Kim Crawley

Kim Crawley

Kim Crawley spent years working in general tier two consumer tech support, most of which as a representative of Windstream, a secondary American ISP. Malware related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. Her curiosity led her to research malware as a hobby, which grew into an interest in all things information security related. By 2011, she was already ghostwriting study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. Ever since, she’s contributed articles on a variety of information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine. Her first solo developed PC game, Hackers Versus Banksters, had a successful Kickstarter and was featured at the Toronto Comic Arts Festival in May 2016. This October, she gave her first talk at an infosec convention, a penetration testing presentation at BSides Toronto. She considers her sociological and psychological perspective on infosec to be her trademark. Given the rapid growth of social engineering vulnerabilities, always considering the human element is vital.
September 13, 2017 | Kim Crawley

How Does The Equifax Incident Compare to Other Data Breaches?

The Equifax data breach news which broke last week was a bit of a shocker. About 143 million Americans were affected, which is most of the US adult population, and an unknown number of Canadians and Britons. The leaked data included some highly sensitive information including social security numbers, home addresses and credit card numbers. The cyber-attack on Equifax occurred between…

August 29, 2017 | Kim Crawley

One Man Cyber Attacked 4,000 Companies; Don’t Let It Happen to You

A cyber-attack over the past four months was discovered which targeted more than 4,000 companies, and successfully penetrated at least 14 of them. The targets were mainly in the oil and gas, mining, transportation, and construction sectors - in locations as diverse as Germany, Kuwait, UAE, Egypt, and Croatia. The malicious party was able to acquire sensitive financial data and remote control…

Get the latest security news in your inbox.

Subscribe via Email

August 14, 2017 | Kim Crawley

Security Tips for Parents with Kids Going Back to School

Cybersecurity is just as important for ordinary people—both adults and children—as it is for companies and professional organizations. I first went online in 1995, when I was eleven years old. Back then, only a very small percentage of households had internet access. My parents had no idea what to expect as I explored the World Wide Web…

August 9, 2017 | Kim Crawley

Basic Best Practices for Secure Internal Software as a Service (SaaS) Applications

Software as a Service (SaaS) is huge. More and more developers are choosing SaaS as the delivery mechanism of their software and services, and more and more businesses are using it. Where you or your organization have internally-developed, SaaS-delivered applications, ensuring the security of those applications is critical to both the security of the data, and minimizing risks to your…

July 11, 2017 | Kim Crawley

Basic Best Practices for Configuring Email Servers

A significant percentage of online cyberattacks are email related. Enterprises are often required to host their own email servers for the sake of compliance and practicality, instead of using one of many third party email services that are often offered by ISPs. But if an email server that your business operates is subject to attack, not only can your business…

June 1, 2017 | Kim Crawley

The Cybersecurity of Persona 5

I'm not only an information security professional, I also happen to be a huge Japanese RPG fan. I've also been playing video games since 1989. The Persona spinoff of the massive Megami Tensei series is one of my favorite game franchises. Persona games feature beautiful art design by Shigenori Soejima and Masayoshi Suto, excellent music by Shoji Meguro, well…

May 17, 2017 | Kim Crawley

Basic Best Practices for Securing LDAP and Active Directory with Red Hat

In the enterprise, it's very popular to manage Windows client PCs through Red Hat servers. This sort of configuration is especially common in healthcare and the financial services industries. Red Hat Enterprise Linux (RHEL) has good software for working with Windows Active Directory. Red Hat Enterprise Linux can also manage clients with multiple platforms, such as Windows, OS X,…

April 4, 2017 | Kim Crawley

Attackers Shifting to CNP Exploits as EMV is Implemented for Credit Cards

Sometimes cybersecurity trends are counterintuitive. Credit and debit cards that use integrated circuit chips, EMV technology, were designed to be less vulnerable to fraud than the previous magnetic stripe only standard. But as more and more of us have EMV cards in our wallets, credit card fraud appears to be on the rise. EMV is an acronym for Europay, MasterCard,…

February 15, 2017 | Kim Crawley

Are Windows Registry Fixers Safe?

Before I got into cybersecurity, I spent years as a technical support agent for Windows end users of Windstream, an American ISP. Although Windstream is an ISP, they also offered a general Windows client OS remote support service for their predominantly rural customers. Many of my malware-related tickets were to fix problems caused by users who installed Trojans. A lot…

January 4, 2017 | Kim Crawley

UX Design: An Overlooked Aspect of Endpoint Security

People in information security know to heed the advice of Bruce Schneier. What we often forget to do, however, is heed the advice of Don Norman, who is considered to be the father of User Experience design. In fact, when Apple hired Norman in 1993 as an Apple Fellow and User Experience Architect he was probably the first person ever to…

Watch a Demo ›
Get Price Free Trial