Like an episode of Jerry Springer

The security industry is known to be somewhat incestuous at times. The same faces can often be seen running, investing or purchasing companies. Over the recent weeks and months though, some of the M&A activity reads like an episode of Jerry Springer. In July of this year, HP declared the corporate-consumer marriage was no longer … Continue reading Like an episode of Jerry Springer →

Privileged Password Policy with Thycotic

From an attacker perspective, gaining control of privileged accounts remains the Holy Grail. Using a privileged account, an attacker can not only wreak havoc within a company, but also cover its tracks to make it near impossible to detect until it’s too late. Thus adequately securing and monitoring the use of privileged accounts is a … Continue reading Privileged Password Policy with Thycotic →

Knowledge sharing and career progression

Recently someone asked how they could further their career as they felt like they’d hit a glass ceiling and couldn’t progress internally. They weren’t having too much luck externally going through recruiters. I’m always surprised when someone asks me for any kind of advice. But I thought I’d give it my best shot based on … Continue reading Knowledge sharing and career progression →

Approaching User Awareness

In days long gone by, a lazy weekend meant sleeping in till mid-day, watching TV and going out with friends. With children that all changed and I'm lucky to sleep in at all before the weekend routine of extra-curricular activities start ranging from tuition, swimming, fixing things around the house and doses of, "I'm boooooored" … Continue reading Approaching User Awareness →

A tale of two acquisitions

In the last few days, two very different companies announced two very different acquisitions. LogMeIn acquired LastPass for $125m whereas Dell made a colossal purchase of EMC at $63.1bn. When one of your favourite providers is acquired, it can probably be likened to when your daughter introduces you to the man she wants to marry. … Continue reading A tale of two acquisitions →

CyberArk acquisitions two by two

Founded in 1999, CyberArk went public in September 2014 in what was overall alukewarm affair in the security industry. However, much like the swan which appears elegant on the surface, CyberArk has been busy paddling away underwater with its second acquisition in almost as many months. Its first acquisition was Cyberintel for an undisclosed amount - … Continue reading CyberArk acquisitions two by two →

House of CISSPs

Submitting and getting accepted to present a talk at any conference is just the first step. If you want to ensure you get a good turnout to your talk, you need to work the attendees. A task that becomes even more difficult when you're scheduled to speak on the last day. It's at times like … Continue reading House of CISSPs →

Spiceworld Austin

Being my first time in Austin, Texas I was slightly disappointed to be honest. I was expecting, boot-wearing, tobacco chewing and big hat wearing cowboys walking around open-carrying. But Austin is actually a really nice place - albeit a little hot for a London-boy like me. Spiceworks put on a great show though and AlienVault … Continue reading Spiceworld Austin →

How I started in Infosec

I've been asked many times how I got started in infosec so I made this video. The short answer is that is was mainly by chance. It was a long time ago when infosec wasn't anywhere as big as it is today. In fact, back then, people were more worried about the Y2K bug causing … Continue reading How I started in Infosec →

Filling the infosec skills gaps with Stealth Worker

Is there an infosec skills shortage? Many industry surveys would indicate yes. And even if there isn’t a great shortage today - the rate at which new professionals are joining the security industry is outpaced by the number of company’s creating systems which need some level of security oversight. Ken Baylor, former CISO at Pivotal … Continue reading Filling the infosec skills gaps with Stealth Worker →