Artificial Intelligence

The Risks of Using AI in Cybersecurity

Artificial intelligence (AI) has reshaped many aspects of business and cybersecurity, promising unparalleled capabilities in threat detection, incident response, and overall risk management. Yet as AI continues to gain ground, understanding its limitations and risks becomes critical. This article explores the potential pitfalls of using AI in cybersecurity, covering risks such as over-reliance, ethical concerns, Read more about The Risks of Using AI in Cybersecurity[…]

Zero Trust, the Hidden Pitfalls: Challenges and Failure Points in Implementation

Zero Trust security model adaption has accelerated over the past decade, driven by increasing cyber threats, digital transformation, and the need to secure remote workforces. Unlike traditional perimeter-based security, Zero Trust operates on the principle of “never trust, always verify,” ensuring that all access to resources—whether internal or external—is continually validated. While the theoretical benefits Read more about Zero Trust, the Hidden Pitfalls: Challenges and Failure Points in Implementation[…]

Implementing Zero Trust: Best Practices and Key Areas for Success

In an increasingly interconnected digital world, the traditional network perimeter security model is proving to be inadequate. With mobile devices, cloud services, and remote work being the norm, organizations can no longer rely on the assumption that everything within their network is inherently secure. Combine this with cybersecurity threats growing in sophistication, and the surface Read more about Implementing Zero Trust: Best Practices and Key Areas for Success[…]

Strengthening username and password logins

Username and password based login is often seen as the weakest link in authentication – too often people choose weak passwords, write them down or reuse them. So on their own they are an easy target for hackers. But it need not be this way, if you have the ability to implement a few additional Read more about Strengthening username and password logins[…]

Detecting Cyber Security BS in CVs

Hiring competent people in cybersecurity is always important, as you cannot secure what you do not understand. The trouble is often those who are performing the hiring do not have an in-depth understanding of cyber security and what specific skills and experiences are required to perform a cyber security role well. Why is this so Read more about Detecting Cyber Security BS in CVs[…]

The 3rd party security nightmare

It appears 3rd party integrations are the flavour of the month for security incidents at the moment. The latest being Ticketek Australia, where some of its customer may have had their personal details exposed, including names, date-of-birth and email; all of which was managed by a “reputable, global third-party supplier”. In other words, a global Read more about The 3rd party security nightmare[…]

Cyber Crime

Houston, we have a security problem…

It seems not a day goes by without some record cybersecurity incident hitting the press, be it a data breach, a Zero Day or some malware doing its devious things… Trouble is the frequency of these events, and their scope, has been increasing significantly over the last few years and most people have not latched Read more about Houston, we have a security problem…[…]

Cyber Security

Cybersecurity Expert Sydney

In an era where digital vulnerabilities pose an ever-increasing threat to businesses worldwide, the significance of cybersecurity expertise cannot be overstated. With sophisticated cyber-attacks on the rise, the role of a cybersecurity expert has evolved from merely safeguarding digital assets to actively predicting and mitigating potential risks. To fortify your organization’s resilience against these imminent Read more about Cybersecurity Expert Sydney[…]

PII Hacking

Whose Face is it anyway? The ClearView AI Ruling

Recently (9th November 2021) the Australian Information Commissioner produced a ruling against Clearview AI Inc for its usage of the images of Australians scrapped from Social Media sites and found them to have failed to comply with the requirements of the Australian Privacy Principle and hence interfered with the privacy of Australian individuals, as follows: Read more about Whose Face is it anyway? The ClearView AI Ruling[…]

Security Questionnaires online, are they safe?

Those who have been following my posts know I have an evolving love/hate relationship with online security questionnaires. Done well, they can speed up the process for the client and service provider and establish a properly shared understanding of where risks lie and how those can be managed over time. Done badly, they can be Read more about Security Questionnaires online, are they safe?[…]

Protecting against the biggest security vulnerability

First off, do you know what the biggest single cause of security vulnerabilities and successful attacks against computer systems is? A lot of people think of insufficient access controls, a lack of process, SQL injection, etc but there is something more fundamental sitting behind a lot of these that often gets overlooked. I’m talking about Read more about Protecting against the biggest security vulnerability[…]

Cyber Security

Web site scanning without prior permission is very likely illegal, here’s why

It appears that there is a growing wave of SaaS utilities that will either scan websites and internet-based services for you or provide you with access to historical information on sites and services they have already scanned, often for a fee. Unfortunately, using such services can result in your seriously falling foul of the law Read more about Web site scanning without prior permission is very likely illegal, here’s why[…]