Author Archives: Steve

The UK Government’s security delusion

Well, here we go again. A ‘terrorist’ incident occurs and, right on cue, some clueless government minister is trotted out to moan about encryption in popular apps. This time it’s Amber Rudd, Home Secretary, who has been given the job of displaying just how ignorant politicians are on these matters. The incident, of course, was the attack by Khalid Masood in… Read more »

Contrarisk Security Podcast #0042

      No Comments on Contrarisk Security Podcast #0042

» Listen or download now on the podcasts page » Do too many small and medium-size enterprises (SMEs) believe that security is something only big firms need to worry about? In this interview, Colin Tankard, managing director of Digital Pathways, explains that, indeed, many firms believe themselves to be too small and uninteresting to attract the attention of hackers. This… Read more »

Contrarisk Security Podcast #0041: The battle for privacy

» Listen or download now on the podcasts page » Privacy in the digital realm has become a hot topic. There has always been a debate about the degree to which law enforcement and intelligence agencies should be allowed to snoop on what many of us would consider private communications. But that discussion became supercharged following the leaks by Edward Snowden and… Read more »

Contrarisk Security Podcast #0040: Exploiting security data

» Listen or download now on the podcasts page » Organisations have lots of security these days – but do they have the right  security? Is the technology being deployed in the most effective way? Traditionally, the approach has always been one of defence in depth. This has led to organisations investing in a long list of point solutions. There’s always… Read more »

Contrarisk Security Podcast #0039: Open source security

» Listen or download now on the podcasts page » Open source code – in the form of libraries and frameworks – plays an important role in much of today’s software development. But it’s not without its risks. Many people assume that the open nature of the code means that it is heavily scrutinised and that , according to Linus’ Law, “given… Read more »

Contrarisk Security Podcast #0038: Security Operations Centres

» Listen or download now on the podcasts page » Many organisations are centralising and concentrating their cyber-security efforts in Security Operation Centres (SOCs). The aim is to provide a more coherent and comprehensive view of the organisation’s neyworks, and enable a focused and timely response in the event of an attack. But are they doing it right? And will these… Read more »

Contrarisk Security Podcast #0037: The flaw in healthcare apps

» Listen or download now on the podcasts page » Mobile apps are increasingly being used by the healthcare industry to provide customers with access to data and services. Your smartphone might even be monitoring the state of your health and sending that information to remote servers for analysis by your healthcare provider. As Stephen McCarney of Arxan Technologies explains in… Read more »

Contrarisk Security Podcast #0036: Securing the Internet of Things

» Listen or download now on the podcasts page » Connected devices – or the Internet of Things (IoT) if you prefer – is a reality now. As Cesare Garlati of the prpl Foundation explains in this interview, we’ve been through a “major wave of evolution”, heading towards a situation in which all electronic devices are likely to have some sort… Read more »

Contrarisk Security Podcast #0035: Security guarantees

» Listen or download now on the podcasts page » Security products and services never seem to come with guarantees. You have to take it on trust that they will do the job they claim to do. And if not? Well, try the next one. WhiteHat Security is following the example of vendors in other business areas and offering a guarantee… Read more »

Contrarisk Security Podcast #0034: Web application vulnerabilities

» Listen or download now on the podcasts page » When it comes to web applications, Sasha Zivojinovic of Context Information Security believes we may have too much of a good thing. Web application frameworks (WAFs) have matured, providing a fast way to develop and deploy sophisticated sites. It’s hard to imagine life without them. WAFs relieve developers of much… Read more »