ashley

knowles

Category: Uncategorized

The prompt is not the problem

We are in danger of building a society full of architects with nobody left to pour the concrete. A leader opens an AI tool and types: Create a three-year digital transformation roadmap for our business. Within seconds, the model returns something polished and plausible. It has workstreams, milestones, governance, risk themes, and a neat sequence […]

GRC Software Is Powerful. It Still Needs a Pilot

For COOs and CFOs, frameworks such as ISO 27001, SOC 2, NIST CSF, the Essential Eight and CPS 234 are rarely just “security work”. They are operating model decisions. They shape how risk is owned, how evidence is produced, how third parties are governed, and how the business proves control under pressure. That is why […]

Road to 2K – (re)Starting My RowERG Journey

I purchased a Concept2 RowERG around about 2020, and it had small amounts of use here and there, before being packed away in late 2023 to clear off our patio. And it stayed in the garage for the best part of the next 2 and a half years. Cue 2026. After 3 years of personal […]

Are you reporting your poor cyber-security posture to the board? 🏢

Are you reporting your poor cyber-security posture to the board? 🏢 Why not? As a director or c-suite exec, you are obligated to ask about and identify risks to the company/organisation. How big is your risk appetite? Forbes recently posted “10 Strategies CISOs can use to improve Board Cyber Risk Reports” (link in comments) which […]

Why would I want to be a CISO in this environment?!?

⚠️ Cybersecurity friends and fellow CISOs ⚠️The SolarWinds news has been a wake-up call for many of us. It’s prompted a lot of coffee-fueled and late-night reflections. “Could that have been me?” “Am I doing enough?” “Why would I want to be a CISO in this environment?!?” In light of this, here’s where my head’s […]

Are enterprise architects the new platform team leaders?

Really interesting view point; building platforms and services (platform engineering) is being recognised in the same sentence as enterprise architecture. All shapes of architects today should be aware of their responsibility in integrating solutions with the rest of the enterprise, and not just to deliver singular systems in isolation. “Shifting the mindset from a singular […]

Coffee, and how I find great coffee experiences with brewstr

Back in 2011, I was working in Melbourne, flying in/out from my home town every week, for about 3 years, until late 2014. I was subjected to coffee snobbery in its finest. Melbourne, in case you didn’t know, has peak coffee culture; you get coffee wrong in Melbourne and people will literally fight you (exaggeration). […]

Using JSON Web Tokens with CA API Gateway

Over the past 3 years or so working in a software team that develops APIs/integrations between many complex systems, we’ve seen the rise of the JSON Web Token. This humble little block of base64 encoded data is now at the core of most every API we build, and is heavily used in enforcing confidentiality and […]

CISSP endorsement CURL / Postman request

Instead of logging in to the (ISC)2 endorsement portal or trying to navigate through the horrible website menus, you can just load up a Postman/Curl request curl -d ‘{“FirstName”:”YOUR-FIRST-NAME”,”LastName”:”YOUR-LAST-NAME”,”MemberNumber”:”YOUR-MEMBER-NUMBER”}’ -H “Content-Type: application/json” -X POSThttps://www.isc2.org/api/MemberVerification/MemberVerification If you’re using postman or similar you can populate with the following: Method POST URL https://www.isc2.org/api/MemberVerification/MemberVerification HTTP Headers: Content-Type: application/json Body/Data: {“FirstName”:”YOUR-FIRST-NAME”,”LastName”:”YOUR-LAST-NAME”,”MemberNumber”:”YOUR-MEMBER-NUMBER”}