Newsletter Why is security so expensive? IT managers sometimes call InfoSec the "security tax". Yes, security is expensive due to skilled experts, evolving tech, and attack surfaces. Security paywalls and compliance checkmarks give it a bad rep. In the end, it's a question of showing the value of security.
Newsletter Why the Media Should Stop Reporting on Security Breaches Not every security breach is the same. These complex events are not always of public interest. Media coverage may use them to fuel your anger and anxieties, rather than inform you.
Newsletter Common Security Analyst Mistakes to Avoid Successful security analysts understand the context of an organization. They educate colleagues about security risks. They leverage the trust they've earned to guide and advise their colleagues. Here's what NOT to do to achieve success!
Newsletter How much does a security breach cost? How much money does a security breach cost? Looking at the IBM cost of a data breach report, I explore how information security cannot solely be a question of avoiding breaches.
Newsletter Featured Why "Just hire entry-level cybersecurity professionals and train them" isn't as easy as it seems “They say there is a job shortage. But why won’t they hire people with no experience, and train them?” I hear you. But I’m here to tell you “training” someone is not easy. Worse, it’s not just a question of dollars: it’s a question of psychological balance for people like me. Let me explain.
ELI5 What is ISO27001 Certification? Explaining what makes the ISO27001 standard relevant for information security professionals today. I tell the story of how I took part in an ISO27001 certification process. I share my expert opinion on how this framework can help an organization manage security in a cost-effective way.
ELI5 How do ChatGPT and other LLMs get hacked? Ever wondered if ChatGPT can be taken over? This post explains - like you're five - the hacks of ChatGPT and other LLMs. The silver lining? We do have the necessary tools to address AI hacking. It's now a question of whether the security community will act fast enough.
Newsletter Featured Selling InfoSec Differently Information security is expensive, inconvenient, and hard. Fear-mongering dulls itself over time. If you are a security representative in your organization, whether full-time or more likely part-time, influence, as a means of connection, will get you farther.
ELI5 Who is behind ransomware attacks? Looking at cybercriminals' motivations, recruiting tactics, and targets. How did ransomware come to operate like a software business? Plus a deep dive into who joins ransomware criminal gangs. Learn why teenage boys are often recruited.
Newsletter Know What You're Up Against: Insights from the 2023 Data Breach Investigations Report Verizon's Data Breach Investigation Report (DBIR) is a must-read resource to gain insight into current cybersecurity breaches. The 2023 version is out, and I read the whole 90 pages of it so you don't have to!
ELI5 How do Supply-Chain Attacks Work? Examples from Software Development Did you know software is made up of hundreds of tiny pieces of software called libraries? Attackers sure do. Nowadays, they prey on developers' cognitive loads to infiltrate our most trusted applications. Let's unpack the new phenomenon of supply chain attacks.
ELI5 Can IoT Devices Be Hacked? Can your smart devices be hacked? Yes! But what are the reasons and methods behind IoT device hacking? Discover how hackers exploit vulnerabilities in smart devices. Learn how to secure your devices against these cyber threats.
Newsletter Featured Mental Health in Cybersecurity: the Hidden Threat Insider perspective on mental health and burnout in the cybersecurity field. I explore how cybersecurity professionals' commitment to integrity can lead to frustration. We want to fix everything and help everyone. We must learn the latest tech. No wonder we feel overwhelmed.
ELI5 What is a cookie? Ever wondered why you get these cookie banners? In fact, what's a cookie? Or rather, can anyone describe cookies in a non-B.S. manner? Here I am. Cookies explained like you're five. What cookies are from a technology point of view? Why do they track users? How can we save cookie banners?
Newsletter How Generative AI's intellectual property issues could threaten freedom of information Are companies panicking over AI-generated content? Bans, lawsuits & copyright claims are rising, but is the fear of unregulated content justified? Explore how claims on intellectual property in generative AI could limit Internet's freedom of information
ELI5 What is online search and how does it work? The most simple, straightforward and fun explanation of how search results appear the way they do on Google, YouTube and Amazon, highlighting why online search engines are important and, well, relevant.
Why Neeva is the ad-free Google alternative we've been searching for Neeva's search engine puts a privacy-centric and ad-free experience at the forefront. With cutting-edge AI and LLM technology at its core, it's a compelling alternative to Google's more consumerist approach. With its latest innovation, GIST, Neeva turns search into an Instagram experience.
ELI5 What is the difference between Frontend, Back End, and Full Stack Developers? Have you ever wondered why so many job postings of developers have such complicated names? Learn the difference between front-end, back-end, and full-stack development without the technical jargon, just fun examples, simple explanations and a few dad jokes.
ELI5 What is DevOps? Developers work on projects where they deliver business value in a limited time. Ops work on services that they must keep running all day every day. DevOps is the incorporation of development and operational tasks within the same team. Find out what are the benefits!
Newsletter How Criminals Will Use Generative AI to Scam Us The recent mainstream success of generative AI will also make cybercriminals more productive. With custom-trained rogue models that don't care about privacy, copyright, and ethics, cybercriminals could power up their impersonation scams, harassment campaigns, malware, password-guessing, and more!
ELI5 What is a Database? Databases allow for the storage of structured information in a way that is easy to retrieve. Every app you use is powered by databases. Think of them like spreadsheets optimized for billions of operations.
Newsletter Why You Shouldn't Panic About The Silicon Valley Bank Collapse Bank collapses shook the tech world. Within a day, companies were faced with a liquidity crisis. The US federal government stepped in the avoid a domino effect. And I'm here to show you how this 'return to normal' could be beneficial for the tech sector as a whole in the long run.
ELI5 What is an API? An API is made for applications to interact with a program programmatically. In other words, an API interfaces with another program and the interaction is done with code. The API delivers the outputs to other programs so they can do their own operations with them.
Newsletter Why Everything Is Now A Subscription Service (And Why You Should Embrace It) How have we got to the point where everything is a subscription service and why, despite everything, this model is better for the internet? Being consumer-first incentivizes relationships and privacy. The ad-driven model of aggregators is a lose-lose situation for consumers and creators.
Newsletter Why Are So Many Companies Getting Hacked? How and why do you seem to be experiencing every week some type of cybersecurity event in your digital life, and what to do about it?
