My name is Craig Balding and I am an independent cyber security consultant.
On this site, I share expert knowledge on Cloud Security, covering the technology and tools, hacks and human factors, policy, regulation and strategy.
Who am I writing for?
- Developers & DevOps teams handling sensitive data: how to use cloud services safely, norms, minimum standards, best tools, OPSEC
- Incident Response and forensic teams: how to integrate threat management tooling, talk about response teams at cloud providers, facilitate intros, create helpful tools
- Security Assessment and Red teams: 101, cloud specific assessment tooling, useful tricks and tips
- Decision makers: CISOs, risk and policy people, regulators and insurance - inform about breaches, controls gaps, shared responsiblity, influence policy, educate about breaches, network
- SME customers: risks, tips, easy to use security tools
- Cloud related offense & defence tools, attacks and tactics (open source focused but some commercial)
- Cloud provider security: major developments, analysis of breaches and security controls and security - claims, technical walk throughs, gaps, certifications and regulatory issues
- Cloud research, studies and reports
- My observations, annoyances and suggestions for cloud services
- Occasional interviews, book reviews
I welcome your feedback, please get in touch