The Defence in Depth Security Model Explained

The Defence in Depth Security Model is one of those security concepts I often see incorrectly implemented or not used to its full potential to protect services or systems. There is way more to it than first meets the eye. What is the Defence in Depth Security Model? The basic Defence in Depth Security Model Read more about The Defence in Depth Security Model Explained[…]

Pin It

How much should you spend on an external PenTest?

External Penetration Tests today come in all shapes and sizes, from the rudimentary highly automated scanning to the more detailed and human-driven PenTests, with often widely ranging costs to boot (3 to 4 times difference is not unusual for essentially the same thing). Sometimes it’s difficult to work out what form of external PenTest is Read more about How much should you spend on an external PenTest?[…]

Pin It
Cyber Crime

Encrypt Email addresses at Rest

It seems not a day goes by without some major data breach occurring on businesses systems. Anywhere from a few thousand records to many millions at a time, containing information ranging from names, addresses, telephones number, dates of birth and account details, etc. One thing I have noticed, that seems to be a constant throughout Read more about Encrypt Email addresses at Rest[…]

Pin It

Will the last AU based start-up please turn off the light?

It appears the Australian Federal Government is determined to do a Thelma & Louise and literally drive off a cliff into the abyss over truly mindless and ill-conceived legislation as concerns encryption, privacy and security. It has the potential to make us totally uncompetitive in global information technology markets and cut off at the knees a fledgling Read more about Will the last AU based start-up please turn off the light?[…]

Pin It

Systems Architecture & Security, winning at both

Online systems need to be both secure and designed to last, so how can you achieve both and not blow the budget? This article covers a few simple principals you can adopt which are both good for your systems architecture and good for your security. #1 System Components should only do what they say on Read more about Systems Architecture & Security, winning at both[…]

Pin It

Common Security Mistakes That Business Website Owners Make & How to Avoid Them

Cybercriminals and Internet fraudsters are singling out e-commerce sites and blogs of small businesses for their unscrupulous attacks. Nevertheless, as a business website owner, you can enact some simple precautions to thwart the evil designs of these unwanted intruders. The “Fort Disco” Botnet’s Brute-Force Tactic Both small business networks, as well as, their websites are Read more about Common Security Mistakes That Business Website Owners Make & How to Avoid Them[…]

Pin It

Hackers want your business website data!

According to reports (see here & here), hackers are becoming a lot smarter in how they attack websites. Rather than trying to individually attack each website they have recognised that standard frameworks are being used to create and maintain websites and thereby making it somewhat easier to attack a whole class of websites ‘en mass’ Read more about Hackers want your business website data![…]

Pin It