Categories
Articles

Europe Wants Patches

The Proposal for a Regulation on Cybersecurity Requirements, recently published by the European Commission, significantly raises the profile of software vulnerabilities and processes for dealing with them after a product is delivered. The Regulation on Digital Resilience in the Financial Sector (DORA), proposed in 2020 and likely to become law shortly, does require organisations to […]

Categories
Articles

Privacy Enhancing Technologies: ICO draft guidance

The latest draft part of the ICOs guidance on data protection technologies covers Privacy Enhancing Technologies (PETs). This is a useful return to a topic covered in a very early factsheet, informed both by technical developments and a better understanding of how technologies can (and cannot) contribute to data protection. Perhaps the most important message […]

Categories
Articles

Do Display Names Matter?

Display Names are often how we are represented online. Michael might choose to appear as “MusicFan”, “Mikey”, “Florence” or “Andrew”. Does that establish a good tone for discussion? Or does it risk misleading readers, perhaps making them act on the basis of a mistaken identity? Platforms that use display names can and, I think, should […]

Categories
Articles

Thinking about automation: Malware Detection

Sophos have recently released a tool that uses Machine Learning to propose simple rules that can be used to identify malware. The output from YaraML has many potential uses, but here I’m considering it as an example of how automation might help end devices identify hostile files in storage (a use-case described by Sophos) and […]

Categories
Articles

Thinking about automation: network debugging

I’m hoping my generic model of a security automat (Levers, Data, Malice, Controls, Signals) will help me think about how tools can contribute to network security and operations. It produces the ideas I’d expect when applied to areas that I already know about, but the acid test is what happens when I use it to […]

Categories
Articles

Risk trade-offs? Or spirals?

A couple of recent discussions have mentioned “trade-offs” between risks. But I wonder whether that might sometimes be a misleading phrase: concealing dangers and perhaps even hiding opportunities? “Trade-off” makes me think of a see-saw – one end down, other up – which has a couple of implications. First, the two ends are in opposition; […]

Categories
Articles

Automation: Two ways

Earlier in the year, Networkshop included a presentation on Juniper’s Mist AI system for managing wifi networks. I was going to look at it – as an application I don’t know – as a test for my model for thinking about network/security automation. That may still happen, but first it has taken me down an […]

Categories
Articles

Thinking about blocking

Throughout the time I’ve been working for Janet, the possibility of using technology to block undesirable activity on networks and computers keeps coming up. Here are four questions I use to think about whether and how technology is likely to be effective in reducing a particular kind of activity: Where is the list? Any technology […]

Categories
Articles

Images of Cyber-security

Victoria Baines closed the FIRST conference with a challenge to improve our image (video). Try searching for “cyber security” and you’ll see why: lots of ones, zeroes, padlocks, and faceless figures in hoodies. Some of the latter look a lot like the grim reaper, which makes the task seem hopeless: in fact, cyber badguys can […]

Categories
Articles

Knowledge Management for Security & Incident Response

Knowledge Management (KM) isn’t a topic I remember being presented at a FIRST conference before, but Rebecca Taylor (video) made a good case for its relevance. Security and incident response use and produce a lot of information – a Knowledge Management approach could help us use it better. Most teams quickly recognise the benefits of […]