Author Archives: Andrew Smith

About Andrew Smith

Andrew is a senior systems-engineer with over 20 years experience in corporate and small business environments. This includes consulting for large ICT service providers. He has supported systems at every level in the organization, including infrastructure, operating systems, applications, and perimeter protection. He also collaborates with software development teams on web, database, and infrastructure security. Andrew has co-founded multiple ICT businesses, where he advises on cybersecurity strategies and policies. Andrew has a 3-year National Diploma in Electronics (light current).

Moving to the Cloud

Today, there are many companies contemplating moving to the public cloud, but are unsure whether they can, whether they need to, or whether it is safe to do so. The availability of high-speed fibre lines means that moving to the cloud is highly feasible. Business fibre lines are reliable, and...

Why multi-factor authentication is so important

Recently, a mobile app called “Timehop” announced that they suffered a security breach last December. A hacker managed to gain access to their systems and stole user information. This information contained usernames, emails, telephone numbers and most importantly access keys to their social services like Facebook, Twitter, Instagram etc. Timehop...

Data breaches: stealing valuable customer data

When companies get breached, there is not only a risk to their proprietary information, but also to the information they hold on their customers. This data is often far more valuable to thieves than any corporate secrets. They can be sold on the Dark Web or black market. Credit card...

Is your C-Suite risking your Company Data?

Your C-suite executives should be the ones who are most aware of and understand the risks of data exposure. They are ultimately the people responsible for the security of company data and must face the consequences of a data breach. Shareholders are putting their trust and faith in the C-Suite....

The cost of Cyber Security?

Many companies are frugal with their cyber security. “It can never happen to us, we are too small” “It’s not in the budget this year, we will look at it next year”. The fact is: everyone is vulnerable. It is an often quoted fact that 60 percent of all small...

Cloud Adoption

As many companies move towards deploying environments in the cloud to increase performance, scalability and redundancy, they have to wonder how do they protect these new frontiers. Traditional methods do not seem to fit into this new landscape. Is the uncertainty of cloud security hindering the adoption of these new...

Dthree Peer Learning

Cyberfenders Dthree (“Digital Defence Dojo”) helps cybersecurity professionals unlock greater wisdom and insights through the power of crowd. Dthree is an online peer-to-peer learning group that addresses cybersecurity best practices and share hot topics in a structured way. Led by our team of experts, referencing the NIST Cybersecurity Framework and...

Is Cryptojacking the next wave of cybercrime?

Over the last year and a half, we have seen a rise in ransomware attacks. Some of the big ones were Wannacry (it used Eternal Blue, a package that was created to exploit a vulnerability in Microsoft’s Server Message Block). This vulnerability was discovered by the US National Security Agency...

Unintended consequence of GDPR

As cybersecurity professionals, we can expect the implementation of the European GDPR or General Data Protection Regulations to have many unintended effects on day to day operations of Internet services. One of the most concerning consequences of GDPR is the WHOIS data. Often termed the “Information Super Highway”, the Internet...

Does your business have a dependable cybersecurity framework?

The cyber threat landscape is continually changing, developing, and refining. Every month there are new attacks employed and new vulnerabilities discovered. Some threat-actors sit on zero-day vulnerabilities (unknown and un-fixed holes in computer systems), unleashing them on private and business users alike. Attacks aim to get financial or personal data,...