TaoSecurity Blog

Do you remember the story of the UK-based logistics company that closed due to ransomware and laid off 730 workers?  Today in an article about a warning to UK businesses about cyber incidents, their “director” said they “were throwing £120,000 a year at [cyber-security] with insurance and systems and third-party managed systems.” That’s the cost of one cyber FTE, and it sounds like they didn’t employ ANY cyber people. This is what I mean by the “security 1%.”  https://taosecurity.blogspot.com/2020/10/security-and-one-percent-thought.html This company was in the 99%, and intruders put them out of business, despite apparently having $100 million in annual revenue?  I never blame victims of intrusions, but the underinvestment in security is appalling. Refs: https://www.bbc.com/news/articles/ced61xv967lo and https://www.northantstelegraph.co.uk/news/people/kettering-haulage-company-knights-of-old-group-goes-into-administration-with-730-redundancies-4349040# ...

When someone cites one of my works, I get a notice from Research Gate. Today I got one, from an article from the "IEEE Open Journal of the Communications Society." It cited my first book, which is 21 years old.     The PDF was available.    I noticed the article referenced Prelude, a project I talked about in my first book.        This project has been dead for YEARS. If you visit the link for Prelude in the paper, supposedly visited for research in Feb 2025, it redirects to a gambling site.    If you go to the original Prelude IDS site, it's a disguised gambling site.     I checked with Archive.org and the site was not serving useful content in the timeframe the researchers claimed.   I don't understand how this happens. Stop shoddy academic "research."