Demystifying GDPR myths and grey areas

The General Data Protection Regulation (GDPR) has been the buzz word that is causing media hype and organisations across the globe. You can find myths and misconceptions around GDPR more than you can find factual information. This blog post will address some of the key myths that we have found.

Read More

From Chaos to Conformance: 4 Context of the organisation

Information security is all about context!

In my previous two articles in this series focused on developing an Information Security Management System (ISMS) based on ISO 27001:2013, I presented the common myths associated with the standard. In this article, I am going to provide an overview of the standard and section 4 Context of the organisation.

Read More


From Chaos to Conformance: More ISO 27001 myths

Dispelling more common myths

Okay, I know I promised to delve into and discuss the requirements defined in 4 Context of the organisation. However, I realised that they are other common myths that I should dispel for those of you that are interested in implementing an Information Security Management System (ISMS) that conforms with ISO/IEC 27001:2013 (ISO 27001).

Read More

BrickerBot kiss of death to IoT devices

Reports surfaced on the 12th of April of a botnet that attacks IoT running BusyBox and other Linux-based devices. The bot, which is believed to be active since the 20th of March 2017, exploits hard-coded passwords of devices with published SSH or telnet, as well as attempting to brute-force passwords of devices with non-default credentials. As the name suggest, BrickerBot bricks the devices and leaves them completely useless. This is done by executing a set of commands to delete storage, corrupt routing and others.

Read More


“C” is for Controlled Access

When using devices and online services, always use modern, convenient and strong access controls. Fingerprint sensors are brilliant for controlling access to personal devices, a good password manager makes creating and remembering passwords a breeze, and adding multi-factor authentication is the best approach for protecting the accounts you really care about.

Read More