What do
you
think this is?

CyberCentral 2019

• 1 minute to read
• Friday, 5th of April 2019
• • conferences
  • presentations
  • incident response

On April 4th and 5th I had the honour to participate in the 2019 CyberCentral Summit in Prague. A conference brilliantly organized by Michaela Stranovska and Alexander Nevski of EBCG. It is the first big conference I attend in Prague although this is the city I live in the last five years!!!

The conference was nicely balanced. The content included some very technical presentations such as Milan Pikula's presentation about the lack of security in IoT and Solomon Sonya's "Securing the perimeter - one IDS at a time".

Cyber Security for Critical Infrastructure 4.0

• 1 minute to read
• Wednesday, 27th of March 2019
• • conferences
  • security
  • presentations

On 26th and 27th of March I was invited to participate in the [Cyber Security for Critical Infrastructure 4.0 https://www.cybersenate.com/new-events/2019/3/26/critical-infrastructure-cyber-security] conference organized by Cyber Senate in Amsterdam. It was a very nice conference, organized brilliantly by Alex Matthews and James Nesbitt. Chris Blask was in charge of the coordination of the conference, and we all enjoyed a nice flow of the talks, panels and breaks.

Fighting bias in security analysis

• 8 minutes to read
• Tuesday, 19th of March 2019
• • artificial intelligence
  • machine learning
  • management
  • security

I am a huge fan of automation; I strongly believe that automation, machine learning and / or artificial intelligence (whatever these terms mean for different people) are our best chance to tackle one of the biggest problems we have in the cyber security industry: the human limitations.

Securing administrative access with MFA

• 10 minutes to read
• Monday, 4th of March 2019
• • linux
  • security
  • two-factor authentication
  • access control
  • open source

Now that multi factor authentication is gaining ground I thought I would write a simple guide on how to secure administrative access with MFA on Linux systems. The solution is simple and based on Google Authenticator. The good thing with Google Authenticator is that it's a typical TOTP/HOTP solution and as such does not require any internet connectivity on either the server or the client. The configuration examples provided are more or less appropriate for openSUSE Leap 15 and Ubuntu 18.04 LTS

(ISC)2 Learn - a new opportunity

• 4 minutes to read
• Wednesday, 20th of February 2019
• • education
  • security
  • privacy
  • awareness

In September 2018 (ISC)2 announced a Free GDPR course for members. What started as a single free course was very recently rebranded as the Professional Development Institute. The plans are for up to 30 (!!) new courses in 2019.

Private and secure browsing

• 7 minutes to read
• Monday, 11th of February 2019
• • linux
  • security
  • privacy
  • virtualization
  • open source

GDPR is supposed to let us take back control of our private data. In reality though many websites either don't allow that to happen through their selection of cookies, or constantly present to us the same requests until we accept the most invasive option. At the same time there is a known security risk related to every day broswing: browser - served malware, sometimes caused or enabled by the insane amount of 3rd party uncontrolled scripts that are served to us on the websites we visit. We need to find ways to browse securely and protecting our privacy as much as possible.