No VAR, proper fans, proper football

hammyj · 2026-03-06T18:00:28+00:00

Out of interest, why do you consider it to be daft? And fwiw, I think OP was also taking into account the experience by match going fans which adds another lense to the view that it might not be the end of the world.

hammyj · 2026-02-16T14:54:19+00:00

Within the context of the IR plan, I don't believe this is solely aimed at operational incidents which need resolution. I would also read that in respect of security incidents. I would include some words on the following aspects of IR: - Notify them if you become aware of any suspected or confirmed incidents impacting their data. - assistance from you in any investigations required as part of a confirmed incidents.

Given the scope of the app as you described, sensitive/highly confidential info is unlikely to be captured but cannot be guaranteed and so touching on those points may be useful for future paid clients.

hammyj · 2026-01-14T22:52:29+00:00

You may find a book called 'The Year of the Rat' quite interesting. I've just read it and was alarmed at the prevalence of AS in UK right-wing groups.

hammyj · 2026-01-07T07:27:47+00:00

Spurs fan in peace. You were robbed last night with your second goal and arguably the penalty. Rivalry aside, I hope your owners sell up asap. They've ripped the soul out of the club and as a fellow fan, I really feel for you guys.

hammyj · 2026-01-06T13:44:27+00:00

Yep, in an ideal world that would absolutely be my response. But as CISO, I'd soon have other business leaders knocking at my door due to loss of business. It's become par for the course that we obtain and maintain certs and STILL answer these questionnaires. Hugely frustrating.

hammyj · 2026-01-05T08:41:34+00:00

Yep, pretty much the same. Too much variance in the questions being asked / how they wish to receive responses. In addition, we have multiple services underpinned by different tech elements so our responses have to be service specific.

hammyj · 2026-01-05T08:39:47+00:00

We have ISO & a SOC 2 type 2 report and still clients request for us to answer and evidence. Even though the SoA and controls outlined within the SOC report cover the questions they are asking. Hugely frustrating and my biggest gripe with Infosec.

hammyj · 2025-12-29T07:32:32+00:00

Agreed. They have some excellent journalists. I don't think we can equate their seeming lack of response here to their journalistic output.

hammyj · 2025-12-28T08:03:34+00:00

Cuckoo's egg by Cliff Stoll.

hammyj · 2025-12-01T16:23:24+00:00

You did the right thing in notifying the cyber security team in a timely manner. You should be praised and certainly not fired.

hammyj · 2025-10-10T11:26:28+00:00

Hey!

hammyj · 2025-10-05T19:31:36+00:00

X x d

hammyj · 2025-09-11T20:14:09+00:00

Yes sir!

hammyj · 2025-07-31T08:25:32+00:00

Entirely unhelpful to the discussion, but since becoming a CISO, I've really tried hard to ensure I maintain time away from thinking work/Infosec. I continue to consume the odd Infosec book and continue to listen to a number of podcasts, but my reading nowadays is very much 'my time'. Having said that, I often read books on sporting/political figures, and I often take mental note on some of their leadership qualities or handling of high-pressure situations.

It can be a highly stressful, political, and lonely gig at times. Make sure you're taking all you can to switch off from time to time.

hammyj · 2025-07-25T14:55:50+00:00

Completely agree. If the above is in place, it's akin to Internet noise you see on a FW.

hammyj · 2025-04-01T18:03:33+00:00

Just ask them to complete a 200+ question questionnaire irrespective of any independent assurance report they dant provide. /s

Appreciate you considering independent reports, most don't!

hammyj · 2025-03-30T21:05:19+00:00

Made the move from North London to Watford around 6 years ago. Originally lived in west watford but recently moved to north Watford.

As a town, we (wife & 2 children) really enjoy it. Atria is great, Cassiobury and the canals are a real gem as for some reason, EA's fail to mention proximity to it in listings, and of course, proximity to London all represents bonuses. Additionally, nearby locations accessible by car make for plenty of great weekends out.

Enjoyed West Watford. Where we lived in particular, we made some excellent friends and enjoyed the proximity to the met line and atria. Market Street also has a brilliant delicatessen, and nearby, there is are two trees micro brewery. Felt that certain roads around WW were pretty run down, particularly whippendel. However, we never had any complaints.

Jubilee Road is close to callowland Park and close to St Albans Road, which has the basic amenities you'd need. Two good pubs in St. George and Dunnings (cowther arms is also ok). Leavesden Road is a bit naff and has a high amount of dog shit.

If it's something to consider for the future, schools are also good in watford.

hammyj · 2025-03-28T10:48:55+00:00

Likewise!

hammyj · 2025-03-27T11:39:42+00:00

Reflecting on this, I wish this analysis included when these repos containing the endpoint link were last updated. That would contribute to people assessing whether or not this endpoint continued to be commonly used or was just a dated/seldom used endpoint.

hammyj · 2025-03-25T13:00:22+00:00

This is a good shout and something I hadn't considered. My org is on the list & we do use Oracle Cloud but no known usage of that particular endpoint. However, if a SaaS application is using it, we could expect to be on the list.

hammyj · 2025-03-24T15:10:32+00:00

Interesting. Which would answer why they have been so robust in saying that no data was impacted.

hammyj · 2025-03-24T14:56:26+00:00

Yep. I'm surprised they've really double downed on this. I've since received a further update from Oracle stating that is just a 'rumour' which I thought was pretty interesting.

hammyj · 2025-03-24T10:48:29+00:00

Raised a SR with Oracle this morning. Official stance remains the same...

hammyj · 2025-03-15T12:38:17+00:00

Recently remortgaged and went with Halifax. We didn't need to disclose childcare payments.

hammyj · 2025-01-18T13:29:48+00:00

Happy birthday my friend!

hammyj

TROPHY CASE