Blog

When I think about it. Which compliance and operational frameworks actually require me to run a SIEM? When you look at the fine print there is no direct requirement to have a SIEM installed, although the output a SIEM solution does meet a number of the compliance controls.

Exactly what is a trusted network? For many it is the supposedly secure haven in which network operations can happen without fear of compromise. Typically, it is segmented and access is limited through devices such as firewalls and role-based access control. In the PCI DSS world, the Cardholder Data Environment (CDE) is the classic example of such a design. The wider internal network is protected by the normal username / password combination that we’re all familiar with. As a concept, it has worked well and provided a reasonable level of protection for corporate environments. At its heart is the view that all devices connected to the network ensure some form of trust.

After a number of emergency responses in the last couple of months coupled with the recent news of variants of malware targeting DNS settings within home/business routers, it is perhaps a good time to reflect on the impacts of such attacks and explain briefly how they are working.

I have the privilege of meeting and discussing cyber security to a large number of people across a plethora of industries and markets. They all take Cyber security very seriously, all have representation at different degrees at board level, all use a blend of technical and operational controls to protect themselves, all are at varying levels of cyber maturity and all have challenges around, resources, education and budget when dealing with a very dynamic cyber security landscape.

We’re living in a very fast moving and ever-changing world. A world where cyber security (or the lack of it) is main stream, daily news. Market and technology developments have opened growing opportunities for criminal activity.