When the student is ready the teacher appears. When the student is truly ready the teacher disappears. — Lao Tzu What’s Lao trying to convey? You are a student. You are also a teacher. Learning new skills and acquiring appropriate cybersecurity domain knowledge is not limited to cracking an interview…

Core CISSP Exam Concept — Risk is everywhere. Being single is a risk of loneliness and depression. Being in a live-in relationship is a risk of an uncertain future. Being married is a risk of missing bachelorhood. You can never eliminate the risk. You can reduce it to the accepted level. Australia is the most…

Either read ten books by skimming and skipping or read one book from the first to the last page. I read every word of the (ISC)2 Sybex Official CISSP study guide from the first to the last page. I read it three times. However, the experience wasn’t the same. 1st…

The 3rd principle of Zero Trust Security is verifying explicitly. It’s not about providing one-off access anymore based on just passwords. Multi-factor authentication has become the norm, but few understand its true meaning. The multi-love factor authentication may look like the one below. Using passwords with PIN does not provide multi-factor authentication as they belong to the same category, which is “something you know”.

Overeating salt leads to frequent visits to the restroom, dizziness or fluctuating blood pressure. However, salt is healthy in the world of cryptography. It’s easy for attackers to crack your passwords even with hash values. Consider salt as a random number that blends your password to a one-way cryptography hash function like SHA256. It’s crucial not to reuse the same salt to avoid the same bland recipe.

Story One day, Mulla announces him to be the most hospitable man at the Teahouse: he invites a bunch of people for lunch at his home—the crowd and Mulla march towards the house. “Just wait here. I will let my wife know.” Mulla said. The hopeful crowd waits outside the house. …

Story One day, Mulla took his donkey with loaded salt to the market. They pass through the river, and salt melts! The donkey was happy, but Mulla had to bear the loss. After a few days, Mulla and the donkey had to pass through the same stream. However, this time, the…

Imagine you have a golden apple behind the secure door, and somebody breaks in. Is it an incident or a security breach? An intruder either steals the golden apple, replaces it with copper, or destroys the artefact. All of these events or kinds of attacks result in a security incident. In other words, a security incident is when a company’s confidentiality, integrity and availability are compromised.

Optimistic sees a vulnerability between a security patch, and pessimistic sees a security patch between a vulnerability. Which one are you? Well, you need to have both. I don’t like to see things as binary. Our world and decisions are driven by “yes” or “no”. Sometimes, you need to hop between them. The two perspectives are opposite, but they complement each other. They are different and still two sides of one coin.