And the proudest moment: Grand Final Premiers 2005. (Had to add that. Never thought it would happen!)

Could almost buy Trend Micro now. Who says marketing doesn’t sell?! :)

Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in: Ford Falcon, Too cool, WTF

Stay tuned….

Getting asked by people all the time why I do things like “Twitter” for example. As if it is something not so worthy. Background: here and here.

So have decided I would look at some of the real benefits of such applications in relation to our industry (and wider) in a much longer post. Who’s wasting their time or missing out? Is it that uncool? LOL……we’ll see.


Now I am/was a Rugby Union supporter, but gees, this game is now so far behind Rugby League, it’s not funny. It’s that exciting, I can write this post as I watch the pinnacle of the sport, a Bledisloe game between Australia and the All Blacks and know I am not missing much as I type. Read on.


Declan had a clean t-shirt in the morning but by 10am, the imagine of Fatemah had appeared on it. Freaky! (Top right)

Related to this? Hmmm….
Please no pilgrims to the Securus Global offices until we get this looked at by qualified experts, (eBay).

- Centralised password management tool here. Vuln free delusions – be fun to “test” this one. Consolidated risk. Nice!

- Data Breach Disclosure update in the US here. Fundamentals still missing to make this a fair and workable law for all. Wrote about this in Risk Management Magazine pp 14-15 in the September 2008 Edition. (May have to sign-in now to read it).

- My costs to maintain PCI QSA status to top 30K in 2009. Add another 20 odd K if we decide to become an ASV also again. PCI SSC doesn’t really care about my thoughts on why some of the costs are just money making grabs on their part. Danger for all is that if only the Big guys eventually are the only ones who can afford this, the level of QSA expertise and subsequent advice/service to merchants, service providers and the industry as a whole is going to become weaker so who wins? Do I battle these guys again or just suck it? No appetite at present for another battle with them. Read on:


Bit of an off-topic but remembered this story the other day and it made me chuckle to myself. Thought I would share it here and see if others have stories about how some successful projects came to fruition in a weird or funny way. Here we go:

There’s a large and very successful global business that to this day doesn’t know that their first Intranet was a porn site, and because of that porn site, a global business Intranet came into existence – it wasn’t going to happen without it (ie; the porn site) at that time. (Aside from about 4 people, though probably many more as the story has been passed on and is now probably considered just a myth). Click on:


Ah, lets just leave it to Anton Chuvakin who’s covering a lot of these “retarded” (his words) postings here at his blog.

Related post on “progress” (or rather lack of) in 2008. We can talk until the cows come home.

My prediction (more wishful thinking), I’ll go outside the industry. Shane Warne to do a Michael Jordan – return for the Ashes, smash the poms and then retire again. (Though this is dependent upon selectors, captain etc I suppose extending the “invitation”). Lets leave egos and any old grudges aside. Warne in 2009!  :-)

Posted in: Ford Falcon

Following in the footsteps of Malcolm Turnball, Kevin Rudd seems to have signed up also.

People have questioned recently whether it really is Malcolm Turnball here: If it’s not, the guy’s going to a lot of trouble. If it is, and I believe it is, he’s doing well. Even exchanged a few posts with him recently. Good on him!

Now is this our PM here:

May have to test how he responds soon. :) Well we have a direct forum on issues like Internet Filtering. (

Posted in: Ford Falcon

The danger here is that I may well cop some posts here myself (though hopefully I rarely fall into this category). :-)

Talking to a friend who I know is an awesome Infosec guy and also delivers. He’s been marked down somewhat in his performance appraisal because he’s; “not putting in above and beyond….”. (Read: he’s not coming in at 7am and leaving at 7pm). But all his work is delivered on time and quality. Colleague X whose projects are always late and generally troubled receives a good appraisal (as usual). Yeah, he’s one of those guys who’s in at 7am, leaves after the boss, and talks up his “successes”.

I always wonder what some of these bosses are thinking. Is it just their own belief that you need to be spending half your life in the office to show your worth or are they part of a monkey delivery system (where each link works on this premise)? (No relationship to the monkeynet). Saw a damn lot of this in my time in the Big 4 and investment banking world.


Each week he visits another company and sorts out their problems in his own unique way. I could imagine a talk with many CIOs going along the lines of:

“Oh ^%$ me….what the &*$# are you actually %*&*ing doing here? Okay, show me what you actually @%$ing know about *&^%ing security!?…..if your customers actually &*$^ing knew what the $*&$ you $*&$ing do and don’t *&$#ing do, you’d make them *&^$ing ill. And who’s this #&^$ing guy you have looking after $&##ing security. Why don’t you *(#$ing listen to him?!…… oh *&#$ me!”

Blunt or beating around the bush…..what works best? I would watch this show. :-)

Posted in: Ford Falcon

Older Posts »