Invite to discuss

Want posts & news about #budget on your wall?

Sign Up




Building A Global Nation State SMB Exploit Honeypot Infrastructure With A £50 Budget #EternalPot

Note to post: All words, IP ownership, analysis, opinions, data, graphs et al are the property of Kevin Beaumont and where altered and extracted are done so remaining true to the original meaning / assertions. From and article by "Kevin Beaumont InfoSec, from the trenches of reality. Email | Twitter: @gossithedog on Twitter" titled "EternalPot — Less… Read more
Start the discussion...
Sarah Clarke

OPINION: The role of automated data discovery in a GDPR programme

Do you have any online profiles or posts featuring those 4 magic characters: G D P R? If so, whether you are a business decision maker, IT body, security body, charity boss, employed data protection pro, or job seeking data protection pro (less and less likely), you are almost certainly drowning in a flood of golden bullety vendor pitches. BUT, underneath that increasing frustration, you are almo… Read more
Join the discussion...
Carlos García Ruiz
My mind is that it is quite strange that an organization didn't yet know which ones were personal data files had before the arrival of GDPR. From 90's all operating companies in Europe are compliant (or must be) with Privacy law and EU Directives. Then, the GDPR compliant effort would be focused on other issues more important than Article 30 requirements. In fact, the record of processi… Read more

Every single company can get better at Information Security

I will make a postulate: Every single company can get better at Information Security. I consider this to be a fact that no one will be able to dispute. There is no such thing as perfect security. But that is actually not the real point I want to make. The point I want to make is: Every single company can improve their defensive stance a lot without overspending on information security. In fact, a… Read more
Start the discussion...
Gary Hayslip


To: All technology professionals, transitioning veterans, college students, second career searchers and the technically curious. From: Small Businesses, Corporations, Non-Profits, Municipalities, and State & Federal Governments Situation: In today’s dynamic cybersecurity landscape, organizations executive leadership teams consistently assess the value of their company’s securit… Read more
Start the discussion...
Chris Roberts

Raw and Unfiltered - Learn from my mistakes

Today I filed for Chapter 11 Bankruptcy; it was not a good day. The days, weeks, months and arguably years leading up to this have been filled with frustration, anger, sorrow, annoyance, regret and a lot of other useless emotions that do nothing more than eat away at whatever parts of you want to look for the hopeful in life. Why talk about it? Why post it? Because many of the mistakes and misgui… Read more
Join the discussion...
Graham Joseph Penrose
Hello Chris - fair play to you for writing this gem. I was asked to chime in on this by Limor Elbaz‍ - I am not sure whether that was a random request or whether people are aware of my story. I wrote a book about it but the publishers wanted me to change names to protect the guilty and I refused so it gathers dust but is an eternal reminder to me of the blind optimism of your first attempt… Read more
Chris, this is raw and real and my heart goes out to you. A lot of courage went into a share like this. As a former OWL customer, I only saw the company struggle side, and while I figured it had created turmoil for you personally, I had no idea the depth. Don't forget that there are many out there who admire and respect you, and I'm sure would love to help in any way possible, if you ju… Read more
J. Tate

#DearCIOYou "WannaCry" because your "GoldenEye" didnt protect you from Ransomware- Stay Calm

#DearCIO, Before you buy Cyber Security Insurance and Ransomware Immunity Protection, you should really read this. StayCalm, this is what Security Theater is about. While this may have been one of the most widespread attacks known to exist (that we are aware of) here are a few tidbits that should help you move forward past the chaos. Every headline in the news is talking about the issue, th… Read more
Join the discussion...
S. Delano
You phrase the problems well. One minor pique: Upgrading expired OSs to newer versions does not count as patch management‍ across most organizations. Upgrading is usually a project-size task and requires special budgets that are not in any way associated with patch management budgets.
Rob Lewis
Nicely stated. The section on cyber insurance should be obvious but seems needs endless repeating. It's financial risk transference only, not a substitute for actual security. And will coverage actually turn out to be enough if the enterprise loses access to mission-critical data, the lifeblood of the digital enterprise today? It becomes a bit murky in verticals like healthcare where O… Read more