My Retirement Plan

Buy 10,000 trophies from China (max $1 each including shipping)Buy an engraverRegister a fancy domain, like, "WorldsBestSecurity.com"Send emails to companies saying they've "won" an award in some <random category>. For a mere $1000 they can get featured in the WorldsBestSecurity.com listing and receive an engraved trophy. 10,000 * 1000 = 10,000,000 Even with a 50% … Continue reading My Retirement Plan →

Your polls are bad

If you've been on LinkedIn recently, you've probably seen your feed littered with polling questions. It could be something simple as, "which of these items do you like for breakfast" or something more specific such as, "Zero Trust is good because..." Either way, I have a bit of an issue with how these are framed, … Continue reading Your polls are bad →

The Impending Reality of Virtual Reality

There's a concept around finite and infinite games. A finite game is played to win whereas an infinite game is played for the purpose of continuing. I like to think of Monopoly as an infinite game. I've never been able to complete the game, and I've yet to meet anyone that can tell me any … Continue reading The Impending Reality of Virtual Reality →

Looking for security in the wrong places

It's an old economists' joke. A person out walking at night comes across a man scrabbling on the floor under a lamppost. The man on the floor says he lost his keys. When asked when he dropped them he then replies, "Oh, I dropped them over there, but the light's better here." It's an apt … Continue reading Looking for security in the wrong places →

The bad old days

BSides London is taking place and due to the pandemic and things, I'm not going and it's put me in a contemplative mood about the early days of my career. When I started there were no such things as conferences such as BSides. We only had Infosec Europe and the most we got out of … Continue reading The bad old days →

The Terminator had it all wrong

It's really easy to become complacent in security when the bad guys aren't focussing you. But when the evil eye of Cyber Sauron casts its gaze your way, you soon realise your silver bullets were only silver-plated. As lockdowns around the world ease to a degree and many organisations are welcoming staff back into the … Continue reading The Terminator had it all wrong →

Ransomware gangs aren’t very bad

Ransomware is the big threat to all organisations. It's the worst thing to ever happen on the internet. All ransomware gangs need to be hunted down and shut down wherever they may be. No ISP should be left unturned, no router left unexamined. They all need to be burnt to the ground! But is that … Continue reading Ransomware gangs aren’t very bad →

All security products are good

I tried to be a bit click-baity with my headline by saying all security products are good. But I think I failed in making it very enticing. That's typically a problem with click bait, if you don't go big, you don't really generate a ton of interest. And if you go too big, then you … Continue reading All security products are good →

Making the best of a bad situation

It must have been around 2005. I was fed up with my job. I was the at that stage of life where I had the perfect balance of youthful arrogance, a disdain of authority, and just enough knowledge to give me illusions that I could do my boss, and his boss, and his bosses job … Continue reading Making the best of a bad situation →

What business are you in?

Do you want fries with that?Global giant McDonald’s is famous for its fast food. However, it’s not their burgers and fries that made the business profitable. Ray Kroc struggled to initially bring enough revenue from his franchised restaurants in order to pay for the land and the building for McDonald’s restaurants, which meant growth was … Continue reading What business are you in? →