What is Credential Stuffing?

What is Credential Stuffing?

Credential stuffing has been in the news because it is a method of attempting to take over accounts of a company by using the databases of known breaches to ‘stuff’ thousands or millions of known credentials into an automated bot and attempting to see if they can get...
NIST CSF – Part 3 – Detect

NIST CSF – Part 3 – Detect

The NIST Cyber Security Framework (NIST CSF) is the result of a February 2013 Executive Order titled “Improving Critical Infrastructure Cybersecurity” and 10 months of collaborative discussions with more than 3,000 security professionals. It comprises a risk-based...
Modern Cyber Security – The Cart before the Horse Syndrome

Modern Cyber Security – The Cart before the Horse Syndrome

Ah the rise of the cybersecurity industry. So many tools, so many ‘silver bullets’. Don’t get me wrong this is not necessarily a bad thing. There are gaps and problems and tools are built to solve these problems and address these gaps. The issue is when a security...
Why you should frustrate your pen testers

Why you should frustrate your pen testers

The third or fourth step in any breach (depending on who you talk to) is that an attacker must ‘gain authority’. Think of it like a bank; if the criminal breaks into the vestibule they have little or nothing to steal, they have to get from the vestibule to the main...
How Expensive is Effective Cybersecurity?

How Expensive is Effective Cybersecurity?

There is almost no limit to how much you could spend on cybersecurity solutions, and with Gartner estimating global spend on security is equal to about 1.5% of worldwide revenue – does that mean that effective cybersecurity has to be expensive?  And what is...
Where are your data protection blindspots?

Where are your data protection blindspots?

Data security and privacy were named as top issues for 2019. Data loss prevention requires a comprehensive strategy to identify, protect and monitor sensitive information.  As most organizations do not 100% know what data they have stored (often over many years and...