Cyber Security News & Current Events

Sash

Recent Posts

In Europe for GDPR – Impressions Comparing it to Lessons from Australia’s Privacy Act NDB

Posted by Sash on 25/05/2018 2:58:00 PM

I have been in Europe for a couple of weeks now working on some longer-term strategic initiatives for Security Centric. My work brought me into a larger number of organisations than I normally would in my usual consulting life, and a consistent hot topic was GDPR. This is hardly surprising considering the gradual tidal wave of privacy policy update emails we have all be subjected to, as organisations align their compliance programs ahead of the deadline which comes into effect in a few hours across the EU.

Read More

WannaCry: Nothing New Here Apart from a Catchy Name

Posted by Sash on 17/05/2017 1:17:00 PM

Even the catchy name is not particularly innovative (Heartbleed has to take that prize over others such as BEAST and POODLE).

Read More

Security Centric joins PCI QSA program, but for different reasons

Posted by Sash on 14/05/2015 2:05:00 PM

QSA organisations and individual assessors usually complete the final phase of a PCI DSS compliance program – that is, a final audit. Whilst Security Centric is a QSA organisation, only a small proportion of engagements are to perform the final compliance audit.

Read More

Complete Heartbleed Protection in Under 36 Hours From Discovery

Posted by Sash on 14/04/2014 4:20:00 PM

Much has been written about the OpenSSL Heartbleed vulnerability, which affects the TLS heartbeat mechanism used by some versions of the OpenSSL library. Numerous open source and commercial products use affected versions of OpenSSL for their implementation of PKI, including enterprise hardware and software products.

Read More

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe:

Recent Posts