Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked about the many challenges of implementing Least Privilege. You may have been forgiven for thinking this is all just too hard to do right from day one, or to rectify from your current situation. In this post, I’ll share my opinions on the best approaches that organisations could take to improve their privileged access management position and security posture.

Continue reading

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about what Least Privilege actually is. In this post, I’ll explore common approaches taken/tooling used to address some of the challenges mentioned, and some of the issues with those approaches/tooling. I’ll also explore how the interaction with budgets and project delivery can further exacerbate these issues.

Continue reading

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about the history of computers and privileged access. In this post, I want to get into a term you may hear a lot of if you work in Information Security, CyberSecurity or any Technology Risk role - Least Privilege.

Continue reading

This post is the first in a series of posts on the challenges of balancing privileged access with a robust security posture and a challenging delivery pipeline. It is also the first of my Security Bytes posts, where I dig into areas of interest in Information Security/Cyber Security, and offer my opinion. If you’ve known me for a while you’ll know I’ve only worked in an InfoSec/CyberSec role for just over two years.

Continue reading

Intro This post is definitely not technical and probably for myself as much as anyone else. If it helps other ME sufferers or sufferers of other invisible illnesses, or if it helps non-sufferers understand it, then it’s worth sharing. DISCLAIMER: I am not a doctor, these are just my observations of my illness, and my recollection of medical studies I’ve read in my desire to understand and deal with the illness.

Continue reading

Introduction In my last post, I talked about the background to my recent job search, and the start of the process in terms of interview preparation - taking time to really get to know yourself! With that done, you are now in a better position to begin to think about how you put your best self forward in CV’s, job applications and interviews. Identify and document your key achievements This is an area I struggled with initially - I was used to writing a CV as, effectively, a list of achievements, but very technically focused e.

Continue reading

In a break from my usual type of post, this post will be largely non-technical - I know, this is a tech blog, but bear with me! This was was inspired by a message from Nick Colyer, co-founder over at Skylines Academy in a post on the Azure Study Group (Skylines Academy) on Facebook where I’d mentioned doing interview prep alongside studying for the AZ-900 (Azure Fundamentals) exam - “if you’re interested, it would be great to have a blog on skylines around interview process and prep to share with fellow students.

Continue reading

Author's picture

Cirrius Tech | Serious About Tech

This is the personal blog of Graham Gold, covering all aspects of tech that interest me both personally and professionally. To see more about me visit my About Me page.

IT Professional

Scotland