In the world of cybersecurity, the Zero-Trust Security Model has emerged as a potent strategy to protect organisations from both external and internal threats. This model operates on a straightforward principle: “Never trust, always verify,” regardless of whether the request comes from inside or outside the organisation’s network. However, as I’ve discovered latterly when talking… Read More »
The world of cybersecurity, historically centered around defending digital fortresses from cyber-attacks, has been experiencing a strategic evolution. The old-school approach of constructing robust ‘castle walls’ and expecting them to hold off attackers is increasingly seen as a tactical relic. In the present day, cybersecurity experts are recognising the pressing need to transition from a… Read More »
Cloud technologies have steadily emerged as the bedrock of computing architecture for Governments and Industry. With the triad of Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) leading the charge, businesses worldwide are now embracing a multi-cloud strategy. While this delivers flexibility, scalability, and performance optimisation, it also compounds the intricacies of data… Read More »
The cybersecurity landscape continues to witness sophisticated attacks targeting critical infrastructure. In a concerning development, whilst a few months ago, multiple U.S. Government IIS servers have fallen victim to cyber-attacks exploiting vulnerabilities in Progress Telerik software. In this article, I aim to provide a comprehensive overview of the attacks, technical details, threat actor activity, and… Read More »
As technology advances, so does the intricacy and sophistication of cyber operations. This trend creates an urgent need for robust regulatory frameworks, particularly concerning international law and cyber activities. Recent episodes of state-sponsored cyber espionage, most notably those attributed to the Chinese Communist Party, have thrown this necessity into sharp relief. The spectrum of these… Read More »
The digital age has ushered in new frontiers, bringing with it an uptick in cybersecurity breaches. When faced with such incidents, the affected parties often turn to the judiciary to help manage and mitigate the damage. However, securing an injunction against unidentified individuals— “against persons unknown” or in an American context a “John Doe” injunction—in… Read More »
The current digital landscape necessitates robust cybersecurity across all sectors. Legal firms, owing to their possession of sensitive client and internal data, are particularly attractive targets for cybercriminals. The implications of a data breach can be severe, leading to reputational damage, financial loss, and erosion of client trust. Alongside cybersecurity, legal firms rely heavily on… Read More »
Artificial Intelligence (AI), the driving force of the 21st-century technological revolution, carries the promise of immense societal benefits and transformative change. However, it also raises crucial concerns that call for collective global vigilance. The Centre for AI Safety, a collective of prominent figures in the AI domain including Sam Altman of OpenAI, Demis Hassabis of… Read More »
Introduction This week, the Department of Defense (DoD) delivered its highly anticipated classified 2023 DoD Cyber Strategy to Congress. This comprehensive strategy outlines the Department’s approach to operating in and through cyberspace, with the aim of safeguarding the American people and advancing the defense priorities of the United States. The strategy builds upon previous initiatives,… Read More »
As organisations grapple with the increasing frequency and complexity of cyber threats and the numerous threat actors which are the source of such threats, there is a rising demand for methodologies that proactively manage cyber risk exposure. Continuous Threat Exposure Management (CTEM) has emerged as a crucial solution to this challenge. The approach embodies a… Read More »