跳转到主要内容
  • Anti Cybersecurity
    Cybersecurity: Are We Doomed In This Game?
    Cybersecurity can be regarded by the subject scholars and practitioners alike as a more or less fixed body of knowledge, once mastered they think they are the respectful professors and experts in the field. This assumption can safely be applied in other fields like accounting and law. Yet this can lead to very serious consequences of self-complacency. In cybersecurity we always lament that the bad guys always win over the good guys. But is this the end game or is there a turn-around?
  • Black swan
    Cybersecurity Incident as Black Swan or Corporate Negligence
    The "black swan theory" refers to a big event that comes as a surprise, that has a major effect. Black swan events were introduced by Nassim Nicholas Taleb in his 2001 book Fooled By Randomness, which concerned financial events. His 2007 book The Black Swan extended the metaphor to events outside of financial markets. Taleb regards almost all major scientific discoveries, historical events, and artistic accomplishments as "black swans" — undirected and unpredicted. He gives the rise of the Internet, the personal computer, World War I, dissolution of the Soviet Union, and the September 2001 attacks as examples of black swan events.
  • title
    On Evidence

    The murder of Garrett MacNamara – who is responsible?

    In her book “Chain of Evidence” Cora Harrison described that a dead body of Garrett MacNamara, a local leader, was found on the road after a herd of cows has escaped, what was initially assumed to be a tragic case of Garrett being squashed to a pulp by livestock became more sinister when some local people claimed they saw a chain attached to the mutilated body – which has now disappeared. Who was the murderer?

  • Mission Possible
    Mission Possible: Next-Gen Penetration Test vs. Next-Gen Firewall

    A Confident and Difficult Client

    One Tuesday afternoon the Business Development team head, Nora dashed to the Professional Services Team in a rush saying a corporate client asking for penetration test service. "It is a big deal but starts small with a multi-platform mobile apps and its back-end infrastructure", she said.

    After going through all the paper works, the project started as usual. Soon the Professional Services Team became aware they were facing an almost insurmountable challenge.

  • Cybersecurity Threat Modelling and Zone-based Modelling

    Put the Cart before the Horse

    Quite often it is tempting for security professionals rushing out to buy firewalls, intrusion protection systems even before knowing what the cybersecurity threats and online attacks they are facing.

    Threat Modelling