Collaborate Disseminate
In the context of organisational IT security, for a threat such as the insider threat, is it actually okay to report (in a risk assessment) as "Risk Score=Medium" or does "risk score" always have to be of an numerical v… Continue reading Does "risk score" always have to be a numerical value?
In terms of forensic disk imaging of a mechanical HDD, should a "write blocker" be used before the disk imaging process takes place?
Are there any resources that provide independent evidence (not vendor-based) of phishing simulation effectiveness in reducing phishing susceptibility for employees?
Continue reading Evidence of phishing simulation effectiveness? [closed]
"ICS networks have so far remained largely unscathed by
malware not because they are more secure than traditional
networks, but because cyber criminals have yet to figure out a
profitable business model to … Continue reading Have cyber criminals finally come up with a viable business model for manufacturing? [closed]
I recently came across this comment written in a journal article.
Lastly, medical apparatus are expected to use Dynamic Host Configuration Protocol (DHCP) for the allocation of their IP addresses and even worst [sic] u… Continue reading Security of using DHCP and non-standard ports for medical devices
Where is the safest place for a small business to store its passwords for servers, web domain credentials, etc.?
Continue reading Safest place for small business to store passwords
In the context of a) information security and b) an operating system such as Windows 10 or OS X, what actually constitutes a “hack”? Most non-technical end-users associate the term “hack” with the deliberate stealing of infor… Continue reading What does "hacked" actually mean?
In IT Security, it is claimed that good security practice is made up of technology, process and people.
But how do you dis-entangle “Process” from “People” because people implement the process?
Should an IT Security Policy allow employees use organisation-owned laptops holding potentially sensitive data access public Wi-Fi in locations like hotels and airports?
Continue reading Should an IT Security Policy allow employees use public Wi-Fi?
Everyone talks about the importance of delegation. But how can a manager delegate work if password sharing is verboten under the organisation’s IT Security Policy? This means that the PA would have no access to his email acco… Continue reading How can a manager delegate work to their PA if password sharing is not authorised?