Posts by Brandon Salem
IT Cost Optimisation: Part 1 – Redundant Software
What is Redundant Software? Redundant software, as the name suggests, refers to the use of multiple applications, systems or services—which we will collectively refer to as ‘software’—that serve the same purpose or provide overlapping functionality. While this has always been an issue for organisations, it has become more widespread in recent years due to the…
Read MoreSecurity Is Not a Checklist – A Deeper Dive
In this article, we explore the concept by examining both physical and digital scenarios, illustrating how flexibility, adaptability, and contextual awareness are essential to effective security. A Physical Scenario Imagine a security team assigned to safeguard an asset, at the request of a regular client. The team leader immediately consults a standardised checklist. The team…
Read MoreCIPP Vulnerability Finding – A Third-Party Risk Story
Prior to proceeding with this article, it is important to highlight that the vulnerability is still not fixed at this time but the finding has been disclosed to the vendor and this article is now being published following the mutually agreed upon publish date. This is in understanding that the severity of this vulnerability was…
Read MoreThe Privileged Identity Crisis
Introduction Various bodies and their standards, such as the Australian Signals Directorate’s (ASD) Information Security Manual and Center for Internet Security (CIS) Critical Security Controls explicitly recommend multiple accounts, to separate standard (i.e. web browsing) and privileged (i.e. system configuration) activities, as a preventative measure to limit the potential impact of unauthorized privileged access. However,…
Read MoreStrengthening Your Defence Against Social Engineering: Beyond Traditional Email Security
While an Email Security solution offers many protections against email-based social engineering attacks, it faces a very common issue, which can be presented as a simple question organisations and business can ask themselves when designing and/or reviewing their cybersecurity strategy: What happens when an Email Security solution is presented with a new sender, who sends…
Read More