&#x;&#x;

Cyber Security Blog
Raising awareness of global cyber security issues.

application-whitelisting
01 Jul: Application Whitelisting

Application Whitelisting works by specifying which applications can execute (The Whitelist) leaving everything else implicitly or explicitly denied (The Blacklist). Granted, there will always be some that fall in the middle (The Greylist) but those should be reserved for administrative decision.

azure-atp
15 Jun: Managing Inside Threats: Microsoft Azure ATP Lateral Movement Paths

While the ability to monitor network traffic in and out of your network, sometimes known as North-South traffic, is well known, understood, and managed, there is a greater risk that is more challenging. Monitoring the traffic inside of your network that never leaves the boundaries of your systems, also sometimes known as the East-West traffic, can be very difficult.

teams
01 Jun: Work Remotely And Securely With Microsoft Teams

Data is the gold rush of this century, and it represents a tremendous amount of value to those that have it and those that want it. Data can be anything from personally identifiable information to intellectual property to a strategic advantage to information about vulnerabilities in systems. In the right hands, it represents incredible strength and advantages. In the wrong hands, it causes significant harm and disadvantage. It makes sense to take reasonable steps in safeguarding your data.

Application_Whitelisting_scknpt
15 May: Leverage Your Existing Microsoft Investments for Application Whitelisting

Data is the gold rush of this century, and it represents a tremendous amount of value to those that have it and those that want it. Data can be anything from personally identifiable information to intellectual property to a strategic advantage to information about vulnerabilities in systems. In the right hands, it represents incredible strength and advantages. In the wrong hands, it causes significant harm and disadvantage. It makes sense to take reasonable steps in safeguarding your data.

09-DLP_m0sfed
01 May: Safeguard Your Data with Microsoft 365 Data Loss Prevention

Data is the gold rush of this century, and it represents a tremendous amount of value to those that have it and those that want it. Data can be anything from personally identifiable information to intellectual property to a strategic advantage to information about vulnerabilities in systems. In the right hands, it represents incredible strength and advantages. In the wrong hands, it causes significant harm and disadvantage. It makes sense to take reasonable steps in safeguarding your data.

remote
15 Apr: A Suddenly Remote Workforce: Coronavirus Concerns

Now that the working world is forced to adopt a new type of productivity with the emergence of coronavirus COVID-19, organisations of all size are adjusting to “Business As Unusual”. Traditional office workers are suddenly facing the prospect of working from home and their employers are in a predicament to facilitate it. The challenges in securely managing systems and data have suddenly increased ten-fold, leaving managers and employees alike scrambling to adapt.

bird-animal-freedom
01 Apr: Microsoft Azure Sentinel: Make your SIEM SOAR like an eagle

Over the past decade or more, we have seen a tremendous shift in business infrastructure away from the traditional on premise systems and services towards cloud-based X-As-A Service (XaaS). Instead of having all of our hardware and software safely located inside the walls of our bricks & mortar offices, we now have only basic connectivity devices.

architecture-buildings
15 Mar: Secure Your Cloud with Microsoft Cloud App Security

Over the past decade or more, we have seen a tremendous shift in business infrastructure away from the traditional on premise systems and services towards cloud-based X-As-A Service (XaaS). Instead of having all of our hardware and software safely located inside the walls of our bricks & mortar offices, we now have only basic connectivity devices.

Secure_Input
01 Mar: The ASD / ACSC Essential Eight

In February of 2017, The Australian Signals Directorate (ASD) Australian Cyber Security Centre (ACSC) published an update to their “Top 4” Strategies to Mitigate Cyber Security Incidents by revising the list to include four more crucial strategies.

abstract-art-blur-bright-373543_voogo4
16 Feb: Information Assurance Ecosystems

This ecosystem is composed of both technical and administrative controls, but is also comprised of as few layers as possible to create a defence in depth architecture that integrates with each of its individual pieces. Visibility is improved by removing gaps and overlaps and ultimately leads to reduced human error, nearly universally agreed as the core of most incidents either directly or indirectly.

zero_trust
01 Feb: Zero Trust

Developed a decade ago, the Zero Trust framework has recently gained more attention due to the collective castle walls of many organisations crumbling and the owners of information systems and data becoming usurped by malicious entities. There is plenty of proof and anecdotal evidence to assure us that cybersecurity incidents are a matter of “when” and not “if”.

nist
20 Jan: The NIST Cybersecurity Framework

This voluntary framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.