Andrew Brown

About Andrew Brown CTO, Elasticito

This author has not yet filled in any details.
So far Andrew Brown CTO, Elasticito has created 12 blog entries.

Microsoft 365: Compliance vs. Resilience – What’s the Difference?

Microsoft 365: Compliance vs. Resilience – What's the Difference? The terms "compliance" and "resilience" are often used interchangeably, yet they represent two distinct and complementary approaches to protecting an organisation's digital assets. For companies leveraging Microsoft 365, understanding this difference is critical for building a robust and sustainable security strategy. While compliance focuses on meeting a specific set of rules, resilience is about an organisation's ability to withstand and recover from a cyber attack. It’s also important to note that while compliance is important, being compliant doesn’t ensure that an organisation is secure or resilient. The Foundation of Compliance: Meeting the Rules Compliance is about adherence to laws, regulations, and industry standards. It's a snapshot in time, a checkbox exercise to prove that your organisation has implemented the required controls. A prime example is the NIS 2 Directive. This European Union legislation, which came into force in early 2023, aims

By |2025-09-29T12:55:12+00:00September 29th, 2025|Blog|0 Comments
Read More

Telecom Namibia Data Breach – Predictable and Avoidable?

Was the Telecom Namibia Data Breach Predictable and Avoidable? A Supply Chain Risk Management Perspective Introduction One Tue 10th, December 2024 a notice was published by a Threat Actor ransomware group called Hunter International stating that Telecom Namibia Limited was allegedly hacked. The objective of this post is to examine this incident from a Supply Chain Risk Management (SCRM) perspective. To assist prospects and existing customers in setting up and maturing their SCRM programs, I always recommend reviewing past incidents to understand if any of the incidents were predictable and avoidable and what mitigating steps should have been taken by all parties. Telecom Namibia (TN) is a great case in point and all the evidence surrounding this incident is still fresh. At present the incident is still under investigation to determine the root cause. However, if I was a betting person, I would wager that the evidence below is part

By |2025-01-16T14:32:43+00:00December 19th, 2024|Blog|0 Comments
Read More

A Practical Guide to Attack Surface Management

A Practical Guide to Attack Surface Management A Practical Guide to Attack Surface Management aims to provide practical tips and best practices to help organisations implement a comprehensive and effective attack surface management program. Attack Surface Management is a security practice aimed at identifying, managing, and mitigating potential attack vectors in an organisation’s IT environment. In today’s digital world, where businesses are becoming increasingly reliant on technology, Attack Surface Management is a crucial component of an overall security strategy. As our dependence on technology intensifies, the scope and intricacy of attack surfaces are expanding. This means that there are more devices, applications, and data available, providing an increased number of opportunities for malicious individuals to exploit weaknesses. To address this challenge, we have the emergence of attack surface management 2.0, which represents the next level of managing intricate environments. Although it's nearly impossible for an organisation to eradicate all vulnerabilities,

By |2023-03-30T17:09:12+00:00February 27th, 2023|Blog|Comments Off on A Practical Guide to Attack Surface Management
Read More

Creating a WHOIS Template to Register Domains

Creating a WHOIS Template to Register Domains When a domain name is registered, ICANN requires that personal information including your full name, address, phone number, and email address be provided. This information is then made visible to the public via a WHOIS lookup. In fact, it's available to everyone including marketers, spammers, and even identity thieves. Do you want to find out more about the WHOIS database, how to correct register a domain for business purposes so it is instantly reconisable and how not to expose your personal data while doing so? Perhaps you are wondering what measures should be taken to ensure your organisation's privacy on WHOIS? To discover answers to these questions, carry on reading this handy guide on "creating a WHOIS template to register domains." Introduction If you’ve ever registered a domain, you’ve probably felt a pang of anxiety about having to enter your address, phone number,

By |2023-03-30T17:09:13+00:00January 25th, 2023|Blog|Comments Off on Creating a WHOIS Template to Register Domains
Read More

Ransomware: Develop and Test Your Response Strategy Using Simulation

Ransomware: Develop and Test your Response Strategy Using Simulation In this blog I want to take a look at Simulating a Ransomware Attack and how you would go about developing and testing a Response Strategy. I’ve already covered the basics of a Ransomware attack in this blog article: https://elasticito.com/ransomware-do-you-have-a-tried-and-tested-strategy-in-place/ The object of this exercise is twofold: Maintain business continuity – or in other words a ransomware attack should have little to no disruption to business; Contain and eliminate the attack quickly with minimal effort; Throughout this blog I am going to focus on behaviour rather than specific IoCs. Please also note that the information provide here is a high-level guide and not an exhaustive task list and is focused on the endpoint only. In a future blog post I will cover network security controls. While User Awareness Training is recommended is hasn’t been included as part of validating security controls.

By |2023-03-30T17:09:53+00:00October 14th, 2020|Blog|Comments Off on Ransomware: Develop and Test Your Response Strategy Using Simulation
Read More

Ransomware: Do you have a tried and tested strategy in place?

Ransomware: Do you have a tried and tested strategy in place? With the recent Garmin outage that is still ongoing, which has allegedly been caused by a Ransomware attack, a large number of Executives are going to be asking tough questions about how Ransomware could impact their own organisations, as there is a good chance that this outage has had a direct effect on their daily lives. TL:DR – Ransomware attacks are preventable, however organisations need to have a tried and tested strategy in place to prevent these attacks. Breach and Attack Simulation provides the visibility needed to develop and test a Ransomware prevention strategy. While my intention with this article is not to speculate on the Garmin outage specifically, the points below are important factors that YOUR business should consider as important attributes of your Cyber Incident Response Protocol. Due to a lack of transparent communication with their clients

By |2023-03-30T17:09:53+00:00July 27th, 2020|Blog|Comments Off on Ransomware: Do you have a tried and tested strategy in place?
Read More

How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises

How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises In conjunction with an announcement by the Australian Prime Minster, Scott Morrison, on National Television, the Australian Cyber Security Centre (ACSC) recently published an advisory (Advisory 2020-008: Copy-paste compromises) giving the MITRE Tactics, Techniques and Procedures (TTPs) used against multiple Australian organisations seen in recent campaigns by a sophisticated threat actor.   The title “Copy-paste compromises” is derived from the actor’s heavy use of tools copied almost identically from open source. One of the ACSC recommendation is that:   “It is imperative that Australian organisations are alert to this threat and take steps to enhance the resilience of their networks.”   And while the Advisory also recommends the following:   Prompt patching of internet-facing software, operating systems and devices Use of multi-factor authentication across all remote access services Implementing the remainder of the

By |2023-03-30T17:09:53+00:00July 6th, 2020|Blog|Comments Off on How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises
Read More

How to Protect Your Customers and Your Brand from Stolen Credential Misuse

How to Protect Your Customers and Your Brand from Stolen Credential Misuse During 2020 a number of Online Retailers have made headline news due to the media erroneously reporting that their customer Portals had been breached. These include Tesco Clubcard Members (https://www.techradar.com/uk/news/tesco-clubcard-holders-warned-of-major-security-issue) and most recently, Wiggle (https://cyclingindustry.news/security-breach-reported-on-wiggles-customer-accounts). In both these instances there was no exploitation of a cyber vulnerability. Threat Actors in all likelihood gained access to these Portals Accounts using a database of credentials stolen from other platforms or possibly via a Spear Phishing campaign.    The obvious questions here are: How was this possible? and How can this be prevented in the future? I prefer a shared responsibility model so let’s answer the above questions with this in mind:   How was this possible? Many subscribers have the same username (email address) and password for all online portals and web applications. Therefore, if one Portal account is compromised,

By |2023-03-30T17:09:53+00:00June 17th, 2020|Blog|Comments Off on How to Protect Your Customers and Your Brand from Stolen Credential Misuse
Read More

Regularly Validating Security Controls with Breach and Attack Simulation

Regularly Validating Security Controls with Breach and Attack Simulation   Validating Security Controls is of vital importance for all organisations and is mandated by Cyber Security Frameworks like National Institute of Standards and Technology (N.I.S.T.) who offer a simple high-level way to do this using 5 steps:   IDENTIFY (CROWN JEWELS) PROTECT DETECT RESPOND RECOVER   To emphasise the importance of validating Security Control on a regular basis think of pilots doing a pre-flight check and inspection of their aircraft. Not performing these checks and inspections could lead to a loss of license for the pilots and the airline as it is mandatory and so should validating your organisation’s Security Controls. Simplistically you start by Identifying a Crown Jewel which could be an Endpoint, A Domain Controller or a Business Application. The next step is to detail and understand the attack vectors, which could be infiltration via email or a

By |2023-03-30T17:09:53+00:00May 18th, 2020|Blog|Comments Off on Regularly Validating Security Controls with Breach and Attack Simulation
Read More

You Should Adopt a Cyber Security Framework – Here’s Why

You Should Adopt a Cyber Security Framework – Here’s Why Today, cyber attacks and cyber security breaches are constantly happening around the world. These attacks are also continuously evolving, becoming more sophisticated and unforeseen. This makes it difficult for organisations to proactively prevent phising, malware and ransomware attacks. So what can your organisation do to become resilient to cyber threats? A suitable cyber security framework and cyber security policies and procedures can reinforce your organisation’s IT security.       Cyber Security Framework A growing number of organisations are coming to the realisation that their extensive investment in cyber security technologies has not provided the resilience to cyber attacks that they were expecting and are looking for answers as to why they are still susceptible to phishing, ransomware and malware. The answer to this susceptibility conundrum lies in the understanding and adoption of a Cyber Security Framework (CSF). This doesn't mean that blindly adopting

By |2023-03-30T17:09:54+00:00April 29th, 2020|Blog|Comments Off on You Should Adopt a Cyber Security Framework – Here’s Why
Read More
© Copyright Elasticito Limited | Privacy Policy | Cookie Policy | Site Map | Website designed by Crazy Gecko Limited California Consumer Privacy Act (CCPA) Opt-Out Icon Your Privacy Choices
LinkedInX