The NIS Directive seeks to achieve a high common level of security of network and information systems throughout the EU by taking a three pronged approach: – increased EU co-operation – improved cyber security capabilities at a national level; – risk management and reporting obligations for qualifying organisations Scope The NIS is applicable to organizations operating […]
Author Archive: Tom Brett
Follow on to the NHS WannaCry Ransomware infection in 2017 the Report
Findings from the Comptroller and Auditor General from the NHS wannaCry Ransomware infection in 2017 Some interesting points “On Friday 12 May 2017 a global ransomware attack, known as WannaCry, affected more than 200,000 computers in at least 100 countries. In the UK, the attack particularly affected the NHS, although it was not the specific […]
Delivering a number of CCISO Programs over the next few weeks
I dont normally publish course details here and I have been a bit too busy unfortunately for writing informational posts, this together with the enquiries I have been getting recently for CISO programs I thought this would be good to do….. so here it is I have a busy couple of weeks ahead delivering […]
Security and Incident Response Presentation
Please find my presentation on Security and Incident Response as part of Ibec’s ‘Getting Data Protection Ready’ Conference below Security and Breach Response
Security+ Update Domain 5 Risk Management Intro
Here are the slides as part of my talk today during the CompTIA Dublin event 2017 on Risk Management as part of the new updated Secuity+ Series Security+_Risk_Management
WannaCry Ransomware
WannaCry ransomware — also known as WCry, Wana Decrypt0r, WannaCrypt, and WanaCrypt0r! With the ongoing attack which started last week and after receiving several calls and mails over the weekend for some advice on how best to protect against ransomware, I thought I would put together some advice. Backup With any form of Ransomware, the […]
Passwords – Are they the weakest link? How can we create better, more secure passwords
What are passwords used for? Passwords are combined usually with usernames to validate (authenticate) that a user is who they claim to be, although other forms (factors) of authentication exist passwords are the most common used method, this is generally due to their ease of use from both user and administrator point of view and […]
With the recent LastPass Vulnerability – Should we use Password Managers at all?
We all must be aware of the risks of using passwords……. Or are we! We are constantly told / or tell (depending on our role) users what to do and not to do, things like: Use separate passwords for each secure site Change them regularly is what we all advise Use easy to remember but […]
SOCIAL ENGINEERING AND PHISHING
As social engineering attacks continue to grow in frequency and sophistication with the increased use of technology and through all of the communication channels we use today. Organisations must look at employee training and education as the first line of defence in order to mitigate such attacks. This article serves to explain some of the […]
2016 Cyber Threat Report
2016 Cyber Threat Summary ENISA has just released their 2016 Threat Landscape report illustrating the top cyber threats encountered in 2016. This report can be found at https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2016-report-cyber-threats-becoming-top-priority The report identifies the main threats with Malware again topping the list of threats Malware has been top of all cyber threat reports for several years, 2016 was […]