I’ve read that the government is urging companies to prepare for cyber attacks as part of the fallout of the war in Ukraine. Have you had to do anything in particular?
I love the difference between the last two questions!
What would be your no1 security tip?
(I’m going to exclude password safety as an option as I think that’s too obvious)
3 Likes
One last one from me: what’s the biggest security issue you’ve come across, why is it social engineering and what can be done to combat it?
1 Like
Just a few more questions from me too before you go:
- What is your mother’s maiden name?
- What is the name of your first pet?
- What was your first car?
- What elementary school did you attend?
- What is the name of the town where you were born?
1 Like
Some favourites:
- Security Onion
- Elastic
-
phish.report which was made by @bradleykemp
- Sigma
We do hope to give back to the open source community at some point soon. I’m writing a tool which analysis phishing kits and gives back some good data which could be deemed useful. As soon as this is perfected, I’ll make this open source 
1 Like
Never in the fridge, is this a thing?! 
2 Likes
Yeah for people who want a nice snap to their chocolate and not a half melted mess 
2 Likes
Great question! The NCSC did publish guidance / recommendations regarding the cyber threat level due to the ongoing crises. These recommendations were practices which we’ve always aligned with so the article didn’t cause a lot of panic.
2 Likes
Invest in an antivirus 
malware seems to be on the rise just now and there’s been some recently serious zero days happening such as Log4Shell, Spring4Shell and others. Businesses are most impacted but what makes me anxious is the use of botnets originating from home networks.
2 Likes
How did you know it would be social engineering?
You’re correct, social engineering does cause a lot of concern within the security industry and it’s often used by attackers to gain access to networks. Threat actors are very smart in the way they social engineer folk and the tactics they use are pretty sophisticated and even the best of us could be tricked!
For me whats crucial here is intelligence gathering. It’s important to know what the current threat is, what techniques are being used and how we can detect and stop the threat.
Not just at Monzo but in general a key part of mitigating the risk is around company based awareness / training aimed at social engineering.
3 Likes
I love the enthusiasm
1 Like
Interesting recommendation!
Not the route I’d go. I’m rather against this software for the most part. I’d have suggested a software or DNS firewall. Or both.
Mac users! Some great FOSS here:
1 Like
Objective-See have some decent open source products
1 Like