by Security Centric, on 30/12/2021 1:00:00 PM

With the IT security landscape constantly evolving, many businesses struggle to find and retain people with the knowledge and skills required to counter threats. Last month, Security Centric's Sash Vasilevski …

Read Story
Topics:FundamentalsfeaturedManaged Services

by Security Centric, on 02/02/2021 10:36:23 AM

As most companies come fully back into the office from the holiday period and Australia adjusts into a “COVID normal” routine, many organisations are in a place to plan strategy …

Read Story
Topics:FundamentalsRisk AssessmentPhishingCompliancePenetration TestSecure Remote WorkGovernance

by Sash, on 16/07/2020 4:54:49 PM

Background The public figure Twitter account hijacking extends well past social media and has many parallels to business and enterprise systems. Whenever there is a breach, it should be review …

Read Story
Topics:InsiderFundamentals

by Jeff, on 28/05/2020 9:59:27 AM

Traditional authentication schemes see users needing to create, and remember, separate login details for each service or system they use. With the average organisation using over 1000 distinct cloud services, …

Read Story
Topics:FundamentalsAuthentication

by Security Centric, on 31/05/2019 11:30:00 AM

It seems that every other week, someone is touting a new solution to cyber security. They tell you that all we need to do is install our boldly coloured box …

Read Story
Topics:FundamentalsRisk Assessmentrisk profile

by Security Centric, on 11/04/2019 4:30:00 PM

Although cybersecurity insurance can appear attractive, it is important that businesses understand it cannot feasibly serve as a replacement for threat mitigation. The majority of cyber threats are avoided by …

Read Story
Topics:FundamentalsRisk Assessmentrisk profile

by Security Centric, on 09/04/2019 7:15:00 AM

Overview Injection vulnerabilities are the most common result of mixing user input with system control. An injection vulnerability can have catastrophic results for a system, potentially leading to a full …

Read Story
Topics:FundamentalsPentestingAuthenticationCompromise

by Security Centric, on 14/12/2018 12:22:00 PM

In Part 2, the importance of a well-maintained and well-structured hardware and software inventory and the benefits of vulnerability management was explained. The next step in the process of getting …

Read Story
Topics:InsiderFundamentalsAuthentication

by Security Centric, on 13/12/2018 12:41:00 PM

As high-profile breaches produce increasing public attention, effective information security is more important than ever. Cyber incidents have a potential impact comparable to natural disasters. It is increasingly insufficient for …

Read Story
Topics:Fundamentals

by Security Centric, on 10/12/2018 11:02:00 AM

Every information security framework and “best practice” guide to cyber security states that you need “management buy-in”, but why is it important and what does it look like? Management buy-in …

Read Story
Topics:Fundamentals

by Security Centric, on 26/11/2018 3:54:00 PM

In part 1, the importance of knowing your system was discussed, in this article, the importance of properly managing and auditing these assets will be discussed. Proper management of ICT …

Read Story
Topics:Fundamentals

by Kristian, on 22/11/2018 11:42:00 AM

Passwords are obviously required to keep your online accounts and data safe, but how strong is your password? The idea of a strong password can be hard to quantify and …

Read Story
Topics:FundamentalsAuthentication

by Tim, on 24/11/2016 8:50:00 AM

A common theme amongst many engagements and discussions are “we are having issues maintaining control over our environment what products can solve this problem for us”. Questions like this are …

Read Story
Topics:Fundamentals

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates