Kim Crawley

Kim Crawley

Kim Crawley spent years working in general tier two consumer tech support, most of which as a representative of Windstream, a secondary American ISP. Malware related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. Her curiosity led her to research malware as a hobby, which grew into an interest in all things information security related. By 2011, she was already ghostwriting study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. Ever since, she’s contributed articles on a variety of information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine. Her first solo developed PC game, Hackers Versus Banksters, had a successful Kickstarter and was featured at the Toronto Comic Arts Festival in May 2016. This October, she gave her first talk at an infosec convention, a penetration testing presentation at BSides Toronto. She considers her sociological and psychological perspective on infosec to be her trademark. Given the rapid growth of social engineering vulnerabilities, always considering the human element is vital.

May 7, 2018 | Kim Crawley

Explain Biometric Authentication

Authentication in and outside of computing can be done in one of three ways. It can be based on something you know, such as a password. It can be based on something you have, such as a keycard. Or it can be based on something that you are. That’s where biometrics comes in. A very brief history of…

February 20, 2018 | Kim Crawley

How SIEM Correlation Rules Work

SIEM is a powerful security tool when deployed properly. Network security appliances like IDS devices, IPS devices, and firewalls generate an awful lot of logs. A well-configured SIEM will alert security administrators to which events and trends they should pay attention to. Otherwise they’ll be too lost in event log noise to be able to effectively handle possible…

Get the latest security news in your inbox.

Subscribe via Email

January 22, 2018 | Kim Crawley

SharePoint Security Best Practices

Being conscientious of SharePoint security is simple if you understand the basics. SharePoint is a Microsoft platform which is designed to integrate with Microsoft Office. Microsoft launched the product in 2001. SharePoint is useful for thousands of organizations worldwide because it facilitates sharing documents on private web servers. SharePoint can be purchased as a separate product to deploy on your own…

November 30, 2017 | Kim Crawley

In Honor of Computer Security Day, Let’s Celebrate the Evolution of SIEM!

It’s the most wonderful time of the year. The trees on my street have almost completely shed their leaves. My neighbors are stringing multicolored lights on their houses. My local shopping mall has started to play various versions of “Jingle Bell Rock,” recorded by many of the stars of top 40 on radio from the past few…

September 27, 2017 | Kim Crawley

Explain How Firewalls Work to Me

Firewalls are one of the most important network security functions that everyone must have, whether you're operating a datacenter, or surfing the web on your phone during your public transit commute. Firewalls come in both hardware and software forms, for both consumers and enterprises. So what do firewalls do, and how do they work? I’m sure you…

September 13, 2017 | Kim Crawley

How Does The Equifax Incident Compare to Other Data Breaches?

The Equifax data breach news which broke last week was a bit of a shocker. About 143 million Americans were affected, which is most of the US adult population, and an unknown number of Canadians and Britons. The leaked data included some highly sensitive information including social security numbers, home addresses and credit card numbers. The cyber-attack on Equifax occurred between…

August 29, 2017 | Kim Crawley

One Man Cyber Attacked 4,000 Companies; Don’t Let It Happen to You

A cyber-attack over the past four months was discovered which targeted more than 4,000 companies, and successfully penetrated at least 14 of them. The targets were mainly in the oil and gas, mining, transportation, and construction sectors - in locations as diverse as Germany, Kuwait, UAE, Egypt, and Croatia. The malicious party was able to acquire sensitive financial data and remote control…

August 14, 2017 | Kim Crawley

Security Tips for Parents with Kids Going Back to School

Cybersecurity is just as important for ordinary people—both adults and children—as it is for companies and professional organizations. I first went online in 1995, when I was eleven years old. Back then, only a very small percentage of households had internet access. My parents had no idea what to expect as I explored the World Wide Web…

June 1, 2017 | Kim Crawley

The Cybersecurity of Persona 5

I'm not only an information security professional, I also happen to be a huge Japanese RPG fan. I've also been playing video games since 1989. The Persona spinoff of the massive Megami Tensei series is one of my favorite game franchises. Persona games feature beautiful art design by Shigenori Soejima and Masayoshi Suto, excellent music by Shoji Meguro, well…

April 4, 2017 | Kim Crawley

Attackers Shifting to CNP Exploits as EMV is Implemented for Credit Cards

Sometimes cybersecurity trends are counterintuitive. Credit and debit cards that use integrated circuit chips, EMV technology, were designed to be less vulnerable to fraud than the previous magnetic stripe only standard. But as more and more of us have EMV cards in our wallets, credit card fraud appears to be on the rise. EMV is an acronym for Europay, MasterCard,…

February 15, 2017 | Kim Crawley

Are Windows Registry Fixers Safe?

Before I got into cybersecurity, I spent years as a technical support agent for Windows end users of Windstream, an American ISP. Although Windstream is an ISP, they also offered a general Windows client OS remote support service for their predominantly rural customers. Many of my malware-related tickets were to fix problems caused by users who installed Trojans. A lot…

January 4, 2017 | Kim Crawley

UX Design: An Overlooked Aspect of Endpoint Security

People in information security know to heed the advice of Bruce Schneier. What we often forget to do, however, is heed the advice of Don Norman, who is considered to be the father of User Experience design. In fact, when Apple hired Norman in 1993 as an Apple Fellow and User Experience Architect he was probably the first person ever to…

Watch a Demo ›
Get Price Free Trial