I can't really believe that I've managed to write 200 of these, and that people continue to subscribe week after week. This has been a somewhat…
2
How do we learn stuff? There's a lot of different theories about how people learn. One of my teacher friends always gets quite frustrated at the common…
1
Identity and Access Control forms the basis of almost all security as we know it. It doesn't matter whether we are talking about using passes to enter a…
1
It's incredibly difficult to legitimately measure our effectiveness at cybersecurity. Security is one of those things, where if you spend money and…
“Just log more” is the advice that we see most often from cybersecurity defenders and cyber talking heads (which reminds me of Max Headroom). But…
2
Betteridge's law should tell you the answer to this! Of course the answer here is no. We almost certainly do not understand our supply chains, and I…
Happy sunday on a gloriously sunny day. Some of you might have noticed that I didn't send a newsletter last week, and I'd love to have a good excuse…
1
How you deal with vulnerabilities is critical to your organisations approach to security. In far too many organisations, there simply isn't any defined…
We sometimes talk about "securing the software supply chain" as if it will prevent bugs and issues, which isn't quite accurate. The increasing number of…
Humans are funny creatures, we're afraid of flying but drive cars on a daily basis despite one being the safest form of travel and the other being the…
Zero trust is the architecture we talk about where there is zero trust in the fact that the requests are "coming from inside the network". But in fact…
2
I’ve referred before to the excellent XKCD cartoon that reminds us that huge amounts of modern commercial systems and code rely on a library maintained…