Virtually all I know is…
A question that has been around my mind for a while is “does the CISO need to become the CSO”? Is the responsibility of the Chief Information Security Officer too limiting, and should they be the Chief Security Officer? The issue with a CISO is that they often are limited… Continue Reading Does the CISO need to become the CSO?
Christian WickhamLast month, I wrote an article on the Essential 8. The article pointed out that for most of the measures, they should be the absolute minimum measures that organisations take with their systems. For those who work in the area of security, most of the Essential 8 are common-sense and… Continue Reading Obvious PCI-DSS benefits
Christian WickhamThe Australian Cyber Security Centre, working alongside the Australian Signals Directorate (formerly Defence Signals Directorate) created a list of eight essential mitigation strategies to act as a baseline for cybersecurity. These are very much basic and essential measures, and they are an absolute minimum. As a cybersecurity professional, these are… Continue Reading What is wrong with the Essential 8?
Security is more than just activating firewalls and having complex passwords – it is a culture and an approach. There are many things that we are told to do, but also what is important is what not to do in security. Here is my list of the top 5 things… Continue Reading Things not to do in security
Christian WickhamIt is a well-known adage in cybersecurity that there is a balance between usability and security – if you increase the security and control, you decrease usability. Conversely, to make a system user-friendly and easy to use, it has to be done at the cost of lowering security. This has… Continue Reading Challenging the balance between security and usability
Christian WickhamIn times where you need to run through your BCP drill, it is important to know and understand the reasons why you need to exercise your Business Continuity Plan drill, and where it fits in with the rest of your Disaster Recovery Plan (DRP or DR Plan). Your BCP Drill… Continue Reading The BCP Drill
Christian WickhamWithin cybersecurity, we often hear the term of “zero-day” or “zero day threat”, but what is a zero day and what does the term 0-day actually mean? The term is used frequently without definition or clarification, and there are some various interpretations that are around the Internet, some of which… Continue Reading What is a Zero Day
Christian WickhamCybersecurity is a culture, not an action – but for organisations starting in their efforts to implement a cybersecurity culture, there are some steps in getting started with cybersecurity. This article will outline the basics to get started with cybersecurity, for small to medium sized businesses, and for larger business… Continue Reading Getting started with cybersecurity
Christian WickhamWith the hack of Optus Telecommunications on 22 September 2022, where the personal information of up to 11.5 million Australians (nearly half of all people in Australia) was stolen, this has highlighted the need for cybersecurity reform in Australia. Unlike other countries, there are no mandated fines and penalties for… Continue Reading Cybersecurity reform in Australia
Christian WickhamOn 22nd September 2022, Optus Telecommunications announced that they had detected a “hack” of their systems, and revealed that 9.8 million customer records had been accessed. For Australia’s second largest mobile phone provider, this represents nearly half of all Australian’s personal details, which includes name and address and phone number… Continue Reading Hacking risk for domestic violence victims
Christian WickhamFor your next system development, make the systems intuitive instead of spending time up-skilling people in potentially high turnover positions. Great customer interaction should be your focus, ahead of designing a system that meets your internal needs for audit and reporting. Too often systems are designed with customer and user… Continue Reading Make your new systems intuitive
Christian WickhamOften misunderstood, but the concept of “design for failure” is now common in the lexicon of system design and business operations. When you design for failure, it is not because you want to fail – instead it is with the understanding that failures can and do happen, but you want… Continue Reading How to design for failures
Christian WickhamMany organisations will have had on-premises datacentres or computer rooms, or have had their own servers and infrastructure in co-lo or hosted datacentres. Whilst these systems may have served a company’s needs in the past, it is often more complex and unknown systems that are the last to be evolved… Continue Reading Replacing old Infrastructure – a step by step guide
Christian WickhamThere are many projects I have been involved with, where the product design or implementation has been driven by the need for reporting, analysis or compliance, but backend effectiveness does not equate to customer satisfaction, and businesses should be more aware of this in their product releases. A key example… Continue Reading Backend effectiveness does not equate to customer satisfaction
Christian WickhamPeople have asked me about my leadership style, and as it is such a common question, I have decided to post it here. People recognise that I am passionate, and I lead through inspiration and desire to achieve the strategic goals. I am a positive and passionate person who motivates… Continue Reading My leadership style
Christian WickhamSolving problems often takes a completely new viewpoint over what the problem actually is. There have been many recent studies and trials of working weeks durations, including a successful trial at Microsoft for a 4-day week that increased productivity. However, I have a different idea to solve the problem: changing… Continue Reading The new week – 5 on, 5 off
Christian WickhamI was at a networking event where a new contact was telling me about her challenges in selecting a cloud platform for their major expansion. The issue she was experiencing was to decide between two cloud services that were offering significant discounts and included services for the migration and implementation.… Continue Reading A cloud discount is not always a saving
Christian WickhamIn our ever-increasingly online lives, passwords have become a vital part of our existence. However, passwords are still the most vulnerable part of our security – because they are created and used by people, who persistently are the weakest point in any security protection. Why are passwords so easy to… Continue Reading Password tips for ease of use
Christian WickhamThere have been two very different leadership styles in the invasion of Ukraine by Russia in February 2022. We have seen the impact of poor leadership and the benefit of strong leadership in the conflict, and there are many parallels that can be taken for business. Leadership in the Ukraine… Continue Reading Leadership in the Ukraine War
Christian WickhamWe are frequently given advice on creating complex passwords, never re-using passwords, and setting up two factor authentication, but we need to consider the 2 factor authentication risks – which come about through both technology limitations and with the ever-present security weakpoint of human factors. What is 2FA? Firstly, it… Continue Reading 2 Factor Authentication risks
Christian Wickham
