.
In search of a Secure Mobile Phone

In search of a Secure Mobile Phone

In search of a Secure Mobile Phone As an iPhone user myself, I’ve had my fair share of frustrations with Apple’s approach to security and data protection. When it launched, I embarked on a journey to try to implement Advanced Data Protection in iOS, a journey that took over a year working with Apple support which resulted in having to create a whole new iCloud account and “delete” the data from the other account. [Read More . . .]

.
Securing IoT Devices

Securing IoT Devices

Designing zero trust architectures for clients who have thousands of IoT devices connected to the network, from monitoring warehouse capacity, automated movement of stock throughout the warehouse down to monitoring retail store merchandise and how customer interact with the store. Internet of Things (IoT) devices have become ubiquitous. However, their proliferation brings unique security challenges that traditional controls often struggle to address effectively.

[Read More . . .]

.
Microsegmentation in Cloud

Microsegmentation in Cloud

Microsegmentation has emerged as a critical technique for enhancing security by isolating workloads and reducing the attack surface. Unlike traditional network segmentation methods, which focus on broad divisions based on subnets or VLANs, microsegmentation allows for granular control at the individual workload level.

[Read More . . .]

.
The Next Frontier in Cryptography

The Next Frontier in Cryptography

With all the technology focus on AI you would be forgiven for forgetting about the next frontier in computing, quantumn computing which is developing leaps and bounds. Quantum computing, once a theoretical concept, is rapidly advancing towards practical application. The technology promises to redefine cryptographic protocols and security architecture fundamentally. Understanding quantum computing’s implications for cybersecurity is crucial as we prepare for this next frontier.

[Read More . . .]

.
Beyond Cryptocurrency Security

Beyond Cryptocurrency Security

Blockchain technology has completly changed the world of digital currencies, but its potential extends far beyond just cryptocurrencies. Its decentralized and immutable nature makes it an attractive solution for securing various applications in industries such as supply chain management and identity verification.

[Read More . . .]

.
Serverless Architectures

Serverless Architectures

Serverless architectures, with their promise of auto-scaling, cost efficiency, and reduced operational overhead, have rapidly gained traction in the cloud computing landscape. However, this paradigm shift also introduces new security challenges that necessitate a reevaluation of traditional security models.

[Read More . . .]

.
Federated Learning on Data Privacy

Federated Learning on Data Privacy

Data privacy has become a cornerstone issue in cyber security in producing large data sets to train large language models. As machine learning (ML) and artificial intelligence (AI) models increasingly drive critical business decisions, ensuring that these models respect user privacy is paramount. But, what is the best way to do this? Enter federated learning, a groundbreaking approach to training ML models without exchanging or centralizing data. This methodology holds promise for preserving data privacy while still allowing organizations to leverage the power of AI.

[Read More . . .]

.
The Security of AI: The Art of Incident Response

The Security of AI: The Art of Incident Response

AI and LLMs are transformative, and continue to enrich and permeate our digital lives, the importance of planning incident response and detection specific to these platforms for security teams cannot be overstated. Speaking to my network of security professionals, the prospect of malicious actors exploiting vulnerabilities in production AI systems sends a shiver down even the most seasoned of security professional’s spines. It was from these conversations I decided to venture into the nuances of detecting incidents around AI platforms, providing guidance on what to look for and how to respond, this isn’t using AI in incident response, but responding to incidents with AI (LLMs), the former is a topic for a future blog, maybe. [Read More . . .]

.
The Security of AI: The Inexplicability Threat

The Security of AI: The Inexplicability Threat

In my last post, I detailed the importance of securing the model development pipeline, highlighting the unique challenges posed by the complex nature of AI development. Today, we delve into another crucial aspect of AI security that isn’t in the OWASP Top 10 for Large Language Models but I feel is important to understand, inexplicitability, a factor that can compromise the integrity and reliability of AI models. inexplicitability : Noun. [Read More . . .]

.
The Security of AI: Securing the Model Development Pipeline

The Security of AI: Securing the Model Development Pipeline

In my previous blog post, I wrote about the risks of Model Inversion Attacks and ways to mitigate them. In today’s post, I will focus on another aspect of AI security: securing the model development pipeline. The model development pipeline is a series of processes that transforms raw data into a trained machine learning model. This pipeline typically includes several stages, such as data collection, preprocessing, feature engineering, model selection, training, validation, and deployment. [Read More . . .]

.
The Security of AI : Detecting and Mitigating Model Inversion Attacks

The Security of AI : Detecting and Mitigating Model Inversion Attacks

Last time I discussed Training Data Poisoning, a threat to AI systems that involves manipulating the training data used by Language Learning Models (LLMs). Today’s blog post I will explore another significant risk which can expose sensitive data, Model Inversion Attacks. This attack method focuses on exploiting the information contained within LLMs themselves to infer sensitive data about individual users or entire datasets. Model inversion attacks rely on a simple premise, since an LLM has been trained on specific data, it should be possible to extract information from the model that could reveal details about the underlying dataset. [Read More . . .]

.
The Security of AI : Training Data Poisoning

The Security of AI : Training Data Poisoning

In my previous post, I wrote about Prompt Injection, a manipulation technique that exploits the way LLMs process user-provided inputs. In this post, we’ll delve into another critical threat: Training Data Poisoning. What is Training Data Poisoning? Training Data Poisoning refers to the act of intentionally manipulating the training data used by LLMs to influence their behavior and output. This can be done by introducing misleading, biased, or malicious information into the training dataset. [Read More . . .]

.
The Security of AI : Prompt Injection

The Security of AI : Prompt Injection

Large Language Models (LLMs) are begin integrated into more and more software applications and changing the way we interact with technology. Having spent many years in cyber security I looked at Machine Learning a long time ago and began to question, so what is new here, it’s software, it’s data, what makes it different and why did I need to approach it differently from other software?

[Read More . . .]

.
Securing Generative AI

Securing Generative AI

One of areas I have spent a lot of time researching over the past 5 months is in building cybersecurity machine learning models for a personal project, when using uncensored models it is a completly different ball game on what is achievable.

[Read More . . .]

.
Understanding Identity and Access Management Roles for ECS/EKS

Understanding Identity and Access Management Roles for ECS/EKS

Continuing from the previous blog post, today’s post takes us to Identity and Access Management (IAM) roles for ECS/EKS Tasks. Keeping the principle of least privilege in mind, it is important to understand the difference between Task Roles and Service Roles in securing your containerized workloads. Too many times I have seen the right permissions used for Service Roles and the assumption is thats the permissions set, yet root permissions is then used for tasks.

[Read More . . .]

.
Securing Container Images

Securing Container Images

Securing Container Images: Best Practices for a Robust Containerized Environment

Throughout 2024 my blog posts will mainly draw upon my security engineering and architecture experience, sharing best practices I have used and how I have conquered challenges in AWS over the past 10+ years.

[Read More . . .]

.
Cultivating Cyber Resilience

Cultivating Cyber Resilience

Throughout my journey in different organisations over the past two decades, one constant remains: the pivotal role of organisational culture in cybersecurity. Despite all the technical controls, it’s the human element that often dictates the success or vulnerability of each organisation’s cyber defences.

[Read More . . .]

.
Pentests and the SOC

Pentests and the SOC

Penetration testing is a critical part of any robust cybersecurity strategy. However, a successful penetration test relies not only on the skills of the testing team but also on effective collaboration with the security operations team. Providing the right information to your security operations team before a penetration test can prevent false alerts, streamline investigations, and enhance the overall effectiveness of the testing process.

[Read More . . .]

.
CISO Series - Organisation

CISO Series - Organisation

Being in a leadership role in information security requries bringing together a level of technical understanding, strategic thinking, leadership, business skills and communication abilities. This can be a lot to manage all at once, as well as projects and the security hot topic of the day. One way to manage all of this is through good organsiation strategies, over many engagements with clients I have tried different methods, these are the ones which I use today to help me stay organised and strike a balance across competing priorities.

[Read More . . .]

.
.
CISO Series - The Fortnight Foundation

CISO Series - The Fortnight Foundation

As I prepare to embark on my next assignment, I thought I would share how the initial fortnight in a CISO role is vital for understanding your team, establishing relationships, and setting the stage for long-term success. As an independent consultant, my strategies might be dramatically condensed compared to when you are assuming the role for a longer term as a permanent team member.

[Read More . . .]

.
Rethinking Cyber Security Prioritisation

Rethinking Cyber Security Prioritisation

As an independent consultant, I gain a unique insight working with many different organisations. I have seen my fair share of management trends come and go, some seek to revolutionise and transform the way teams work in cybersecurity, while others fail to plan far enough ahead, because you know cybersecurity changes so quickly and todays priority may not be tomorrows. This was recently raised during one of my catchup sessions with a mentee, a number of challenges have arisen as their organisation goes through some leadership changes.

[Read More . . .]

.
.
The Promise of AI

The Promise of AI

Artificial intelligence (AI) and Machine Learning (ML) are transforming the cybersecurity landscape. These technologies, characterised by their ability to learn from data and predict outcomes, offer vast potential in combatting cyber threats. Nevertheless, they also introduce new vulnerabilities that need to be addressed by security leaders.

[Read More . . .]

.
.
Managing cybersecurity risks in supply chain management

Managing cybersecurity risks in supply chain management

The task of managing cybersecurity risks in supply chain management is an imperative for businesses. Supply chain processes involve a complex web of suppliers, manufacturers, distributors, retailers, and service providers, all interconnected through digital transactions. This web is open to cyber threats, which can potentially have a substantial impact on businesses.

[Read More . . .]

.
Reclaiming our online privacy

Reclaiming our online privacy

Take a moment to reflect on your typical day.

You wake up, perhaps groggily fumbling for the phone beside your bed, thumbing through notifications and catching up on the news from last night. Maybe you then order a flat white from your favourite local café via an app, or video call a loved one overseas before settling into your emails for the day. It’s all so second nature, isn’t it?

[Read More . . .]

.
Robust Security Operations Teams

Robust Security Operations Teams

Securing our businesses from invisible invaders is imperative, requiring orchestration of defence akin to a symphony, with each resource playing its part to perfection. The challenges of implementing robust security operations include scarcity of skilled personnel, insufficient resources, a reactive approach to threats, and over-reliance on tools to fill gaps, the failure of which can lead to catastrophic financial, reputational, and regulatory consequences.

[Read More . . .]

.
Secure Summits

Secure Summits

In the heart of the French Alps, where innovation, adrenaline, and nature converge, I witness alpinists gearing up for their mountain adventures every weekend. Ropes, mountain bikes, and mountain running shoes dominate the scene, while skis and snowboards take over during winter. As a technology enthusiast, I am always intrigued by the gadgets people bring along, ranging from performance trackers to emergency beacons. My focus turned to the workings of beacons in the mountains, connecting with satellites and radio repeaters. The CEO of one of my clients participates in an annual multi-day cross mountain running event in the Alps, where his progress can be tracked online, stage by stage.

[Read More . . .]

.
The Power of Threat Intelligence

The Power of Threat Intelligence

Digital business operations continue to rapidly expand and the threat landscape concurrently evolves in complexity and sophistication along with that growth. Cybercriminals are perpetually seeking out vulnerabilities to exploit, and the onus is on businesses to adopt proactive defence strategies to keep one step ahead. Among the most effective tools in our cybersecurity repertoire to help us do this is threat intelligence.

[Read More . . .]

.
.