I’m Robin, founder of Cydea, the positive cyber security consultancy, and previously lead BAE Systems’ Security Advisory & Technical Services business, recognised by Forrester as one of the leading information security consultancies.
I help businesses defend themselves from cyber crime and thrive in the digital world and have over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.
If you’re interested in improving how you manage your cyber risk, or need help governing information security at the board level, then get in touch with me via Cydea, or connect on LinkedIn or Twitter.
Vol. 3 Iss. 46 15/11/2020, last updated 22/11/2020 Robin Oldham
This week Does Apple really log every app you run? Apple’s latest operating system, Big Sur, was released for its Mac computer lineup this week. That coincided with some Mac users finding that they couldn’t run applications. Twitter users were quick to spread that blocking connections to ‘ocsp.apple[.]com’ would make their Macs useable again. Reports that “Apple was logging every app you run” followed (Spoiler alert: they aren’t.) Apple’s ‘online certificate status protocol’ (OSCP) service is used to validate the developer certificate of apps before they are executed by the operating system.Read more… ( ~7 Min.)
Vol. 3 Iss. 45 08/11/2020, last updated 15/11/2020 Robin Oldham
This week US Election free from cyber-attack The big news this week is also a non-event: the US election went off without any reported cyber-attacks. Director of the US Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, released a statement saying that “after millions of Americans voted, we have no evidence any foreign adversary was capable of preventing Americans from voting or changing vote tallies.” That doesn’t mean that there aren’t isn’t room for improvement - vulnerabilities in voting and tabulation machines and so on (though these have reported in a somewhat sensationalist manner) - but the human oversight and audit provide a meaningful control to manage such risk.Read more… ( ~5 Min.)
Vol. 3 Iss. 44 01/11/2020, last updated 04/11/2020 Robin Oldham
This week Final GDPR penalty for Marriott comes in at £18.4M The UK Information Commissioner announced the final penalty for Marriott International this week. The £18.4 million ($23.8 million) penalty is down from the previously announced £99 million. Marriott has announced that they do not plan to appeal and “deeply regret” the incident. The 2018 incident involved a breach of data from the Starwood Preferred Guest loyalty programme [vol. 1, iss.Read more… ( ~6 Min.)
Vol. 3 Iss. 43 25/10/2020, last updated 01/11/2020 Robin Oldham
This week Charges for Sandworm, sanctions for Fancy Bear, as US and EU tighten screws on Russia for cyber-attacks It’s been quite the week for relations between the West and Russia this week. The US Department of Justice has charged six Russian intelligence officers of being behind some of the most disruptive and significant cyber-attacks of the last five years. The line up is alleged to work for Unit 74455 of the Russian Main Intelligence Directorate, widely known as the GRU.Read more… ( ~6 Min.)
Vol. 3 Iss. 42 18/10/2020 Robin Oldham
This week ICO issue British Airways with £20M fine The ICO has issued British Airways (BA) a £20 million fine for lax security practices that allowed a MageCart card-skimming group to steal the personal information of 400,000 customers (vol. 1, iss. 12). The fine comes after two years of investigation and an ‘intention to fine’ notice of £183 million (vol. 2, iss. 28) fifteen months ago. The final penalty is therefore just under 11% of the original notice and less than the £22 million that BA set aside in its most recent financial statements (vol.Read more… ( ~7 Min.)
Vol. 3 Iss. 41 11/10/2020, last updated 18/10/2020 Robin Oldham
## This week Integrity: test & trace One of the main stories in the UK this week was that an ‘IT error’ in the COVID-19 Test & Trace programme had cause 15,841 cases to go unreported and not been passed to contact tracing teams. The missing data accumulated over eight days, much longer than the 48-hour ‘ideal time limit’ for contacting tracing following a positive test result, and potentially contributing to the continuing ‘second wave’ of cases.Read more… ( ~8 Min.)
Vol. 3 Iss. 40 04/10/2020, last updated 18/10/2020 Robin Oldham
This week US Treasury sets out stance on ransomware payments and sanctions The Office of Foreign Assets Control (OFAC), part of the US Treasury, issued an advisory this week on the payment of ransom demands to individuals, groups or regions that are subject to US sanctions. It comes in the wake of Garmin’s ransomware demands from the EvilCorp group (vol. 3, iss. 31) and increased scrutiny of companies paying up to avoid their data being released in ‘breach-and-leak’ ransomware campaigns.Read more… ( ~7 Min.)
Vol. 3 Iss. 39 27/09/2020, last updated 04/10/2020 Robin Oldham
This week YOLOsec, FOMOse, business value and reducing the cost of control A great read from Kelly Shortridge this week on #YOLOsec (careless disregard for future security issues) and #FOMOsec (the need to perfectly protect everything). There are plenty of astute observations about infosec as a profession* (and that personally frustrate me when I come across them!) Ultimately both are presented as either end of a spectrum, where neither contributes successfully to business strategy.Read more… ( ~7 Min.)
Vol. 3 Iss. 38 20/09/2020, last updated 27/09/2020 Robin Oldham
This week ZeroLogon: Domain admin for everyone! If you’re reading this with your cuppa on Monday morning and are responsible for your companies IT or Security: stop reading this right now and check you’ve applied the Windows Server updates from August. Despite CVE-2020-1472 scoring a ‘perfect 10.0’ on the CVSS scale it got little reporting at release. Now, new details of ZeroLogon (as it is dubbed by researchers at Secura that discovered it) have been published.Read more… ( ~6 Min.)
Vol. 3 Iss. 37 13/09/2020, last updated 20/09/2020 Robin Oldham
This week China’s data security initiative China has published details of a ‘Global Initiative on Data Security’. The plans were unveiled by Wang Yi, a state councillor (equivalent to a cabinet-level position) at an International Seminar on Global Digital Governance event. It’s a move by China to influence cyber-norms and combat Western restrictions on telecoms companies Huawei and ZTE and the US President’s looming bans on social media companies Tik Tok and WeChat.Read more… ( ~6 Min.)