Robin Oldham is the founder of Cydea, and previously led BAE Systems’ Security Advisory & Technical Services business, that was recognised by Forrester as one of the leading information security consultancies.
Robin helps businesses defend themselves from cyber crime and thrive in the digital world and has over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.
Risk Advisory: Kaseya VSA ‘supply-chain attack’
Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations. Organisations using the on-premises version of Kaseya VSA remote monitoring and management software shut down the application immediately. What is the supply-chain problem with Kaseya? IT management tools are an attractive target for cyber-criminals seeking to conduct ransomware attacks as they provide the mechanism - by design - to deploy and update software.
Risk Advisory: PrintNightmare
Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations. What has happened? A vulnerability in the ‘print spooler’ (which handles interactions between the operating system and USB or network printers) for Microsoft Windows has been identified that allows authenticated users to increase their permissions to those of IT administrators. IT Administrator accounts are highly prized by cyber criminals and this vulnerability allows them to turn any user account into a valuable asset for them to carry out further malicious activity, or to sell on to other cyber-criminals for nefarious purposes.
#RansomAware: stop shaming, share intelligence and fight back against ransomware attacks
Today, the world is seeing businesses of all sizes suffer devastating attacks from ransomware. In the last few months, massive attacks on Colonial Pipeline and JBS have disrupted services and earned cybercriminals millions of pounds. These attacks have been well-publicised, their CEOs have been openly talking about the incidents, G7 leaders have discussed the issue, and it’s prompted questions in boardrooms across the country. Until recently all but the most significant ransomware attacks have been kept out of the spotlight, with businesses opting to pay the ransom to restore services, and sometimes not letting their customers know.
TechUK article highlights the qualities CISOs need in 2021
Cydea, and our partners Atkins, are featured in techUK’s #Cyber2021 week. The guest blog post reinforces basic cyber hygiene, such as understanding what you are defending, as an important part of any cyber strategy. After all, assumption is a breeding ground for vulnerability! Organisations are more vulnerable when they neglect the basics – and nowhere is this issue more apparent than when it comes to the people who use company IT systems.
Announcing Cydea x Good Causes
Since founding Cydea eighteen months ago our mission has been to bring positive security to the world. Some of that is contributing to open source projects or releasing tools free of charge through cydea.tools. From the outset, part of that vision has always been that we will give back as best we can to charities and nonprofits that do amazing things. We’re fortunate enough now to be in a position to help and so that’s why I’m proud to be launching Cydea x Good Causes.
Risk Advisory: Microsoft Exchange 'Hafnium'
Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations. If your organisation uses Exchange (specifically on-premise rather than Office 365) then please read on as this advisory directly affects your organisation and action is required by your IT team. What has happened? State-sponsored actors have discovered flaws in Microsoft’s Exchange software that is used by many organisations for email, calendar and address books and used these to breach organisations.