Robin Oldham


I’m Robin, founder of Cydea, the positive cyber security consultancy, and previously led BAE Systems’ Security Advisory & Technical Services business, recognised by Forrester as one of the leading information security consultancies.

I help businesses defend themselves from cyber crime and thrive in the digital world and have over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.

This is my personal site, where I publish archive copies of my weekly newsletter and aggregate my posts from other platforms.

If you’re interested in improving how you manage your cyber risk, or need help governing information security at the board level, then get in touch with me via Cydea, or connect on LinkedIn or Twitter.

Robin's Newsletter
I send out a weekly information security newsletter of the news and links that have caught my attention and why I think they're interesting. Check out the previous editions, or:

Recent Posts

Robin’s Newsletter #91

Future U.S. cyber strategy; Whisper not-so-secret; wormable Microsoft vulnerability in SMB

 Vol. 3  Iss. 11  15/03/2020, last updated 26/12/2020   Robin Oldham

This week Cyberspace Solarium Commission offers glimpse into future U.S. cyber strategy Cyberspace Solarium Commission has spent the last twelve months charged with ‘developing and articulating a [bipartisan and] comprehensive strategic approach to defending the United States in cyberspace.’ The output will likely trickle through into US policy in the coming months and years. Lawfare has a whole series, but two, in particular, caught my eye: ‘Digital Strangelove: The Cyber Dangers of Nuclear Weapons’ and ‘Defending Forward by Defending Norms.

Read more… ( ~6 Min.)

Robin’s Newsletter #90

Cashing in on loyalty points; scam certificate pages and the CIAs password

 Vol. 3  Iss. 10  08/03/2020, last updated 06/04/2020   Robin Oldham

Cydea needs you help to develop a better way to measure and manage cyber risk: check out the blog post on This week It’s International Women’s Day Some gains in improving gender diversity within information security have been made in the last couple of years and some estimates now suggest women make up 20% of the cyber workforce. I’ve had the privilege of working with some amazing people over my career and I wanted to take a brief moment to list some of their fields as proof that you don’t need to be a white dude with a bachelors in computer science to make it in cyber (or tech, for that matter): Psychology, Linguistics, Archeology, War Studies, (Astro)Physics, Astronomy, Criminology/Law, Philosophy.

Read more… ( ~6 Min.)

Robin’s Newsletter #89

Security awareness without fear; Android malware stealing 2FA codes; click here to sue everybody.

 Vol. 3  Iss. 9  01/03/2020, last updated 06/04/2020   Robin Oldham

This week Do you know someone who’d like $959 worth of cyber security books? I’m paying it forward by gifting five copies of the latest Cybersecurity Humble Book Bundle to students or those looking to retrain for a career in cyber security. Please forward this email on to anyone you know who’d be interested, and share my tweet, and LinkedIn post to help spread the world. Thanks! Dr Jessica Barker’s Guide to Security Awareness Without Fear This week was the RSA Conference in San Francisco.

Read more… ( ~5 Min.)

Robin’s Newsletter #88

Georgia defacement attribution; misusing anti-abuse; Pipeline ransomware.

 Vol. 3  Iss. 8  23/02/2020, last updated 26/12/2020   Robin Oldham

This week UK, US says Russia’s GRU behind massive Georgia cyber-attack This week the UK and US point the finger of blame at Russia for the defacement of thousands of Georgian websites in October last year. The UK’s National Cyber Security Centre (NCSC) believes there is a ’95% likelihood’ that Russia’s GRU Unit 74455 is responsible for the action and that it was to sow discord amongst the population. Original reports (vol.

Read more… ( ~5 Min.)

Robin’s Newsletter #87

Huawei, Crypto AG, and all the nations doin' all the cybers; plus Emotet.

 Vol. 3  Iss. 7  16/02/2020, last updated 06/04/2020   Robin Oldham

This week All the nations doin’ all the cybers A few stories this week all circling the tech divide theme (aka ‘digital sovereignty’ or ‘digital Balkanisation.’) A lot of posturing as the rollout of 5G networks picks up. The US brought allegations that Huawei can covertly access their customer networks. The Washington Post ran the full story of how Crypto AG, a Swiss company that sold diplomatic encryption machines, was secretly run by the CIA.

Read more… ( ~6 Min.)

Robin’s Newsletter #86

Simon Weckert's Google Maps art installation; IKEA's data promise; and valentine's security awareness.

 Vol. 3  Iss. 6  09/02/2020, last updated 06/04/2020   Robin Oldham

This week Man creates traffic jam on Google Maps using a cart full of mobile phones Pablo Picasso is credited with saying “art is a lie that makes us see the truth,” and artist Simon Weckert brought to life our reliance on algorithms with a great art installation this week. “[He] walked the streets of Berlin tugging a red wagon behind him. Wherever he went, Google Maps showed a congested traffic jam.

Read more… ( ~6 Min.)

Robin’s Newsletter #85

Jumpshot reminds us security isn't privacy; whopping REvil ransom demands; and keep calm/cary on for DPOs.

 Vol. 3  Iss. 5  02/02/2020, last updated 06/04/2020   Robin Oldham

This week Avast shutters Jumpshot division following report highlighting sale of web browsing data Joseph Cox at Vice Motherboard and Michael Kan at PC Mag broke the news that Avast was collecting and selling browsing habits from over 100 million devices. User’s who had installed AVG, Avast’s freemium anti-virus software, were prompted to opt-in to data collection as part of the functionality that scanned websites they visited for malware. Unbeknownst to them, this also gave the company authority to ship that to their Jumpshot division, who packaged it all up into a series of ‘click feed’ products and sold their browsing habits to companies like Tripadvisor, Pepsi, and management consultants McKinsey.

Read more… ( ~6 Min.)

Robin’s Newsletter #84

Jeff Bezos' phone hacking; Microsoft's elastic search snafu; ClearView.AI and facial recognition tech.

 Vol. 3  Iss. 4  26/01/2020, last updated 06/04/2020   Robin Oldham

Some blog posts from Cydea that might interest you: Thoughts for board directors and NEDs on cyber governance and protecting shareholder value We got Cyber Essentials certification :-) You can follow Cydea on: LinkedIn and Twitter. This week Investigation into hacking of Jeff Bezos’ phone It’s a web of the ultra-rich, nation-states, sex, murder, political influence and hacking. Photos and text messages leaked to the National Inquirer that exposed Jeff Bezos’ extramarital affair in 2018 triggered an investigation into the breach.

Read more… ( ~6 Min.)

Robin’s Newsletter #83

Changing the economics of cybercrime; Windows crypto vulnerability; and rival groups exploiting Citrix.

 Vol. 3  Iss. 3  19/01/2020, last updated 26/12/2020   Robin Oldham

This week Changing the economics of cybercrime An interesting read this week on how the team at Visa are working to tackle MageCart payment card fraud. MageCart attacks work by add virtual ‘card skimmers’ to the checkout pages of hacked eCommerce websites. When a user fills out their card details a copy is encoded and sent to the criminal gang. Because they’re intercepted as the user enters them into the web browser, they can see card numbers, expiry dates and the all-important three/four card verification digits.

Read more… ( ~6 Min.)

Robin’s Newsletter #82

Travelex's ongoing response; £500K penalty for DSG Retail; No patch for Citrix vulnerabilities until end of month.

 Vol. 3  Iss. 2  12/01/2020, last updated 26/12/2020   Robin Oldham

This week Travelex systems still offline as team restore from Sodinokibi infection Travelex continues to battle a ransomware infection and restore services as the 31st December outbreak marches on towards the end of its second week. The ransomware is believed to be Sodinokibi (aka REvil.) As well as encrypting files and causing disruption to business operations, the group claim to have stolen 5GB of personal data which they are threatening to release.

Read more… ( ~7 Min.)