Cyber Security

Luke Hally

Welcome

Join me as I undertake my Master’s of Cyber Security

About Me

I’m Luke Hally, I’ve been working in the digital sector for over 25 years across web development, IoT and product ownership for startups, enterprise, government and global brands. Building on this I’m currently undertaking a Master’s of Cyber Security Leadership at UNSW. I have a passion for aviation and believe it is a sector ill prepared for the connected future it faces, so I have focused my assessments on aviation cyber security where possible, with a goal of becoming an aviation cybersecurity SME. 

Blog categories are broken down by the courses as I take them and tags will be by interest area.

Find out more about me in my intro blog.

Latest Posts

Cyber leadership & governance

Aviation cybersecurity oversight strategy

Task As we have previously discovered, cybersecurity in the aviation sector is an emerging field. In light of other countries introducing specific aviation cybersecurity regulation

Read More »
Cyber risk & resilience

Risk assessment consulting report

Around the globe, car rental companies rely on technology for operating in an efficient and responsive manner. Here at RideWell we use a website and

Read More »
Cyber risk & resilience

Quantitative vs qualitative

Continuing on from our recent presentation to make a case for advanced cyber risk monitoring, RideWell’s management team would like your view and recommendation on

Read More »
Cyber risk & resilience

Advanced Cyber Risk Monitoring

The cyber security industry is increasingly recognising that they need to adopt mature risk management and monitoring practices in order to elevate the profession and

Read More »
Cyber & the law

Improvements to the Privacy Act

An area of the Privacy Act that could be improved is consent in regards to Privacy Principle 3 – collection of solicited personal information.  The

Read More »
Cyber & the law

Data breach notification

The Notifiable Data Breach scheme seemed so simple back when I started this Master’s degree. Now we are exploring its intricacies in my Cyber and

Read More »
Cyber threats & crime

Red teaming

An overview of Red Teaming and the role it plays in cybersecurity. Who should use it, how does it differ from penetration testing and is

Read More »
Cyber threats & crime

Cybercrime vs other crime

What distinguishes cybercrime from other types of crime, and why is this important to the cyber security profession? When considering what distinguishes cybercrime from other

Read More »
Cyber ops

Evolving aviation cybersecurity

Introduction: The aviation sector Aviation is an important sector, employing 58 million people, contributing $2.4 trillion to global GDP and annually carrying 3.3 billion passengers

Read More »
Cyber ops

Hacking back

What is “hacking back”, what are its advantages and disadvantages, and what role does it play in cyber defence? Hacking back is “the ability to

Read More »
Cyber ethics

Apple vs FBI

This was my final assessment for the cyber ethics course, it was a great topic that brought together the ethical theories with a real world

Read More »
Cyber ethics

Will privacy exist in 2040?

One of the the things that we need to consider when making ethical decisions is the impact the decision will have, not just now and

Read More »
Cyber ethics

The Equifax breach

Equifax is one of the world’s largest credit reporting agencies (CRA), creating credit reports from consumer data which is sold to third parties. Being high

Read More »
Cyber ethics

The ethics of solar power

In looking at the ethics of a technology, we need to assess whether it is value laden or neutral. If a technology impacts on the

Read More »
Data security & privacy

Can I reset my fingerprint?

We all know that we should use unique passwords for each service (Facebook, Netflix etc) we use. This is to prevent a credential stuffing attack,

Read More »
Data security & privacy

Quantum computing

Quantum computers have potential for great advances in our understanding of the world, and it may be happening sooner than we think with recent advances

Read More »
Data security & privacy

The war on encryption

The ‘war on encryption’ – law enforcement attempting to bypass or limit consumer level encryption – is a global issue with many platforms utilising encryption

Read More »
Data security & privacy

Privacy

Looking in more detail at privacy this week. I encountered privacy in my first course, Foundations of Cyber Security. It had a profound impact on

Read More »
Data security & privacy

Attack Lifecycles

We see lifecycles everywhere, product lifecycles, software development lifecycles, data lifecycles. They are a useful way to gain a high level understanding of something and

Read More »
Data security & privacy

Asymmetric Warfare

Symmetry and asymmetry is something we see a lot of in cyber security. We break symmetry with passwords and authentication – making it easy for

Read More »
Data security & privacy

Data lifecycles

The data lifecycle is a useful tool to understand all of the stages data goes through. This can include: what is collected; how it is

Read More »
Data security & privacy

Intro to Data

The start of a new course this week, Data Security and Privacy. I’m looking forward to this one, we learn how to actually hack into

Read More »
Security engineering

Social engineering hack

“ Social engineering is an extremely effective technique used by hackers worldwide to compromise internal systems and proprietary information assets. In fact, it’s one of

Read More »
Security engineering

CIA’s peddle power

I’ve had a couple of opportunities to apply what I have learnt in the real world this week. Estimating Attacker Power This degree has affected

Read More »
Data security & privacy

Voiceprint hack

This one was from a few years ago, but with biometrics becoming more and more prevalent I think it’s relevant today. A successful voiceprint hack

Read More »
Security engineering

What is Authentication

Authentication is proving who you are. Not to be confused with authorisation, which is having permission to access or use something. In security we often

Read More »
Security engineering

Bitcoin and blockchain

Thanks to my involvement in fintech, I’ve been around the edges of bitcoin and blockchain for a while Traditional money relies on a trusted third

Read More »
Security engineering

Hash definitions and attacks

There’s a lot to remember about hashes, so I’m bringing the definitions into one place as a reference. Term Definition Avalanche effect Small changes in

Read More »
Security engineering

Block Modes

DES (Data Encryption Standard) and AES (Advance Encryption Standard) are both block ciphers. The message is broken into blocks and each block is encrypted and

Read More »
Security engineering

Error Types

What are type I and type II errors? They sound fancy but are quite simple to understand and are a good way to look at

Read More »
Security engineering

Hashes and Cryptographic Hashes

Encryption is the glamourous part of confidentiality, today we will look at hashes. We’ll cover regular and cryptographic hashes, a bit of history then we’ll

Read More »