Basic questions about cyber security 

I wrote this article last year as a simple introduction to cyber security.  It may help with developing the security culture that is essential to all organisations if they are to survive effectively in this cyber-enabled world. Information Security Management I hope it is useful to you.  

WannaCry, BA and lessons to learn 

The events of recent weeks have again highlighted the incredible impact on businesses of all types of attack on the IT and communications systems. It is clear that many UK and world-wide organisations were very badly affected by the WannaCry attack and, more recently, BA’s power supply problems led to major disruption for many people. […]

More about Ransomware 

I have mentioned ransomware in an earlier post but there is now a new discussion taking place in security circles.  This relates to the different types of ransomware now being seen and whether the type really matters. It is clear, from too many sources to mention, that ransomware continues to grow and is widely perceived […]

Sharing information 

I was recently sent a link to an excellent short video showing the dangers of sharing information in our modern lives. It is here and it worth a look just to make you aware how easy it is to find out all about you. There is an incredibly difficult balance to be drawn. On […]


This is becoming a major attack method for criminals keen to get their hands on your money. They get you to download some software that then encrypts your files. They then ask you to pay them to unencrypt the files – usually not too much money, enough to make it worth their while but not […]

Security and assurance 

I have been auditing against national and international standards for a while. It seemed to me to be a sensible way of trying to ensure best practice was being implemented and being implemented effectively. In recent months though I have realised there are some issues with these standards. To start with, they are standards based […]

Security today 

When I started out in the IT world there were a couple of things I learned very early on. 1. Do things correctly the first time to save money and hassle on having to correct them. This meant also designing in the features I wanted not adding them later.  This was particularly true of security. […]

What will 2015 bring? 

Cyber security is going to become even more critical as this new year starts. Information is being shown to be the new currency of this digital world in even stronger terms.  It is very valuable for a whole range of reasons and its loss or damage can critically affect an organisation. The attacks on organisations […]

Free security training 

I have just completed week 2 of the Massive Online Open Course (MooC) run by the OU and Futurelearn on the fundamentals of information security. The first two weeks have taught me a few things, reminded me of some more, and confirmed other beliefs and understandings. It is well presented in short, suitably bitesized chunks […]