Interests and Insights

Free Download: The Feynman Learning Technique Presentation

Post author By James Tyson
Post date 14th April 2021
No Comments on Free Download: The Feynman Learning Technique Presentation

This is a free presentation (with speaking points) about The Feynman Learning Technique.

Richard Feynman (1918-1988) was an American theoretical physicist known for his work in the path integral formulation of quantum mechanics, the theory of quantum electrodynamics, the physics of the superfluidity of supercooled liquid Helium. For contributions to the development of quantum electrodynamics, Feynman received the Nobel Prize in Physics in 1965.

He assisted in the development of the atomic bomb during World War II and became known to the public in the 1980s as a member of the Rogers Commission, the panel that investigated the Space Shuttle Challenger disaster. Along with his work in theoretical physics, Feynman has been credited as a pioneer in the field of quantum computing and for introducing the concept of nanotechnology.

During his lifetime, Feynman became one of the best-known scientists in the world and in a 1999 poll of 130 leading physicists was ranked the seventh greatest physicist of all time.

You can find this free digital resource here.

Tags Feynman, Learning, Presentation

General IT Information Security

Authentication and Authorisation Royal Rumble – OpenID vs OAuth vs SAML

Post author By James Tyson
Post date 27th February 2021
No Comments on Authentication and Authorisation Royal Rumble – OpenID vs OAuth vs SAML

There are just as many ways to defend data as there are to attack it. When considering multi-factor authentication, single sign-on, firewalls, and various other controls, the options can be overwhelming. For security professionals (amongst others), the decisions on how to keep data and identities secure starts much earlier – choosing the correct standard to deploy to keep federated identity secure.

Tags authentication, authorisation, identity, information security, OAuth, OpenID, SAML, Standards

Free Resources Information Security

Free Download: Building Information Security Culture Presentation

Post author By James Tyson
Post date 15th January 2021
No Comments on Free Download: Building Information Security Culture Presentation

This free presentation (with provided speaking points) provides an introduction to building an information security culture to a non InfoSec audience.

Many people see these topics as problems just for security – start talking about security and people’s eyes start to glaze over.

A cultural shift is required to drive change in the organisation and move the conversation of security away from a technology problem and into a conversation about how security is integrated into the company.

Security should be one of the first things people think about, not a last resort. Security is not an add on but rather an important part of how the organisation conducts its business.

You can find this free digital resource here.

Tags information security, Presentation, Security Culture, Security theory

Free Resources Information Security

Free Download: Supplier Security & Data Protection Questionnaire

Post author By James Tyson
Post date 30th October 2020
No Comments on Free Download: Supplier Security & Data Protection Questionnaire

It is vitally important that 3rd parties, such as contractors and suppliers, are probed for their information security and data protection posture. This is especially important with the increased use of cloud technologies and the transfer of responsibility and risk to other organisations and individuals.

This questionnaire is designed to be a starting point and as part of a wider due diligence effort before signing on the dotted line with a new 3rd party.

You can find this free digital resource here.

Tags Questionnaire, Supplier Security, Third Party Security

General IT Information Security

Password Management Guidance

Post author By James Tyson
Post date 21st October 2020
No Comments on Password Management Guidance

The primary objective of a theoretically sound password formulation policy is password diversity – we want our identity system to contain lots of different, hard to guess passwords.

There are several ways to achieve this but unfortunately most of the common approaches in use today, such as length requirements, complexity requirements, and change requirements, are far from helpful.

Tags good practice, guidance, identity, information security, management, passwords

Information Security

Liability, Due Diligence, and Negligence

Post author By James Tyson
Post date 28th May 2020
No Comments on Liability, Due Diligence, and Negligence

A short explanation on the meanings and differences between liability, due diligence, and negligence.

Tags business, due care, due diligence, governance, information security, legal, liability, negligence

General IT Information Security

The CIA Triad

The CIA triad is a model designed to guide policies and procedures for information security within an organisation. Read on to find out more about the CIA triad and some of the common methods organisations implement to meet CIA requirements.

Tags Availability, CIA triad, Confidentiality, information security, Integrity

General IT Information Security

What is IAAA?

Padlock gate — Photo by Jason Blackeye on Unsplash

How does security in systems actually work? Well, security generally works on a principle called IAAA; Identification, Authentication, Authorisation, Accountability. Read on to find out what this principle looks like in the real world.

Tags definition, IAAA, information security, Security theory