These days I find myself repeatedly biting off more than I can chew with personal projects. Whether it be me thinking I can fix a fence, or dig up weeds, or maintain my own site. TL;DR  I’ll be moving this blog soon over to (several people have told me it would be more professional). […]

As of last week, it became official, that KnowBe4 became the latest Infosec unicorn. A what? A Unicorn is a term given to a private company that is valued at a billion dollars. How? An investment of $300m led by KKR, with participation from exiting investors, Elephant, and TenEleven Ventures boosted the company valuation to […]

At first I thought it was an exaggeration. A story that had got out of hand. But after spending over 72 hours travelling with Erich Kron, I do believe he is cursed to travel with. Despite everything being booked in advance, Erich spent an awful lot of time on the phone sorting out issues that […]

Welcome back from the mid-season break! Quick recap, I left AT&T Cybersecurity aka the company formerly known as AlienVault, so I wandered the earth like Caine from Kung Fu, took up yoga, and got into adventures. Just kidding, I’ve never tried yoga! I have joined KnowBe4 as one of their Security Awareness Advocates / Evangelists. […]

I resigned from AT&T Cybersecurity, the part of the company formerly known as AlienVault. It was a great place and I enjoyed my time there. The days were filled with joy, like lens flare in J.J Abrams Star Trek. But everything comes to an end sooner or later. And sometimes it’s best to end it […]

Last week, Thom Langford wrote a post on his RSA 2019 itinerary, which featured some of the sessions he’d shortlisted to visit. I found it to be a useful list, and thought I’d try compiling my list of vendors I’d put on my shortlist to find out more about. My employer AT&T Business – 5545 […]

I finally made it over to Ireland! It’s quite embarrassing having lived all my life in London that I never did get the chance to hop sooner. But we are where we are, and what better reason to go over than to attend IRISSCON. At the airport, I was about to board my flight I […]

One of my favourite bloggers Troy Hunt posed a question on Twitter yesterday asking whether a user should share responsibility for a weak password that they reuse across multiple services. There was a lot of great discussion and debate, and I found myself opposing Troy’s views. It was getting late in the night and despite […]

Red Hat was recently acquired by IBM for and eye-watering $34 Billion, and while it’s the largest deal of its nature, it did get me curious as to how frequent it is for open-source companies to get involved in a bit of M&A. To keep it simple outside of my usual IT Security wheelhouse, let’s […]

October is National Cyber Security Awareness Month (NCSAM), but why restrict it to a month, when we need it all year round. So, I created a few very short videos on a few security awareness topics. The idea was to keep them short enough so people would watch them to the end, have a bit […]

via IFTTT Another busy and enjoyable day at the AT&T business summit in Dallas. Today was spent mainly in sessions, and I ended up spending an hour in an ‘ask the expert’ session as well as getting interviewed by Shira Rubinoff. Yay, go me! Tomorrow is the last day, and I have a very important […]

via IFTTT I’m in Dallas, and there’s not Ewing in sight. Luckily, what is here, is a great business summit. Here are some of the highlights from day 1 where I spent most of the time drooling over the booths.

I got the dates wrong in the video, should have said 21st Aug to 5th Sept. But, this is me looking at the whole incident as a customer, not as a security professional. I received the email notification from British Airways informing me of the breach and the fact that customers payment and personal information […]

Around 2006 / 2007 I began blogging and tried to get into video blogging. Although I’d been working in information security for 7 years up to that point, I wasn’t well-connected in terms of what conferences ran, who the influencers were, or who the editors of any of the numerous security magazines or websites were. […]

Social channels are an oft-overlooked area when it comes to information security. Social channels are left in the hands of marketing departments for customer engagement purposes. However, the adoption of social digital tools for the purposes of conducting business is widespread and largely unregulated, creating a major area of risk for organisations. If we look […]

Overall, technologies can be pretty straightforward to secure. Teach software not to execute a certain command, block a port, or alert on a set of conditions, and it will abide. Humans, on the other hand are not as easy to harden against attacks. These attacks are frequently delivered through emails, text messages, social media, or […]

This video was prompted by discussions with someone that was adamant that they would never, never, everrrrr put their logs in the cloud. I enquired as to why they weren’t open to the option, and their response was that they don’t believe that sensitive information like logs should be in the cloud. Now that’s all […]

It’s coming up on my 3 year anniversary at AlienVault – and after a conversation with a friend, it dawned on me that I don’t think I’ve ever really explained what AlienVault does. So, when I was in Austin this last week I recruited some of my colleagues to help make this short video to […]

A lot of individuals and companies of all sizes often use the phrase where they ‘think’ they’ve been hacked or breached, or had some form of unwanted event. There is usually a lack of conviction in this statement, and in hindsight it’s not easy to validate. Sure, one could use a service like to […]

Anytime we discuss security, it’s mainly to talk about the failures. So I’m taking time out today to spread some positivity to all those security folks that have made it through the week without an incident occurring.