In the not so distance past I worked as a security consultant at Portcullis Computer Security in London. The company was acquired by Cisco. This work as a continuation of the Information Security MSc that I did at Royal Holloway in 2014-2015.
My role was initially that of a penetration tester. I mainly reviewed the security of websites (“web apps”), but also network infrastructure, and host reviews (“build reviews”).
During my time at Cisco I pivoted to cover more on the soft side of security, which is often known as GRC (governance, risk, and compliance). During this time, I picked up certificates for ISO 27001 Implementation and ISO27005 Risk Management.
- Hashing, fast and slow
- Learn the basics of cryptography
- Basic cryptography: “security services” as found in Bitcoin and blockchain technology
- It may look complex and unpredictable but is it really?
- Smart contract security
- Protecting against replay attacks in inter-operating and multi-blockchain environments
- Creating better passwords
- Password managers – local vs global
- Are conventional password rules wrong?
- CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises
- How secure are large-scale mining and validation facilities?
- Blockchains, data protection and GDPR