Infosec Mistakes

We all learn from our mistakes as we progress through our careers. Tripwire have compiled a list of 25 mistakes infosec people have made and I'm adding my own. You can see the total list here which feature great examples such as “Yes, a UFO is an unidentified flying object, but it’s probably an alien” … Continue reading Infosec Mistakes →

CISSP Reloaded–Domain 3: Telecomms & Network Security

This is the 3rd part on my CISSP Reloaded where I am revisiting the 10 CISSP domains I studied for many years ago to see what has changed and how much of it I have retained as well as adding in my own personal thoughts, experiences and rambles into the mix. Read domain 1, intro … Continue reading CISSP Reloaded–Domain 3: Telecomms & Network Security →

FBI Coffee

According to a flier issued by the FBI on how to spot suspicious activity, if you see someone paying for small items like a coffee with cash, it could be a sign that they are up to no good! Other such activities which could be deemed suspicious are: If you try to shield your computer … Continue reading FBI Coffee →

IS Controls

To manage risks better, you often have to recommend or examine controls. The types of controls can be broken down into three types, Protective, Detective and Recovery.

Going Creative Commons

I get a lot of feedback on my videos. One of the most common questions I get asked is whether someone can use a particular video of mine in a presentation they are doing internally at work or at a conference etc. It’s become a familiar process, I get an email from someone who starts … Continue reading Going Creative Commons →

Auditor IV

Coming soon…

Choosing IT Security Products

Whilst I am battling the dreaded man-flu, Girl-Cynic took it upon herself to bring to you todays video about IT security products. A bit like snow, we sometimes look at them from the warmth of our homes admiring the beauty of it all. Only to realise that it isn’t very practical in day to day … Continue reading Choosing IT Security Products →

CISSP Reloaded Domain 2–Access Controls

This is my second post on my CISSP Reloaded where I am revisiting the 10 CISSP domains I studied for many years ago to see what has changes and how much of it I have retained as well as adding in my own personal thoughts and experiences into the mix. Read the introduction and first … Continue reading CISSP Reloaded Domain 2–Access Controls →

CISSP Reloaded

What is a CISSP? A CISSP is many different things to different people. The ISC2 promote it as the premier security certification in the world and have you believe that with a CISSP comes great knowledge, power, mastery of the Force and an abundance of wealth. From a recruitment perspective these are the magic set … Continue reading CISSP Reloaded →

Risk Management

A short illustration of risk management. Demonstrating the concepts of risk mitigation, acceptance, avoidance and transfer. Learn these concepts well and you'll do well in your CISSP exam.