As a Chief Information Security Officer (CISO) you are expected to prepare for and manage security incidents. In this article I outline a hypothetical ransomware attack scenario and how the incident might unfold at your organisation. This is a scenario that has taken some inspiration from incidents that have happened to a number of different organisations (not my current employer) over the last couple of years. The aim of this article is to help you to determine how your organisation might react.

It’s prudent to park your ego at the door before continuing.

0:00 hour

Via a phishing campaign the threat actor…


In this article I explore the use of a cloud based, machine learning Security Information and Event Management (SIEM) solution to improve the efficiency and accuracy of cyber security operations.

A traditional Security Operations Centre (SOC) is normally portrayed as an expensive dedicated room. The room typically features a wall of large and impressive screens displaying flashy animations, while a mass of analysts diligently review log files from their minimalist style workstations. In fact the SOC sometimes looks like the mission control room used for the Apollo moon landings in the late 1960’s. …


Photo by Isaiah Rustad on Unsplash

TL’dr — forward suspicous emails to report@phishing.gov.uk

Phished — the feeling of total despair when you realise that you have just clicked on an innocent looking email and infected your laptop with malware / virus / trojan

With around 3.4Bn phishing emails being sent every day, it’s almost guaranteed that you will have some sitting somewhere in your inbox. The troubling thing is the phishing emails are getting more difficult to spot.

The hackers and organised crime groups (OCGs) exploit any trend or crisis to improve the chances of you giving away your personal data or revealing the unique three…


Do something great
Do something great
Photo by Clark Tibbs on Unsplash

The old days of plugging in a misconfigured firewall and relying on a couple of specialists to save the day are long gone. Now you need a team that proactively assesses security risk and can work with the whole organisation to address these issues.

Cyber Security @ ASOS is a collective responsibility

You also need a team that has a passion for learning. Cyber Security is continually evolving to meet the ever changing threats and advances in technology. …

George Mudie

CISO @ ASOS and reformed software engineer. When not building cyber security teams I enjoy some Nordic noir crime thrillers, Mexican food and Ian M Banks books

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store