Opens profile photo
Follow
Click to Follow RTO
Robin Oldham
@RTO
Cyber risk, security architecture, SecOps & DFIR. Founder , prev Cyber Consulting lead . Fan of data, F1, NFL & gaming. Views are my own
London, Englandrto.me.ukJoined April 2008

Robin Oldham’s Tweets

Pinned Tweet
#OSS2020 OPEN INFORMATION SECURITY RISK UNIVERSE 👥 Improve the way you identify and communicate #infosec risk. All #opensource and free for you to takeaway and use to improve how you manage #cyberrisk 💪 🔗 oisru.org THREAD 👇
Quote Tweet
Currently speaking at the Open Security Summit @oracuk , @rto and @PetraVuk1311 on the topic: "Open Information Security Risk Universe (OISRU)" Join here: open-security-summit.org/tracks/ciso-an Join YOUTUBE Live stream: youtube.com/watch?v=uVHEqN #oss2020 #opensecuritysummit2020 #threatmodeling
Image
2
5
Show this thread
If you have already exported/imported into a new password manager, make sure to check for any accounts you're not expecting. They may be in a sub-folder.
Show this thread
PSA: When you export your data from , it will also include all credentials on any linked accounts too. There's no option to choose which vaults are exported. That means you may end up with all your personal accounts in your new work vault, or visa-versa.
1
1
Show this thread
I’ve asked to confirm which vault data fields are/n’t encrypted.
Quote Tweet
Replying to @SeanWrightSec @UK_Daniel_Card and @LastPass
And disappointingly it’s different to how they advertise their service. The zero knowledge architecture implies the whole vault is encrypted locally before transmission to their servers:
Image
1
1
Everybody. Thank Naruto the Macaque for helping set the precedent that copyrightable material requires 'human authorship'. This monkey may have single-handedly destroyed the AI art industry. 🐵🎉
Image
Quote Tweet
Image
Image
today I woke up to the lovely news that an AI-generated comic lost its copyright protection because the USPTO determined that "copyrightable works require human authorship." great step in the right direction 👌
Show this thread
271
64.6K
Show this thread
What does this company do? "We help our clients set clear experience objectives and implement experience-driven results in the right places. Helping them unlock hidden value across their entire eco-system."
2
A female led revolution : For years the Islamic Republic has tried to shame Iranian women in the most intimate ways. Today, protesters in Iran are using sanitary pads to cover the regime’s CCTV cameras, which could identify protesters. Ingenious acts of defiance. 💚🤍❤️
Image
Image
Image
Image
11
1,256
Been bounced around 6 agents on live chat and now told that’s because the system automatically disconnects when someone is scheduled to go on break, dumping you back in the queue. Do not contact live chat around 10:30/11:00. They all go on coffee break.
1
3
Show this thread
There are many hugely talented people working in our health service and I can’t help but feel they’d do a better, at a lower price, if that’s what we want.
Quote Tweet
This headline 👇 will be no surprise to anyone who's been following @NHSEngland's plans (and actions) for a while. But @JonUngoedThomas's article reveals some crucial details about what's intended for your #NHS #HealthRecords that are worth unpacking... theguardian.com/society/2022/n
Show this thread
Controversial £360m NHS England data platform ‘lined up’ for Trump backer’s firm

Patients will have no say over records going to Palantir, the software giant run by billionaire Republican backer
1
Newsnight not pulling their punches.
Quote Tweet
Stunning and devastating opening from Newsnight tonight. Harsh, yes. Media students (and current broadcast journalists!) take note: your edit is nothing without the right choice of music. And oh boy this is quite the choice.
Show this thread
Embedded video
1:45
2.9M views
3
We shouldn’t let this be buried by other news today. Foodbank charity Trussell Trust says that the need for foodbanks has outstripped donations for the first time. It has distributed 46% more emergency food parcels in August and September than at the same time in 2021.
48
4,770
If you wait 'til this point to 'formally start taking customer contracts' then you have probably burned through your runway, lost investor confidence and gone bust.
Quote Tweet
If you have followed these steps well, you have done both a SOC 2 and ISO 27001 certification somewhere between 6-12 months. As of this point, you can formally start taking in new contracts from clients. 👇
Show this thread
1
2
Show this thread
Good intentions; poor advice. Security can help, but doesn't sell. Focus on customer need. Get your engineering team to tick off minimum viable security features (mvsp.dev). Come back to this and worry about security once you have something of value to protect.
Quote Tweet
How to secure your B2B SaaS startup & close million dollar deals for less than $100,000 Here’s the entire 10-step information security plan for you: 1. Procure enterprise grade equipment and tools which will be easy to make compliant. 👇
Show this thread
1
1
Show this thread