objective of ‘forewarned is forearmed’ have not dramatically altered overtime, the sheer scale of intelligence available in the Open Source environment means that the greatest risk today is information overload rather than information scarcity.
It is in this context that in order to acquire and analyse asymmetric and potentially outcome-defining intelligence, analysts are required to think more laterally than ever and be able to draw both strategic and tactical conclusions from intelligence which may be independent and accurate as much as it may be deliberately misleading or presented through an emotional prism. SOCial Media INTelligence (SOCMINT) is one such instance of lateral thinking. FINancial INTelligence is another.