Subscribe to Fresh Thoughts - The Fresh Security Weekly Newsletter
Get control of cybersecurity in 4 minutes each week.
Subscribe to Fresh Thoughts for a weekly dose of straight talking.
It's how you cut through the cybersecurity bull.
Discover stories and insights that help you make better security decisions.
What matters? What's hype? And why?
Our newsletter subscribers always get the answers. First.
Previous Issues of Fresh Thoughts
Fresh Thoughts #54: What Can a Stolen Handbag Teach Us About Threats?
The latest version of ISO 27001 has a new control - Threat Intelligence. What is it? And how can a recent theft help us understand more?
Fresh Thoughts #49: How Do You Respond? OODA
This is the model I use to respond to all types of cybersecurity and business situations... OODA.
Fresh Thoughts #47: Situation Normal. The End of the World Is Nigh.
As is tradition the conclusion of the LastPass data breach was spun into "the end of the world is nigh" scaremongering. But what does it actually mean?
Fresh Thoughts #46: The People Perimeter
No amount of cybersecurity technology can provide perfect protection. At some point, your people will need to form a defensive perimeter...
Fresh Thoughts #44: Let Technology and People Play to Their Strengths
Do people and technology both have the same strengths in cybersecurity?
Fresh Thoughts #43: Who Do You Trust More - People or Tech? Part 1
It can be challenging to decide which is better... Buying more security tech or taking a human-centric approach? Here are some points you should consider...
Fresh Thoughts #41: Are You Ready to SOAR?
Are you ready to auto-magically respond to every other incident with SOAR... 🤔
Fresh Thoughts #40: Think Like a Hacker
What motivates a hacker to infect a computer? Let's use the recent EMOTET outbreak as an example...
Fresh Thoughts #38: “You're on your own.”
Sandip Patel KC tells us - "The government and law enforcement are not going to save you from cybercrime."
Fresh Thoughts #37: What Does It Take to Get ISO27001:2022?
You're thinking about ISO 27001:2022… So what does it take to achieve the certification?
Fresh Thoughts #35: Who Represents Your Business?
Every new Fresh Security customer receives a handwritten Thank You note. It's a small token saying - we appreciate your trust...
Fresh Thoughts #34: Are We Asking Too Much of IT Admins?
"When I started, it was common to have 6-9 months to figure out a new technology... Now my team has 2 days."
Fresh Thoughts #32: The Queen's Wit
My mum's Irish. And like many old societies, the Irish have strong opinions about death. If you've been to an Irish wake, you'll know...
Fresh Thoughts #31: The State of Cyber Insurance - September 2022
In March we made predictions about the cyber insurance industry. Were we right?
Fresh Thoughts #29: Security Should Be Shaker, Not Silk
The minimal elegance of Shaker furniture doesn't always come to mind when thinking of security... but when security is done right, it should.
Fresh Thoughts #28: Resilience: What Are My Options?
There should never be a budget for unnecessary. But when spending gets tight - resilience can start to look increasingly unnecessary.
Fresh Thoughts #26: How to Right-Size Accountability
Being held accountable but having no control. It's one of the worst feelings I know. Unfortunately, it's all too common in cybersecurity...
Fresh Thoughts #25: The Revolutionary Advance of Three Random Words
Passwords have always been a problem. But in 2016, the NCSC rejected the legacy password rules and published a new, revolutionary idea...
Fresh Thoughts #23: The Time a Teenage Girl Broke Her Back
In Incident Response, “doing anything” can sometimes make things much, much worse. And it always burns time. Did I ever tell you about the time when doing nothing meant a 13-year-old girl wasn’t paralysed for life?
Fresh Thoughts #22: Incident Response: What Most Companies Do & How To Respond
Once the shock of a data breach or ransomware attack subsides, everyone starts asking the question… What do most companies do in this position?
Fresh Thoughts #20: Brown M&Ms & Trusting Your Team
Van Halen's rider famously contained a clause requiring a bowl of M&Ms... but no brown ones. While easily dismissed as rockstars being picky - it was anything but.
Fresh Thoughts #19: Tiny Changes, Significant Impact & Board Briefing Packs
At Fresh Security, we help our customers make small, tiny changes to the way they work. But those tiny changes create significant impacts.
Fresh Thoughts #17: Foundations and First Principles
Cybersecurity doesn't need to be complicated. Here are 2 models to ask questions and find gaps.
Fresh Thoughts #16: Risk Is Part of Business & Why Certification Is Not the Goal
Here are the 4 ways to deal with the risk of business and everyday life... And why security certifications are a goal....
Fresh Thoughts #14: The Emotional Rollercoaster of a Vulnerability Scan
Where else in life would you ask for a list of perceived flaws in excruciating detail? But that's precisely what a vulnerability scan is designed to do...
Fresh Thoughts #13: Communicating With Certifications & Fingerprinting Vulnerabilities
Some servers are like football supporters on a Saturday afternoon... And security certificates communicate information... quickly.
Fresh Thoughts #11: Risk Assessment Mistakes & Do You Need More Security?
The biggest mistake I made on my first risk assessment? It was too detailed. I documented every possible way...
Fresh Thoughts #10: Risk is Not Unique & A Rotten Analogy
For some reason, cybersecurity folks seem to think they have a unique view of risk. But any business owner, investor or accountant knows - there are many types of risks we see...
Fresh Thoughts #8: Seeing Signals & Why Some Bugs are Unpatchable
Security awareness training teaches your team how to spot the signals used in scams. Once they see it...
Fresh Thoughts #7: The State of Cybersecurity Sales in 2022
Cybersecurity conferences are feeling nostalgic. Like it's 2010... but for some reason, no one is talking about the solution to ransomware. So we are...
Fresh Thoughts #6: Please. No More Security Soundbites
When you distil an idea too much, all meaning is lost. Security soundbites are contradictory and confusing. Time for a new project...
Fresh Thoughts #5: Password Managers Are Becoming Collateral Damage
Password managers are fundamental to better security practices. But since Christmas, LastPass and Chrome have been working to block each other. Why?
Fresh Thoughts #3: When Cyber Threats Are “Imminent” What Do You Do?
Doom! Doom! I say. What should you actually do when a cyber attack is imminent?
Fresh Thoughts #2: Zero Trust & Leading Indicators
Zero Trust is everywhere... but is it just another buzzword? And the trouble with looking at the wrong indicators.