Banner Shadow




A clear directive (warning on usage) is required to keep human safe. This is the most effective safety protection. After
Everything is now undergoing digital transformation residing in the cyber space. Certain cybersecurity practitioners I met are overkilling business operations
By common sense, systems isolated from the network will have immunity from cyber attack over the wire but still be
Older TLS (Transport Layer Security) version is marked insecure by vulnerability scanner. Certain cybersecurity practitioners make decision solely based on
Security technology alone cannot reassure protection. It requires human judgment: What is the value of target being protected? Risks to
Many cybersecurity practitioners has misconception that technical controls are means to secure the cyber environment. They insist for encryption, MFA,
Written directives for cybersecurity are getting more challenges to formulate into policies due to dynamic business nature. If too rigid,
Control must be enforceable. If control can be circumvented or bypassed, then there is no point to deploy such control.
This time, I talk about auditor instead of cybersecurity practitioner that I have come across. In an ICS audit, auditor
Politics are always incurred in work and culture of an organizations especially large one. Cybersecurity becomes a hot topic and
When you move the contents to the cloud, it is above the perimeter. Even if you are pretty sure you
Certain cybersecurity practitioners insist to impose technical controls to secure the infrastructure/system. To some degrees yes, basic technical controls will