Microsoft posted an interesting video about their internal penetration testing approach of Azure over at Channel9. It is under 10 minutes and well watching for anyone interested in red team testing or cloud security. Areas covered in this video: Methods of improving Azure security How Azure security operates Understanding emerging threats Red team and blue […]
I came across an interesting article the other day (Does Your CEO Really Get Data Security?) that was raising a controversial point on the relative importance of information security functions for today’s organizations. It starts of by making a good argument that awareness of information security risks at senior leadership levels is crucial but unfortunately […]
Leron Zinatullin asked me if i’m interested in sharing my thoughts on information security trends and culture; naturally i was happy to oblige. You can find the posting over at Leron’s site along with a lot of other noteworthy material.
Earlier this month I’ve participated a panel discussion at the first SC Congress in London. Brian Brackenborough, Frank Florentine and myself opened the Congress with a discussion on “Inside, outside, upside-down: Staying ahead of the threat, wherever it comes from”. I think it was a worthwhile discussion and i definitively took some great points made by […]
The relationship between security incidents and effect on the affected organisation/equity is a topic that continues to inspire discussions. There are numerous academic papers available (e.g. by Kannan,Rees and Sridhar (2007), Yayla and Hu (2011), Cavusoglu,Mishra and Raghunathan (2004), Campbell et al. (2003), Gatzlaff and McCullough (2010), Garg,Curtis and Halper (2003), Rees and Kannan (2007), Andoh-Baidoo,Amoako-Gyampah […]