Simon Thomas  

@SecureStrategy@infosec.exchange
20 Followers
101 Following
120 Posts
Cybersecurity consultant helping organisations reduce their real (not theoretical) risks. Tramper. Passionate about the South Island of New Zealand.
Websitehttps:\\securestrategy.co.nz
Simon Thomas  Dec 15, 2024
Angus McIntyreDec 14, 2024
O’Brien said that if we wanted a vision of the future, we should picture a boot coming down on a human face, forever, but actually I think the most realistic image of our future is Dave Bowman in "2001", desperately trying to disable all the "AI” features in his computer after each upgrade.
Show threadSimon Thomas  Dec 5, 2024
@gnyman @riskybusiness @metlstorm Completely agree - anyone who relies on these services to understand the security maturity of a supplier is being misled. They tell you nothing about the things that really matter - MFA, security alerting and response, secure configuration, governance etc.
Simon Thomas  Dec 2, 2024
Bruce Sterling @brucesDec 1, 2024
Simon Thomas  Nov 21, 2024
@neurovagrant @riskybiz @riskybusiness @campuscodi Agreed its a fantastic resource
Simon Thomas  Nov 9, 2024
Electronic Frontier FoundationNov 9, 2024
EFF was proud to call Aaron Swartz a friend and ally. https://www.eff.org/deeplinks/2024/11/celebrating-life-aaron-swartz-aaron-swartz-day-2024
Celebrating the Life of Aaron Swartz: Aaron Swartz Day 2024

Aaron Swartz was a digital rights champion who believed deeply in keeping the internet open. His life was cut short in 2013, after federal prosecutors charged him under the Computer Fraud and Abuse Act (CFAA) for systematically downloading academic journal articles from the online database JSTOR....

Electronic Frontier Foundation
Simon Thomas  Aug 15, 2024
vitaut 🤍❤️🤍 🇺🇦Aug 13, 2024
Simon Thomas  Jun 20, 2024
Selena LarsonJun 20, 2024
There are so many quotable parts in this lmao https://ludic.mataroa.blog/blog/i-will-fucking-piledrive-you-if-you-mention-ai-again/
I Will Fucking Piledrive You If You Mention AI Again — Ludicity

Simon Thomas  Jun 16, 2024
Selena LarsonJun 15, 2024
I am begging people to stop using AI generated image garbage on their social posts when trying to make smart points. Completely undermines your whole argument when the image is full of misspelled words and graphics that don’t make any sense 🤦‍♀️
Show threadSimon Thomas  Jun 3, 2024

@MichaelZ @GossiTheDog

Recail will kill the ability for organisations to allow employees or contractors to use their own PCs to connect to any work system, including O365. Only managed devices where Recall has been removed will be trusted. Get ready for an explosion in costs due to this idiocy.

Simon Thomas  May 29, 2024

I firmly believe that the only people who come to work to do cyber security are people in those roles. Everyone else in the organisation has their own role they need to perform - whether in finance, payroll, marketing, management, production etc. The goal of cyber security is to implement measures that work in the background to reduce risk without adversely affecting the ability of people to perform their roles. Yes, people need to be aware of the risks to security and privacy, and to understand the actions they can take. But if someone clicks a phishing email, or buys a gift card, it doesn't mean that they have failed. The failure is in the security measures that are meant to protect the organisation.

https://security.googleblog.com/2024/05/on-fire-drills-and-phishing-tests.html

On Fire Drills and Phishing Tests

Matt Linton, Chaos Specialist In the late 19th and early 20th century, a series of catastrophic fires in short succession led an outraged pu...