-
Are you reporting your poor cyber-security posture to the board? 🏢
Are you reporting your poor cyber-security posture to the board? 🏢 Why not? As a director or c-suite exec, you are obligated to ask about and identify risks to the company/organisation. How big is your risk appetite? Forbes recently posted “10 Strategies CISOs can use to improve Board Cyber Risk Reports” (link in comments) which…
-
Why would I want to be a CISO in this environment?!?
⚠️ Cybersecurity friends and fellow CISOs ⚠️The SolarWinds news has been a wake-up call for many of us. It’s prompted a lot of coffee-fueled and late-night reflections. “Could that have been me?” “Am I doing enough?” “Why would I want to be a CISO in this environment?!?” In light of this, here’s where my head’s…
-
Are enterprise architects the new platform team leaders?
Really interesting view point; building platforms and services (platform engineering) is being recognised in the same sentence as enterprise architecture. All shapes of architects today should be aware of their responsibility in integrating solutions with the rest of the enterprise, and not just to deliver singular systems in isolation. “Shifting the mindset from a singular…
-
#LinkedInMusings: Why I canned my accountant – Stick to Your Promises
In this current environment, you need to stick to your promises. I just ditched my accountant of 3 years. Last week he promised to call. Yesterday he was “too busy with other clients” and promised to call back this morning. I waited all morning and no call. I quickly found a new accountant thanks to…
-
Coffee, and how I find great coffee experiences with brewstr
Back in 2011, I was working in Melbourne, flying in/out from my home town every week, for about 3 years, until late 2014. I was subjected to coffee snobbery in its finest. Melbourne, in case you didn’t know, has peak coffee culture; you get coffee wrong in Melbourne and people will literally fight you (exaggeration).…
-
Using JSON Web Tokens with CA API Gateway
Over the past 3 years or so working in a software team that develops APIs/integrations between many complex systems, we’ve seen the rise of the JSON Web Token. This humble little block of base64 encoded data is now at the core of most every API we build, and is heavily used in enforcing confidentiality and…
-
CISSP endorsement CURL / Postman request
Instead of logging in to the (ISC)2 endorsement portal or trying to navigate through the horrible website menus, you can just load up a Postman/Curl request curl -d ‘{“FirstName”:”YOUR-FIRST-NAME”,”LastName”:”YOUR-LAST-NAME”,”MemberNumber”:”YOUR-MEMBER-NUMBER”}’ -H “Content-Type: application/json” -X POSThttps://www.isc2.org/api/MemberVerification/MemberVerification If you’re using postman or similar you can populate with the following: Method POST URL https://www.isc2.org/api/MemberVerification/MemberVerification HTTP Headers: Content-Type: application/json Body/Data: {“FirstName”:”YOUR-FIRST-NAME”,”LastName”:”YOUR-LAST-NAME”,”MemberNumber”:”YOUR-MEMBER-NUMBER”}
-
Passing the (ISC)2 CISSP Exam
Preparation: I don’t study well. I prefer to measure my current understanding then fill in the gaps; which I wasn’t able to really do until the past week or so; I got a good grasp when attending a training course that I understood most of the content fairly well, especially in the technical sections. Booked…
-
#LinkedInMusings: Infrastructure as code
If you’re building “secure” cloud solutions, you MUST be deploying infrastructure as code (Azure ARM / AWS CloudFormation / Terraform). If you’re not, why not? What are your organisation’s barriers to making it happen? # This was a LinkedIn musing I thought was worth capturing.
-
Implementing SFTP Conversations with the CA API Gateway
The CA API Gateway allows you to stand up an SFTP endpoint for inbound messages to be processed. These messages are instantly processed by the gateway in memory, so throw away everything you knew about SFTP file uploads. Understanding the conversation flow When you connect to an SFTP server to upload a file, 5 things…