Our thoughts, industry views and technology trends


John E Dunn
August 6th, 2015

Windows 10 whitelisting will not be for everyone

Windows 10′s security overhaul offers a lot but beware its complexities and limitations

With the arrival of Windows 10 in late July, businesses must once again pose many of the same questions that presented themselves at the time of the launch of Windows 8 in 2012, Windows 7 in 2009 and, for those with long enough memories, Windows XP in 2001.


Continue Reading

Don’t blame cyber attackers for data breaches, blame a lack of preparation

Cyber attackers are savvy, their methods are sophisticated, and we in the InfoSec community need to get over it.

At the Check Point Cyber Security Symposium in Sydney last week, Telstra CIO, Mike Burgess criticized those organizations that overly focus on attributing cyber attacks, or blaming ‘sophisticated’ attackers for their networks being compromised.

Continue Reading

Let the bird fly

Learnings from the keynote at Gartner’s Security & Risk Management Summit, Washington

Every business is becoming a digital business. By 2017, 50% of IT spend will fall outside of the IT department’s control. So what does this mean for organizational security?

The first temptation is to take back control and lock everything down. But that would be the wrong thing to do, and here’s why.

Continue Reading

Surviving WS2003 end-of-life

The biggest security threat of 2015?

Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.

Continue Reading

File less fears

Last week I was talking to a customer about whitelisting policies. Having rolled out least privilege, application control and sandboxing to their estate they had gone from hundreds of security incidents per week to virtually none. This has caused the security team to become more proactive by shifting from constant firefighting and reacting to incidents to thinking strategically and planning ahead.

Continue Reading

Is InfoSec languishing in the dark ages?

Last week saw the start of RSA 2015, the annual gathering of security professionals and vendors from across the world in San Francisco. In the opening session, Amit Yoran, president of RSA, declared that InfoSec needed to escape the dark ages.

Continue Reading