Privacy is not a one-time, check the box activity

New research from ISACA reveals critical skills gaps and insufficient training. The survey report also explores past and future trends in privacy, offering insights into privacy workforce and skills, the use of privacy by design, and the organizational… Continue reading Privacy is not a one-time, check the box activity

Small security teams overwhelmed by onslaught of cyber attacks

Companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts, according to Cynet. These enhanced risks are moving 100% of these comp… Continue reading Small security teams overwhelmed by onslaught of cyber attacks

Five Things Security and Development Teams Should Focus on in 2021

As we say goodbye to 2020 and spend time reflecting on the industry changes, reassess our workflows and procedures in order to identify where 2021 will bring us, it’s a brilliant time to also address our security practices and ways we can bring improve… Continue reading Five Things Security and Development Teams Should Focus on in 2021

Converting NMAP XML Files to HTML with xsltproc

NMAP is a wonderful network scanner and its ability to log scan data to files, specifically XML, helps quite a bit.  This enables the scan data to be parsed by other tools such as Metasploit’s db_import or even NMAP’s own Zenmap GUI.  While XML is grea… Continue reading Converting NMAP XML Files to HTML with xsltproc

More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP)

On February 11, 2020, Offensive Security introduced a major overhaul and update to their already fantastic course: Penetration Testing with Kali Linux. Those changes included updates to their lab environment. The study materials were substantially upda… Continue reading More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP)

Strike a chord: What cybersecurity can learn from music

I recently watched my team composing some music for a cybersecurity awareness project and using it to take an immersive Dark Web Mission Control Centre to a whole new level. It got me thinking about what we – i.e., the cybersecurity industry – ca… Continue reading Strike a chord: What cybersecurity can learn from music

Hospitals under siege: 5 ways to boost cybersecurity as the COVID-19 vaccine rolls out

After a spate of cyberattacks on organizations involved in developing COVID-19 vaccines, there are growing concerns that hackers are taking aim at the distribution systems currently ramping up. IBM recently shone a light on a phishing scheme targeting … Continue reading Hospitals under siege: 5 ways to boost cybersecurity as the COVID-19 vaccine rolls out

How to make DevSecOps stick with developers

While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has allowed for new features and applications to be rolled out at such speed that tra… Continue reading How to make DevSecOps stick with developers