How to build emergency preparedness for cybersecurity incidents

Business continuity and emergency preparedness have become familiar concepts for many businesses - and having such risk management practices in place is expected in many industries. In spite of this, apart from software companies, inclusion of cybersecurity and preparing for handling of serious cyber attacks and security incidents is far from mature. Many businesses have … Continue reading How to build emergency preparedness for cybersecurity incidents

Packaging a Node app for Docker – from Windows

Container technologies are becoming a cornerstone of development and deployment in many software houses - including where I have my day job. Lately I've been creating a small web app with lots of vulnerabilities to use for security awareness training for developers (giving them target practice for typical web vulnerabilities). So I started thinking about … Continue reading Packaging a Node app for Docker – from Windows

How to recognize a customized spear-phishing email

Phishing is still the most common initial attack vector. Mass mailed spam is now taking cues from targeted campaigns, improving conversion rates through personalization and the use of seemingly authoritative content. Scammers are getting better at targeting. Sharpen your defenses today - including your awareness training!Here are some indicators that can help identify phishing: Sender: … Continue reading How to recognize a customized spear-phishing email

How the meltdown CPU bug adds 50 million tons of CO2 to the atmosphere

The first few days of 2018 have been busy for security professionals and IT admins. As Ars Technica put it: every modern processor has "unfixable" security flaws. There are fixes - sort of. But they come with a cost: computers will run up to 30% slower because of it, depending on the type of work … Continue reading How the meltdown CPU bug adds 50 million tons of CO2 to the atmosphere

Making your signup page safe to use – by knowing how a secure development process looks

When you are signing up to a new web service - what are the risks? Obviously, there are some things you should think about before making the decision to sign up, such as their privacy policy and if the page seems to be good at securing your personal data. Lots of sites have not done … Continue reading Making your signup page safe to use – by knowing how a secure development process looks