This is becoming a major attack method for criminals keen to get their hands on your money. They get you to download some software that then encrypts your files. They then ask you to pay them to unencrypt the files – usually not too much money, enough to make it worth their while but not […]

Security and assurance 

I have been auditing against national and international standards for a while. It seemed to me to be a sensible way of trying to ensure best practice was being implemented and being implemented effectively. In recent months though I have realised there are some issues with these standards. To start with, they are standards based […]

Security today 

When I started out in the IT world there were a couple of things I learned very early on. 1. Do things correctly the first time to save money and hassle on having to correct them. This meant also designing in the features I wanted not adding them later.  This was particularly true of security. […]

What will 2015 bring? 

Cyber security is going to become even more critical as this new year starts. Information is being shown to be the new currency of this digital world in even stronger terms.  It is very valuable for a whole range of reasons and its loss or damage can critically affect an organisation. The attacks on organisations […]

Free security training 

I have just completed week 2 of the Massive Online Open Course (MooC) run by the OU and Futurelearn on the fundamentals of information security. The first two weeks have taught me a few things, reminded me of some more, and confirmed other beliefs and understandings. It is well presented in short, suitably bitesized chunks […]