@andydav.bsky.social
Focused on platform stability, security, and automation | SaaS enthusiast | Exploring AI tools and their security implications| Advocate for ISO 27001 and Cyber Essentials compliance | Opinions mine
Today I spoke with the co-onwers of a company that has spent 7 years developing an in house CRM and job management platform. They wanted to replace their internal developer resource with ai tooling #ai #vibecoding
June 17, 2025 at 10:31 PM
Today I spoke with the co-onwers of a company that has spent 7 years developing an in house CRM and job management platform. They wanted to replace their internal developer resource with ai tooling #ai #vibecoding
Reposted
The greatest trick the tech industry ever pulled was calling incorrect outputs “hallucinations.”
No, it’s not hallucinating or inventing things. It’s code. And it’s wrong.
No, it’s not hallucinating or inventing things. It’s code. And it’s wrong.
In this context, I suggest replacing the word “hallucinations” with “fraud.”
People producing documents full of AI hallucinations in serious contexts will only get worse as businesses embrace AI “productivity gains” in the era of cost cutting.
They work faster but it’s really easy for people to skim over content they didn’t write when their employers are pushing for speed.
They work faster but it’s really easy for people to skim over content they didn’t write when their employers are pushing for speed.
May 31, 2025 at 3:21 AM
The greatest trick the tech industry ever pulled was calling incorrect outputs “hallucinations.”
No, it’s not hallucinating or inventing things. It’s code. And it’s wrong.
No, it’s not hallucinating or inventing things. It’s code. And it’s wrong.
The last three months have been a bit of a whirlwind. I've worked for 3 different companies in four different roles. Feels good to be in a steady position again. Although now I'm on a startup and building something new
May 31, 2025 at 9:35 AM
The last three months have been a bit of a whirlwind. I've worked for 3 different companies in four different roles. Feels good to be in a steady position again. Although now I'm on a startup and building something new
SaaS platforms used in your organisation are one of your weaknesses for #infosec. You need to make sure you're securing them properly.
#cyberawareness #cybersecurity
www.infosecurity-magazine.com/news/saas-br...
#cyberawareness #cybersecurity
www.infosecurity-magazine.com/news/saas-br...
SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short
Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks
www.infosecurity-magazine.com
February 2, 2025 at 7:48 AM
SaaS platforms used in your organisation are one of your weaknesses for #infosec. You need to make sure you're securing them properly.
#cyberawareness #cybersecurity
www.infosecurity-magazine.com/news/saas-br...
#cyberawareness #cybersecurity
www.infosecurity-magazine.com/news/saas-br...
The upcoming tiktok ban is interesting. With my infosec hat on the amount of data collected/given to tiktok is quiet scarry. But being realistic it's no worse than the amount of data being given to any other social media app. In fact some of the others are worse
#infosec #cyberawareness #tiktokban
#infosec #cyberawareness #tiktokban
January 17, 2025 at 4:00 PM
The upcoming tiktok ban is interesting. With my infosec hat on the amount of data collected/given to tiktok is quiet scarry. But being realistic it's no worse than the amount of data being given to any other social media app. In fact some of the others are worse
#infosec #cyberawareness #tiktokban
#infosec #cyberawareness #tiktokban
Learn how to set up a secure, cost-effective VPN at home using PiVPN. Perfect for privacy-conscious tech enthusiasts. 🥧
#Cyberawareness #cybersecurity
medium.com/@davenport.a...
#Cyberawareness #cybersecurity
medium.com/@davenport.a...
January 4, 2025 at 5:28 PM
Learn how to set up a secure, cost-effective VPN at home using PiVPN. Perfect for privacy-conscious tech enthusiasts. 🥧
#Cyberawareness #cybersecurity
medium.com/@davenport.a...
#Cyberawareness #cybersecurity
medium.com/@davenport.a...
For all of its interesting uses AI does introduce some serious infosec challenges. There's the headline grabbing ones like deep fakes but there's also the small ones like misinformation. When it comes to AI you should always validate the output.
www.bbc.com/news/article...
#infosec #cyberawareness
www.bbc.com/news/article...
#infosec #cyberawareness
Apple Intelligence falsely claimed Luke Littler had already won
An AI-generated notification says the teen has won the tournament before the final is even played.
www.bbc.com
January 4, 2025 at 9:27 AM
For all of its interesting uses AI does introduce some serious infosec challenges. There's the headline grabbing ones like deep fakes but there's also the small ones like misinformation. When it comes to AI you should always validate the output.
www.bbc.com/news/article...
#infosec #cyberawareness
www.bbc.com/news/article...
#infosec #cyberawareness
I had a conversation with someone not long ago about the link between ransomware and crypto and whether ransomware would exist without crypto. It's an interesting question. I'm certainly existed first but would it be as popular without it.
#cybersecurity #cyverawareness
#cybersecurity #cyverawareness
Ransomware is 35 years old and now a billion-dollar problem. Here’s how it could evolve, from CNBC.
https://flip.it/OmFKr8
#ransomware #tech #cybersecurity #technology
https://flip.it/OmFKr8
#ransomware #tech #cybersecurity #technology
Ransomware is 35 years old and now a billion-dollar problem. Here's how it could evolve
Ransomware officially turned 35 in December. The technology has come a long way in that time.
www.cnbc.com
January 1, 2025 at 3:37 PM
I had a conversation with someone not long ago about the link between ransomware and crypto and whether ransomware would exist without crypto. It's an interesting question. I'm certainly existed first but would it be as popular without it.
#cybersecurity #cyverawareness
#cybersecurity #cyverawareness
Yet another misconfiguration in AWS exposing data. Although you have to question who thought it was a good idea to put a memory dump somewhere unencrypted jalopnik.com/brothel-visi...
#infosec #informationsecurity #cyberawareness #cybersexurity
#infosec #informationsecurity #cyberawareness #cybersexurity
Brothel Visits Exposed In Volkswagen Location Data Leak
Leaked data showed the location of about 800,000 electric vehicles.
jalopnik.com
January 1, 2025 at 2:13 PM
Yet another misconfiguration in AWS exposing data. Although you have to question who thought it was a good idea to put a memory dump somewhere unencrypted jalopnik.com/brothel-visi...
#infosec #informationsecurity #cyberawareness #cybersexurity
#infosec #informationsecurity #cyberawareness #cybersexurity
I’m going to be doing the 100 Push-Ups a Day Challenge this January to help raise money for Cancer Research UK. Please show your support and help fund life-saving research by donating to my page. fundraise.cancerresearchuk.org/page/andrews...
Andrew's Giving Page
Thanks for visiting my fundraising page. I’m going to be doing the 100 Push-Ups a Day Challenge this January to help raise money for Cancer Research UK. Please show your support and help fund life-sav...
fundraise.cancerresearchuk.org
December 31, 2024 at 9:25 PM
I’m going to be doing the 100 Push-Ups a Day Challenge this January to help raise money for Cancer Research UK. Please show your support and help fund life-saving research by donating to my page. fundraise.cancerresearchuk.org/page/andrews...
This time 25 years ago we were all worried the world was going to end. Thankfully the entire IT industry had worked tirelessly to patch and update all these systems and avoid a possible catastrophe. Some times you can fully mitigate a risk!
#infosec #informationsecurity #informationsystems
#infosec #informationsecurity #informationsystems
December 31, 2024 at 7:56 PM
This time 25 years ago we were all worried the world was going to end. Thankfully the entire IT industry had worked tirelessly to patch and update all these systems and avoid a possible catastrophe. Some times you can fully mitigate a risk!
#infosec #informationsecurity #informationsystems
#infosec #informationsecurity #informationsystems
Just when you think there can't be time for any more major security incidents this year... www.bbc.com/news/article...
#cybersecurity #infosec #informationsecurity
#cybersecurity #infosec #informationsecurity
US Treasury says it was hacked by China
www.bbc.com
December 30, 2024 at 10:16 PM
Just when you think there can't be time for any more major security incidents this year... www.bbc.com/news/article...
#cybersecurity #infosec #informationsecurity
#cybersecurity #infosec #informationsecurity
Sometimes it's the simple things that trip you up. Securing an S3 bucket in AWS is relatively trivial but it's something that can be easily missed.
#cybersecurity #infosec #informationsecurity
www.techradar.com/pro/security...
#cybersecurity #infosec #informationsecurity
www.techradar.com/pro/security...
This widely-used instant loan app leaks nearly 30 million files of user data
Mumbai-based company was storing sensitive data in an unprotected S3 bucket
www.techradar.com
December 30, 2024 at 3:14 PM
Sometimes it's the simple things that trip you up. Securing an S3 bucket in AWS is relatively trivial but it's something that can be easily missed.
#cybersecurity #infosec #informationsecurity
www.techradar.com/pro/security...
#cybersecurity #infosec #informationsecurity
www.techradar.com/pro/security...
www.techradar.com/vpn/vpn-priv...
It really has been a busy year. The Salt typhoon actions look like they spill over into next year and I suspect only become worse as we find out more. It really highlights that your supply chain security is just as important.
#infosec #cybersecurity
It really has been a busy year. The Salt typhoon actions look like they spill over into next year and I suspect only become worse as we find out more. It really highlights that your supply chain security is just as important.
#infosec #cybersecurity
The 5 worst cyberattacks of 2024
The hacks that rocked the world
www.techradar.com
December 29, 2024 at 4:19 PM
www.techradar.com/vpn/vpn-priv...
It really has been a busy year. The Salt typhoon actions look like they spill over into next year and I suspect only become worse as we find out more. It really highlights that your supply chain security is just as important.
#infosec #cybersecurity
It really has been a busy year. The Salt typhoon actions look like they spill over into next year and I suspect only become worse as we find out more. It really highlights that your supply chain security is just as important.
#infosec #cybersecurity
People only ever remember your failures. Y2K was only a non-event because of the hard work of a lot of people to make sure things got patched. Much like how all the hard work of people in cyber security never gets celebrated. #infosec #cybersecurity
People feared the computer glitch would mean "the end of the world as we know it." Thankfully, Y2K didn't live up to the hype after years and billions of dollars were spent on painstaking preparation.
Y2K seems like a joke now, but in 1999 people were really freaking out
People feared the computer glitch would mean "the end of the world as we know it." Thankfully, Y2K didn't live up to the hype after years and billions of dollars were spent on painstaking preparation.
www.npr.org
December 29, 2024 at 9:12 AM
People only ever remember your failures. Y2K was only a non-event because of the hard work of a lot of people to make sure things got patched. Much like how all the hard work of people in cyber security never gets celebrated. #infosec #cybersecurity
It's been an eventful year for cyber incidents. It's good to look back over them and just seen if there's any lessons you can learn as a security professional techcrunch.com/2024/12/26/b...
#InfoSec #CyberSecurity #informationSecurity
#InfoSec #CyberSecurity #informationSecurity
These were the badly handled data breaches of 2024 | TechCrunch
Blaming victims, months of silence, and suing security researchers all featured in cybersecurity in 2024.
techcrunch.com
December 27, 2024 at 4:55 PM
It's been an eventful year for cyber incidents. It's good to look back over them and just seen if there's any lessons you can learn as a security professional techcrunch.com/2024/12/26/b...
#InfoSec #CyberSecurity #informationSecurity
#InfoSec #CyberSecurity #informationSecurity
How long since you tested your business continuity plan, or your incident response? It's all well and good having these plans but if your people don't know how to use them they're not worth the paper they are written on.
#infosec #businesscontinuity #cyberresiliance
#infosec #businesscontinuity #cyberresiliance
December 21, 2024 at 8:13 PM
How long since you tested your business continuity plan, or your incident response? It's all well and good having these plans but if your people don't know how to use them they're not worth the paper they are written on.
#infosec #businesscontinuity #cyberresiliance
#infosec #businesscontinuity #cyberresiliance
Reposted
Not all security warnings are bad. Chrome can now be configured to always upgrade to a secure connection and to warn the user when I site doesn't support https
www.forbes.com/sites/daveyw...
#cybersecurity #infosec #cyberawareness
www.forbes.com/sites/daveyw...
#cybersecurity #infosec #cyberawareness
Google’s New Security Warning For Android Chrome Users—What To Do Now
Google is rolling out a new Chrome security warning for Android users—here’s what you need to know.
www.forbes.com
December 16, 2024 at 7:30 AM
Not all security warnings are bad. Chrome can now be configured to always upgrade to a secure connection and to warn the user when I site doesn't support https
www.forbes.com/sites/daveyw...
#cybersecurity #infosec #cyberawareness
www.forbes.com/sites/daveyw...
#cybersecurity #infosec #cyberawareness
Reposted
Reposted
How to turn around a toxic cybersecurity culture https://www.csoonline.com/article/3618146/how-to-turn-around-a-toxic-cybersecurity-culture.html
How to turn around a toxic cybersecurity culture
A poor security culture leaves team members confused, angry, and searching for solutions (or the door), while exposing critical systems to attack. Here’s how to recognize the symptoms and cure this…
www.csoonline.com
December 14, 2024 at 5:42 PM
How to turn around a toxic cybersecurity culture https://www.csoonline.com/article/3618146/how-to-turn-around-a-toxic-cybersecurity-culture.html
You're more vulnerable to #SocialEngineering than you realise. You should learn to recognise the signs of an attempt to misuse your trust.
medium.com/@davenport.a...
#infosec #cyberawareness #informationsecurity
medium.com/@davenport.a...
#infosec #cyberawareness #informationsecurity
The Human Firewall: How Hackers Weaponize Your Curiosity (and Gullibility)
Picture this: You're sitting at your computer, feeling like a digital fortress of security. Your passwords are complex, your antivirus is updated, and you've watched enough spy movies to think you're…
medium.com
December 14, 2024 at 9:25 PM
You're more vulnerable to #SocialEngineering than you realise. You should learn to recognise the signs of an attempt to misuse your trust.
medium.com/@davenport.a...
#infosec #cyberawareness #informationsecurity
medium.com/@davenport.a...
#infosec #cyberawareness #informationsecurity
Culture is important in security. These tips for creating a positive security culture from NCSC could be really helpful if you're struggling to build the right culture in your organisation. www.ncsc.gov.uk/collection/y...
#infosec #cyberawareness #informatuonsecurity
#infosec #cyberawareness #informatuonsecurity
You shape security
This guidance is for anyone looking to develop security which works for organisations and for people.
www.ncsc.gov.uk
December 14, 2024 at 4:47 PM
Culture is important in security. These tips for creating a positive security culture from NCSC could be really helpful if you're struggling to build the right culture in your organisation. www.ncsc.gov.uk/collection/y...
#infosec #cyberawareness #informatuonsecurity
#infosec #cyberawareness #informatuonsecurity