Blog

When I think about it. Which compliance and operational frameworks actually require me to run a SIEM? When you look at the fine print there is no direct requirement to have a SIEM installed, although the output a SIEM solution does meet a number of the compliance controls.

After a number of emergency responses in the last couple of months coupled with the recent news of variants of malware targeting DNS settings within home/business routers, it is perhaps a good time to reflect on the impacts of such attacks and explain briefly how they are working.

I have the privilege of meeting and discussing cyber security to a large number of people across a plethora of industries and markets. They all take Cyber security very seriously, all have representation at different degrees at board level, all use a blend of technical and operational controls to protect themselves, all are at varying levels of cyber maturity and all have challenges around, resources, education and budget when dealing with a very dynamic cyber security landscape.

We’re living in a very fast moving and ever-changing world. A world where cyber security (or the lack of it) is main stream, daily news. Market and technology developments have opened growing opportunities for criminal activity.

Over the past month alone the CNS emergency response team have attended a number of incidents that have followed very similar and well known patterns; the culprit being an active and prolonged attack against office 365 based resources, now, this is nothing new and has been a well known avenue of attack for some time.