He spent five years as an IT consultant, designing and building enterprise level business intelligence systems, before deciding to focus on his passion; security.
he founded Norbroch Limited and remains its principal consultant and lead developer.
Norbroch is formed of the Scots words nor meaning north or northerly and broch meaning an Iron Age dry-stone fortified tower found in Scotland. Broch when pronounced should rhyme with loch. If you don't have a Scottish accent, feel free to affect one for the purposes of pronunciation.
So how should the fast-food drive-through change their ordering process? Installing a fancy computerised system that matches the driver's identity between windows would be completely disproportionate to the risk of financial loss. A simple change to the process would be a more pragmatic solution, such as an order being generated for every car including generating an empty order for cars that haven't ordered anything. It may well be that people like Rémi pull this trick so infrequently that it's significantly cheaper to accept a few stolen burgers rather than investing in process change and staff training, although damage to the company's reputation through customer dissatisfaction is a less quantifiable cost. We might want to think a bit differently if we were running a drive-through trading gold bullion or
We would like to show you a video that is hosted by YouTube, but viewing it may set cookies on your computer. We're telling you this so you can decide whether or not to accept these cookies. For more information, read about
Much like for the drive-through, any action taken should be proportionate to the risk. If an attacker can only change the colour of another user's electronic greetings card from red to green, then it might be acceptable to leave it. If an attacker can steal thousands of pounds, euros or dollars and devastate the company's reputation then a rapid repair, typically called a "patch" will be on the cards. The patch would most likely make a change to ensure that the system can handle the unexpected input properly in a way that an attacker can no longer exploit. No more stolen meals for our Frenchman!
Norbroch
provides expertise when security matters
We specialise in helping clients protect highly valuable assets from capable adversaries. We believe that proportionate security should enable you to focus on your core business. Whether you're looking for advice on your IT systems, buildings, personnel or all of these, we can help you.
Security must enable your organisation to perform at its best. We focus on practical and proportionate measures that will help your do your job better.
Being experts, we're smart enough to recognise we can't know everything. We'll tell you when we don't know the answer.
Nobroch is happy to offer initial advice to businesses, non-profit organisations, government departments and other security professionals completely free with no strings attached. We keep any conversations you have with us completely confidential. Get in touch with us by email or give us a call.
