simon.keat.es

<div class="links_block">

			<h2>General</h2>
			<ul>
		
			<li><a href="https://www.tablesgenerator.com/markdown_tables">Markdown Table Generator</a></li>
			
	

	
		
			<li><a href="https://www.markdownguide.org/extended-syntax/">Markdown Reference</a></li>
			
	

	

	

	

	

	

	

	

	

	

	

	

	

	

	
		
			</ul>
			
			<h2>Home Assistant</h2>
			<ul>
		
			<li><a href="https://www.youtube.com/watch?v=5y6rhwr5Y8c">EASY Lovelace Mobile Dashboard</a></li>
			
	

	

	

	

	

	

	

	
		
			</ul>
			
			<h2>Jekyll</h2>
			<ul>
		
			<li><a href="https://iwiedenm.github.io/jekyll-theme-massively/">Massively Theme on Jekyll home</a></li>
			
	

	

	

	

	

	

	

	

	
		
			</ul>
			
			<h2>Web</h2>
			<ul>
		
			<li><a href="https://requestmetrics.com/web-performance/http3-is-fast">HTTP/3 is Fast</a></li>
			
				<ul><li>via https://danielmiessler.com/</li></ul>
			
	

	
		
			<li><a href="https://medium.com/codavel-blog/quic-vs-tcp-tls-and-why-quic-is-not-the-next-big-thing-d4ef59143efd">QUIC vs TCP+TLS — and why QUIC is not the next big thing</a></li>
			
	

	

	

	

	

	

	

	

	

	

	

	

	

	

</ul>

</div>

<p>Photo by <a href="https://unsplash.com/@kolossaphoto?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText">Tamas Kolossa</a> on <a href="https://unsplash.com/s/photos/spiderweb?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText">Unsplash</a></p>

current (as of today, 21-dec-2021): https://github.com/thedevslot/WhatATheme

some slight rendering problems on mobile

option 1: https://iwiedenm.github.io/jekyll-theme-massively/

option 2: https://github.com/andrewbanchich/dimension-jekyll-theme

but no ‘easy’ option for blog posts

but.. could i combine 1 and 2?

also:

https://ndrewtl.github.io/airspace-jekyll/

and… finally settled on Massively

• nice background image, good looking blog posts, easy navigation

Photo by me.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

<p>current (as of today, 21-dec-2021): <a href="[github.com/thedevslo...](https://github.com/thedevslot/WhatATheme">https://github.com/thedevslot/WhatATheme</a></p>) <blockquote> <p>some slight rendering problems on mobile</p> </blockquote>

<p>option 1: <a href="iwiedenm.github.io/jekyll-th…

<p>option 2: <a href="github.com/andrewban… <blockquote> <p>but no ‘easy’ option for blog posts</p> </blockquote>

<p>but.. could i combine 1 and 2?</p>

<p>also:</p>

<p><a href="ndrewtl.github.io/airspace-…

<p>and… finally settled on <a href="iwiedenm.github.io/jekyll-th…

<ul> <li>nice background image, good looking blog posts, easy navigation</li> </ul>

<blockquote> <p>Photo by me. <br /><a rel="license" href="creativecommons.org/licenses/… alt="Creative Commons License" style="border-width:0" src="i.creativecommons.org/l/by-sa/4… /></a><br />This work is licensed under a <a rel="license" href="creativecommons.org/licenses/… Commons Attribution-ShareAlike 4.0 International License</a>.</p> </blockquote>

more testing

Photo by me.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

<p>more testing</p>

<blockquote> <p>Photo by me. <br /><a rel="license" href="creativecommons.org/licenses/… alt="Creative Commons License" style="border-width:0" src="i.creativecommons.org/l/by-sa/4… /></a><br />This work is licensed under a <a rel="license" href="creativecommons.org/licenses/… Commons Attribution-ShareAlike 4.0 International License</a>.</p> </blockquote>

hello world.

Photo by me.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

<p>hello world.</p>

<blockquote> <p>Photo by me. <br /><a rel="license" href="creativecommons.org/licenses/… alt="Creative Commons License" style="border-width:0" src="i.creativecommons.org/l/by-sa/4… /></a><br />This work is licensed under a <a rel="license" href="creativecommons.org/licenses/… Commons Attribution-ShareAlike 4.0 International License</a>.</p> </blockquote>

Companies and organizations, whether in the public or in the private sector, are re-establishing their business in the era of information and data revolution. Labelled Industry 4.0, businesses are taking advantage of digital technologies like cloud, mobile, and IoT to digitally transform their operations. Even “traditional banks” seek to drive more revenue from digital products, personalized services and experiences. At the same time, financial services organizations need to adapt to a shifting global environment. The COVID-19 pandemic has urged all enterprises to alter their business and security models to support work-from-home practices.

Increased contactless and mobile payments introduce bigger risks

According to the 2020 Thales Data Threat Report-Global Edition, 30% of the respondents in the financial services sector are either aggressively disrupting their market or are embedding digital capabilities that enable greater enterprise agility. However, this percentage is expected to rise even further in 2020 considering the changes the COVID-19 pandemic has brought, with contactless and mobile payments representing the majority of in-store transactions.

Bring-your-own-device (BYOD) and other mobile risks have skyrocketed since coronavirus drove a considerable percentage of the workforce to a home base. According to the latest Verizon Payment Security 2020 Report, remote working has increased an organizations’ attack surface, and consequently has driven 70% of of these businesses to increase cybersecurity spending.

The coronavirus pandemic has impacted consumer behavior as well by driving customers to use contactless methods of payment with mobile devices. Although card-present payments are still prevalent in North America, contactless payments are forecasted to increase eightfold between 2020 and 2024. Mobile payment providers must continuously analyze their strategy to secure mobile payments to prevent fraud inherent in their method of purchasing goods.

Vulnerabilities on operating systems (OS) and apps allow attackers to infiltrate their exploits to hijack legitimate payment applications and exfiltrate information by tricking users into granting permissions. According to the RSA Quarterly Fraud Report Q4 2019, 72% of fraud transactions originated in the mobile channel, and specifically, 59% of fraud transactions were attributed to mobile browsers.

Weak security practices lead to data breaches

The financial services industry is a digitally determined one, seeking to harness the volume of big data generated by customer transactions in order to provide banking products tailored to the needs of clients. At the same time, the industry has increased regulatory compliance, with PCI DSS and the EU Directive on Payment Services (PSD2) dictating strong security controls for safeguarding transactions and financial data.

Despite the solid regulatory environment, digitalized industries have a greater threat exposure. That is also true for financial services organizations, where 54% of the 2020 Thales Data Threat Report-Global Edition respondents said that they had experienced a data breach or failed a compliance audit during 2019. Failed compliance audits are an indication of potential vulnerabilities waiting to be exploited by malicious actors.

The challenge for the financial services industry to meet regulatory compliance and safeguard their data increases as they store more of their data in cloud environments. According to the survey, almost all (99%) of financial services organizations store data in the cloud. More importantly, more than half (51%) of data in the cloud is sensitive.

To meet regulatory security requirements, financial services firms are spending more money on data security, increasing their expenditure as a percentage of their total budget. Financial institutions require tools to help them manage greater amounts of complexity, including those capable of spanning legacy on-premise needs as well as modern, cloud-based, edge technology-oriented technologies with solutions like encryption and tokenization. As edge computing and edge-based AI grows, this complexity will only increase.

However, the report also found that financial services organizations are not concerned enough about the issues creating the most risk. Encryption and tokenization rates remain low. Only 57% of sensitive data is protected by encryption and less than half (49%) is secured with tokenization.

The same trends are witnessed worldwide

The findings in the financial services industry reflect the trends at a global level. Digital transformation initiatives are well underway, with 43% of the survey respondents either aggressively disrupting their market or embedding digital capabilities that enable greater enterprise agility.

The level of digitalization does not reflect the level of corporate security maturity. While more digital savvy organizations have an increased attack surface, less sophisticated organizations also expose themselves to data threats and might have been breached without even knowing about it. Consequently, approximately half (49%) of all surveyed organizations have suffered from a data breach at some point and roughly a quarter (26%) have been breached in the past 12 months.

Organizations across the world are adopting a wide range of technologies, including cloud, mobile, social, big data and IoT. In addition, nearly all (98%) of organizations worldwide have some form of data stored in off-premises platforms. Data stored in the cloud is nearing an inflection point with respondents indicating that an estimated 50% of their corporate data is stored in the cloud, and 48% of that data is considered sensitive.

Smart data protection to address all risks

Data security solutions are critical to remain vigilant against the new data risk reality. This point is especially relevant as the current work from home migration has forced employees to access and modify greater amounts of corporate data off-premises, sometimes on BYO devices. Even if an organization loses visibility as to where data resides, data security technologies such as encryption are required to protect corporate data in a location-agnostic manner.

The coming year will bring new and increasingly complex challenges when it comes to data protection for organizations around the globe. Businesses will need smarter, better ways to approach data security. Encrypt everything, embrace a zero-trust model, and implement a strong multi-cloud key management strategy and you’ll be off to a good start.

Download the 2020 Thales Data Threat Report-Global Edition for more key findings.

Photo by Scott Graham on Unsplash

<p>Companies and organizations, whether in the public or in the private sector, are re-establishing their business in the era of information and data revolution. Labelled Industry 4.0, businesses are taking advantage of digital technologies like cloud, mobile, and IoT to digitally transform their operations. Even “traditional banks” seek to drive more revenue from digital products, personalized services and experiences. At the same time, financial services organizations need to adapt to a shifting global environment. The COVID-19 pandemic has urged all enterprises to alter their business and security models to support work-from-home practices.</p>

<h2 id="increased-contactless-and-mobile-payments-introduce-bigger-risks">Increased contactless and mobile payments introduce bigger risks</h2>

<p>According to the <a href="cpl.thalesgroup.com/data-thre… Thales Data Threat Report-Global Edition</a>, 30% of the respondents in the financial services sector are either aggressively disrupting their market or are embedding digital capabilities that enable greater enterprise agility. However, this percentage is expected to rise even further in 2020 considering the changes the COVID-19 pandemic has brought, with contactless and mobile payments representing the majority of in-store transactions.</p>

<p>Bring-your-own-device (BYOD) and other mobile risks have skyrocketed since coronavirus drove a considerable percentage of the workforce to a home base. According to the latest <a href="enterprise.verizon.com/en-gb/res… Payment Security 2020 Report</a>, remote working has increased an organizations’ attack surface, and consequently has driven 70% of of these businesses to increase cybersecurity spending.</p>

<p>The coronavirus pandemic has impacted consumer behavior as well by driving customers to use contactless methods of payment with mobile devices. Although card-present payments are still prevalent in North America, contactless payments are forecasted to increase eightfold between 2020 and 2024. Mobile payment providers must continuously analyze their strategy to secure mobile payments to prevent fraud inherent in their method of purchasing goods.</p>

<p>Vulnerabilities on operating systems (OS) and apps allow attackers to infiltrate their exploits to hijack legitimate payment applications and exfiltrate information by tricking users into granting permissions. According to the <a href="www.rsa.com/en-us/off… Quarterly Fraud Report</a> Q4 2019, 72% of fraud transactions originated in the mobile channel, and specifically, 59% of fraud transactions were attributed to mobile browsers.</p>

<h2 id="weak-security-practices-lead-to-data-breaches">Weak security practices lead to data breaches</h2>

<p>The financial services industry is a digitally determined one, seeking to harness the volume of big data generated by customer transactions in order to provide banking products tailored to the needs of clients. At the same time, the industry has increased regulatory compliance, with PCI DSS and the EU Directive on Payment Services (PSD2) dictating strong security controls for safeguarding transactions and financial data.</p>

<p>Despite the solid regulatory environment, digitalized industries have a greater threat exposure. That is also true for financial services organizations, where 54% of the <a href="cpl.thalesgroup.com/data-thre… Thales Data Threat Report-Global Edition</a> respondents said that they had experienced a data breach or failed a compliance audit during 2019. Failed compliance audits are an indication of potential vulnerabilities waiting to be exploited by malicious actors.</p>

<p>The challenge for the financial services industry to meet regulatory compliance and safeguard their data increases as they store more of their data in cloud environments. According to the survey, almost all (99%) of financial services organizations store data in the cloud. More importantly, more than half (51%) of data in the cloud is sensitive.</p>

<p>To meet regulatory security requirements, financial services firms are spending more money on data security, increasing their expenditure as a percentage of their total budget. Financial institutions require tools to help them manage greater amounts of complexity, including those capable of spanning legacy on-premise needs as well as modern, cloud-based, edge technology-oriented technologies with solutions like encryption and tokenization. As edge computing and edge-based AI grows, this complexity will only increase.</p>

<p>However, the report also found that financial services organizations are not concerned enough about the issues creating the most risk. Encryption and tokenization rates remain low. Only 57% of sensitive data is protected by encryption and less than half (49%) is secured with tokenization.</p>

<h2 id="the-same-trends-are-witnessed-worldwide">The same trends are witnessed worldwide</h2>

<p>The findings in the financial services industry reflect the trends at a <a href="cpl.thalesgroup.com/data-thre… level</a>. Digital transformation initiatives are well underway, with 43% of the survey respondents either aggressively disrupting their market or embedding digital capabilities that enable greater enterprise agility.</p>

<p>The level of digitalization does not reflect the level of corporate security maturity. While more digital savvy organizations have an increased attack surface, less sophisticated organizations also expose themselves to data threats and might have been breached without even knowing about it. Consequently, approximately half (49%) of all surveyed organizations have suffered from a data breach at some point and roughly a quarter (26%) have been breached in the past 12 months.</p>

<p>Organizations across the world are adopting a wide range of technologies, including cloud, mobile, social, big data and IoT. In addition, nearly all (98%) of organizations worldwide have some form of data stored in off-premises platforms. Data stored in the cloud is nearing an inflection point with respondents indicating that an estimated 50% of their corporate data is stored in the cloud, and 48% of that data is considered sensitive.</p>

<h2 id="smart-data-protection-to-address-all-risks">Smart data protection to address all risks</h2> <p>Data security solutions are critical to remain vigilant against the new data risk reality. This point is especially relevant as the current work from home migration has forced employees to access and modify greater amounts of corporate data off-premises, sometimes on BYO devices. Even if an organization loses visibility as to where data resides, data security technologies such as encryption are required to protect corporate data in a location-agnostic manner.</p>

<p>The coming year will bring new and increasingly complex challenges when it comes to data protection for organizations around the globe. Businesses will need smarter, better ways to approach data security. Encrypt everything, embrace a zero-trust model, and implement a strong multi-cloud key management strategy and you’ll be off to a good start.</p>

<p>Download the <a href="cpl.thalesgroup.com/data-thre… Thales Data Threat Report-Global Edition</a> for more key findings.</p>

<blockquote> <p>Photo by <a href="unsplash.com/@homajob Graham</a> on <a href="unsplash.com/s/photos/… </blockquote>

For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. How things have changed. In just the past few years (and hundreds of high-profile breaches and £Trillions of economic damage later), cyber threats became impossible for the boardroom to ignore.

Beyond simple economics, the crippling effects of a breach on a business are increasingly broad – from information loss and operational implications, through to media pressure, reputational damage and action from customers or regulators. And so, as the nature of business changed and boards were forced to become increasingly accountable, the idea that issues like encryption are “too technical” for the boardroom transitioned from being an acceptable excuse to a legitimate liability.

In recent years, we’ve seen a sharp rise in reporting and analysis of data breaches – arguably both a stimulant and a symptom of cyber-security taking its place on the board agenda. And while the rise in reporting is positive, it highlights the chasm between recognition of the problem and application of sufficient solutions. Are we getting closer to addressing the problem? If not, what’s holding us back?

The digital transformation conundrum

We are watching the Fourth Industrial Revolution unfold: a sweeping, global shift that will mean “going digital” is no longer optional. Businesses will be technology-enabled, connected and mobile, like never before. It’s no wonder we are in the midst of a mass digital transformation migration, which IDC predicts will account for $1.25trillion in spend this year.

This is a significant change. But with it has come an important, untold story about the evolving cybersecurity imperative for the C-suite. The 2019 Thales Data Threat Report-Global Edition revealed that as digital transformations are taking place, sensitive data is often at risk. While 97% of IT experts indicated they are going through some type of digital transformation, only 30% have adopted an encryption strategy.

Sensitive customer, financial, and other proprietary data is the most important asset a business can protect. Yet, an integral part of many companies’ digital transformation journey consists of migrating data away from ‘locked vaults’ in the organisation’s data centre, out to the cloud and edge technologies like mobile devices. No longer can the organisation simply set up a secure perimeter and feel good about its stance.

Enter encryption

Clearly, it’s hard to imagine businesses still viewing encryption as too expensive, complex or of questionable value. In fact, major brands are increasingly calling out encryption as core to their cyber resilience efforts – or, unfortunately for some, admitting they should have invested in encryption before a major breach hurt their business. But what does an effective strategy for encryption entail?

It begins with understanding. Before implementing controls, organisations should take a risk management approach – assessing the risks posed against them, rather than just blindly encrypting data. Once a business establishes what it is facing, then processes can be implemented which take the most sensitive data, or data at greatest risk of loss or theft, into account and kept secure.

Next, it’s about keeping the organisation secure by design. For far too long security has been seen as the last function to implement – an optional extra. The new normal will see organisations building with resilience and threat mitigation in mind, from day one. If you’re developing a new application, has security been factored into the planning? If your business is growing, what do you have in place to ensure data is encrypted and protected as you take on new staff and new systems? If your business is undertaking any kind of digital transformation, have you thought about the sensitive data at risk?

Lastly, it’s key that the board does essentially become a bottleneck. The best strategies for encryption and cyber resilience are built on well-designed processes and streamlined sign-offs that empower lines of business and make clear that data security is important to the business – all rooted in a well-defined understanding of the leadership’s stance on encryption. That is why the role of the board is now so critical to an organisation’s cybersecurity.

Encryption is a board’s best friend

The rise of reporting on breaches, and the always-evolving nature of cyber threats, can often paint a gloomy picture for businesses.

It’s true that leadership can no longer ignore cybersecurity and encryption. After all, outsider threats are now constantly working to find new ways of penetrating systems; the least organisations can do is make life more difficult for them. For the board, though, encryption also presents an opportunity to safeguard the livelihood of the business.

Of course, there is some work for them to do – above all in taking the issue seriously, establishing a culture of cyber-resilience throughout the organisation and sufficiently getting to grips with the topic in order to sign off on a strategy. But the upside here is significant: doing so will ensure the business builds on a solid foundation, protects itself from unnecessary threats and improves its chances of sustainable growth.

Photo by Silas Köhler on Unsplash

<p>For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. How things have changed. In just the past few years (and hundreds of high-profile breaches and £Trillions of economic damage later), cyber threats became impossible for the boardroom to ignore.</p>

<p>Beyond simple economics, the crippling effects of a breach on a business are increasingly broad – from information loss and operational implications, through to media pressure, reputational damage and action from customers or regulators. And so, as the nature of business changed and boards were forced to become increasingly accountable, the idea that issues like encryption are “too technical” for the boardroom transitioned from being an acceptable excuse to a legitimate liability.</p>

<p>In recent years, we’ve seen a sharp rise in reporting and analysis of data breaches – arguably both a stimulant and a symptom of cyber-security taking its place on the board agenda. And while the rise in reporting is positive, it highlights the chasm between recognition of the problem and application of sufficient solutions. Are we getting closer to addressing the problem? If not, what’s holding us back?</p>

<h2 id="the-digital-transformation-conundrum">The digital transformation conundrum</h2>

<p>We are watching the Fourth Industrial Revolution unfold: a sweeping, global shift that will mean “going digital” is no longer optional. Businesses will be technology-enabled, connected and mobile, like never before. It’s no wonder we are in the midst of a mass digital transformation migration, which IDC predicts will account for $1.25trillion in spend this year.</p>

<p>This is a significant change. But with it has come an important, untold story about the evolving cybersecurity imperative for the C-suite. The 2019 Thales Data Threat Report-Global Edition revealed that as digital transformations are taking place, sensitive data is often at risk. While 97% of IT experts indicated they are going through some type of digital transformation, only 30% have adopted an encryption strategy.</p>

<p>Sensitive customer, financial, and other proprietary data is the most important asset a business can protect. Yet, an integral part of many companies’ digital transformation journey consists of migrating data away from ‘locked vaults’ in the organisation’s data centre, out to the cloud and edge technologies like mobile devices. No longer can the organisation simply set up a secure perimeter and feel good about its stance.</p>

<h2 id="enter-encryption">Enter encryption</h2>

<p>Clearly, it’s hard to imagine businesses still viewing encryption as too expensive, complex or of questionable value. In fact, major brands are increasingly calling out encryption as core to their cyber resilience efforts – or, unfortunately for some, admitting they should have invested in encryption before a major breach hurt their business. But what does an effective strategy for encryption entail?</p>

<p>It begins with understanding. Before implementing controls, organisations should take a risk management approach – assessing the risks posed against them, rather than just blindly encrypting data. Once a business establishes what it is facing, then processes can be implemented which take the most sensitive data, or data at greatest risk of loss or theft, into account and kept secure.</p>

<p>Next, it’s about keeping the organisation secure by design. For far too long security has been seen as the last function to implement – an optional extra. The new normal will see organisations building with resilience and threat mitigation in mind, from day one. If you’re developing a new application, has security been factored into the planning? If your business is growing, what do you have in place to ensure data is encrypted and protected as you take on new staff and new systems? If your business is undertaking any kind of digital transformation, have you thought about the sensitive data at risk?</p>

<p>Lastly, it’s key that the board does essentially become a bottleneck. The best strategies for encryption and cyber resilience are built on well-designed processes and streamlined sign-offs that empower lines of business and make clear that data security is important to the business – all rooted in a well-defined understanding of the leadership’s stance on encryption. That is why the role of the board is now so critical to an organisation’s cybersecurity.</p>

<h2 id="encryption-is-a-boards-best-friend">Encryption is a board’s best friend</h2>

<p>The rise of reporting on breaches, and the always-evolving nature of cyber threats, can often paint a gloomy picture for businesses.</p>

<p>It’s true that leadership can no longer ignore cybersecurity and encryption. After all, outsider threats are now constantly working to find new ways of penetrating systems; the least organisations can do is make life more difficult for them. For the board, though, encryption also presents an opportunity to safeguard the livelihood of the business.</p>

<p>Of course, there is some work for them to do – above all in taking the issue seriously, establishing a culture of cyber-resilience throughout the organisation and sufficiently getting to grips with the topic in order to sign off on a strategy. But the upside here is significant: doing so will ensure the business builds on a solid foundation, protects itself from unnecessary threats and improves its chances of sustainable growth.</p>

<blockquote> <p>Photo by <a href="unsplash.com/@silas_cr… Köhler</a> on <a href="unsplash.com </blockquote>

Race information

• What? Brighton Marathon
• When? April 15, 2018
• How far? 26.2 miles
• Where? Brighton, UK
• Website: https://www.brightonmarathonweekend.co.uk/events/brighton-marathon
• Strava activity: https://www.strava.com/activities/1510472582

Goals

Splits

Training

I’ve run on and off for a few years, but only really started taking it seriously in 2016 when a friend challenged me to run a half-marathon that year. It seemed impossible, but the threat of defeat is a great motivator, and we both completed the Richmond Half, in October, in about 2 hours. The next challenge was Brighton marathon 2017, 6 months later, which unfortunately, I couldn’t commit to, due to study commitments (MSc Information Security at Royal Holloway!! Thankfully I passed). The pressure was therefore on for 2018.

Despite a fair amount of training, including 3 half-marathons in 2017, a marathon still seemed quite overwhelming. It took a lot of will power to click the submit button on the sign-up page!

Immediately after signing up, training procrastination kicked in, along with Christmas indulgence, New Year’s parties, and a Sales Kick-Off (i.e., a week of drinking) in January, and a serious dive in fitness…

I got back on track and training fully started mid-January, giving me 13 weeks until race day

The plan was to run on Monday and Wednesday with the club, do a HIIT workout on Friday, and a long run on Sunday, increasing the miles each week. This mostly went to plan, but I did miss a few weeks due to business travel, injuries (Potholes + dark streets = twisted ankle), and being sick! I was lucky enough to do some training runs out of the country – Budapest and Johannesburg. The Jobug runs were tough - 1,753 metres (5,751 ft) elevation and over 20°C (68°F) temperature is quite tough when you’re used to almost sea-level and sub 10°C (50°F) back home in Haddenham.

January/February running is quite tough too. Early sunset meant most of my Sunday afternoon was dedicated to running (I’ll switch to long runs in the morning for future training). We also had some significant rain, so quite a few off-road runs involved wading through overflowing streams! I eventually switched to the Phoenix Trail, just to maintain consistency (no stiles to climb over), and stay dry!

I peaked at 36kms at race minus 4 weeks. This run, and the one preceding it were really tough, especially the last 6km of each. Speaking to Andrew, it was clear that I hadn’t been fuelling correctly, and adjusted my in-run nutrition plan to suit – i.e., gels every 30 minutes from the start. All following runs were great

I also stopped drinking alcohol for the 30 days leading up to the Marathon! No sure how much this helped, so I might suggest a bit of moderation instead – a few beers over the weekend isn’t really going to hurt!

Race

I’d intended to stick with the 4 hour pacer till the end, with a final push at the end to come in as far under 4 hours as possible. Unfortunately, after only about 2 miles, the pacer lost his balloon, and I lost track of him leaving me to my own devices. Luckily (i.e., slightly obsessive), I’d written my own pace cards for every 5km, so was able to track progress. Managed to team up with a few other runners along the way and we stuck together until close to the end, keeping each other motivated, and on-pace.

The crowds were amazing, and it was a great course. With much encouragement before turning left at the seafront, when the crowds did thin on the way out of town, picking up again, briefly, at Ovingdean before we turned back on ourselves, heading back towards the massive crowds at the pier. The halfway mark came soon after the pier, which was both a feeling of relief, and despair! I was also on the lookout for my wife, who I couldn’t find in the crowds, much to her disappointment.

I think that the adrenaline took over from this point, just getting one foot in front of another, keeping fuelled and watered, and pushing ahead.

I did manage to spot my wife on the way back towards the seafront after the loop around Hove! I think she was quite relieved to see me in one piece, and smiling.

After heading west out of town, we turned back on ourselves after the Shoreham Power Station for the final 6 miles to the finish along the seafront.

At about a mile from the finish I dug deep and gave one final push to the end (after one more quick wave to my wife again!) at as fast a pace as I could manage, coming it at 3h 54m 58s!

Post-Race and after-thoughts

I felt quite good post-race, but did get cold quite quickly, luckily there were foil blankets being handed out. Managed to find my wife and walked back to our hotel for a shower and lunch before heading home. Climbing steps were definitely a challenge, and the next day my left ankle was quite swollen and bruised. Luckily that cleared after a few days and by the end of the week I was feeling fine. I did decide to take another week off to let my ankle fully heal

I learnt a lot during my training too – good nutrition is important (pre, during and post run), the human body is amazingly capable, long runs are long and take a lot of time out of weekend, and cheap headphones are cheap for a reason!

Long runs did also mean a chance to discover some amazing off-road running, and a great appreciation for the countryside right out my front door.

I set out to achieve a sub-four hour time, and trained to meet this goal, but without wanting to sound over-confidant, I do think I could have done a bit better! But for a first time, I’m extremely happy. There’s always next time

This post was generated using the new race reportr, a tool built by /u/BBQLays for making organized, easy-to-read, and beautiful race reports.

Photo by me.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

<p><span class="image left"><img src="/assets/images/brighton_marathon.jpg" alt="" width="200" /></span></p>

<p><br /></p>

<h3 id="race-information">Race information</h3> <ul> <li>What? Brighton Marathon</li> <li>When? April 15, 2018</li> <li>How far? 26.2 miles</li> <li>Where? Brighton, UK</li> <li>Website: <a href="www.brightonmarathonweekend.co.uk/events/br… <li>Strava activity: <a href="www.strava.com/activitie… </ul>

<p><br /> <br /></p>

<h3 id="goals">Goals</h3>

<table> <thead> <tr> <th style="text-align: center">Goal</th> <th style="text-align: center">Description</th> <th style="text-align: center">Completed?</th> </tr> </thead> <tbody> <tr> <td style="text-align: center">A</td> <td style="text-align: center">Finish!</td> <td style="text-align: center">Yes</td> </tr> <tr> <td style="text-align: center">B</td> <td style="text-align: center">Finish under 4 hours</td> <td style="text-align: center">Yes</td> </tr> <tr> <td style="text-align: center">C</td> <td style="text-align: center">Raise £1,200 for <a href="www.justgiving.com/fundraisi… Cancer Research</a></td> <td style="text-align: center">Yes</td> </tr> </tbody> </table>

<h3 id="splits">Splits</h3>

<table> <thead> <tr> <th style="text-align: center">Distance</th> <th style="text-align: center">Time</th> </tr> </thead> <tbody> <tr> <td style="text-align: center">1 Mile</td> <td style="text-align: center">8:51</td> </tr> <tr> <td style="text-align: center">5K</td> <td style="text-align: center">27:06</td> </tr> <tr> <td style="text-align: center">10K</td> <td style="text-align: center">54:30</td> </tr> <tr> <td style="text-align: center">15K</td> <td style="text-align: center">01:21:57</td> </tr> <tr> <td style="text-align: center">20K</td> <td style="text-align: center">01:55:19</td> </tr> <tr> <td style="text-align: center">25K</td> <td style="text-align: center">02:17:09</td> </tr> <tr> <td style="text-align: center">30K</td> <td style="text-align: center">02:45:08</td> </tr> <tr> <td style="text-align: center">35K</td> <td style="text-align: center">03:13:38</td> </tr> <tr> <td style="text-align: center">40K</td> <td style="text-align: center">03:43:07</td> </tr> <tr> <td style="text-align: center">Finish</td> <td style="text-align: center">03:54:58</td> </tr> </tbody> </table>

<h3 id="training">Training</h3>

<p>I’ve run on and off for a few years, but only really started taking it seriously in 2016 when a friend challenged me to run a half-marathon that year. It seemed impossible, but the threat of defeat is a great motivator, and we both completed the Richmond Half, in October, in about 2 hours. The next challenge was Brighton marathon 2017, 6 months later, which unfortunately, I couldn’t commit to, due to study commitments (MSc Information Security at Royal Holloway!! Thankfully I passed). The pressure was therefore on for 2018.</p>

<p>Despite a fair amount of training, including 3 half-marathons in 2017, a marathon still seemed quite overwhelming. It took a lot of will power to click the submit button on the sign-up page!</p>

<p>Immediately after signing up, training procrastination kicked in, along with Christmas indulgence, New Year’s parties, and a Sales Kick-Off (i.e., a week of drinking) in January, and a serious dive in fitness…</p>

<p>I got back on track and training fully started mid-January, giving me 13 weeks until race day</p>

<p>The plan was to run on Monday and Wednesday with the club, do a HIIT workout on Friday, and a long run on Sunday, increasing the miles each week. This mostly went to plan, but I did miss a few weeks due to business travel, injuries (Potholes + dark streets = twisted ankle), and being sick! I was lucky enough to do some training runs out of the country – Budapest and Johannesburg. The Jobug runs were tough - 1,753 metres (5,751 ft) elevation and over 20°C (68°F) temperature is quite tough when you’re used to almost sea-level and sub 10°C (50°F) back home in Haddenham.</p>

<p>January/February running is quite tough too. Early sunset meant most of my Sunday afternoon was dedicated to running (I’ll switch to long runs in the morning for future training). We also had some significant rain, so quite a few off-road runs involved wading through overflowing streams! I eventually switched to the Phoenix Trail, just to maintain consistency (no stiles to climb over), and stay dry!</p>

<p>I peaked at 36kms at race minus 4 weeks. This run, and the one preceding it were really tough, especially the last 6km of each. Speaking to Andrew, it was clear that I hadn’t been fuelling correctly, and adjusted my in-run nutrition plan to suit – i.e., gels every 30 minutes from the start. All following runs were great</p>

<p>I also stopped drinking alcohol for the 30 days leading up to the Marathon! No sure how much this helped, so I might suggest a bit of moderation instead – a few beers over the weekend isn’t really going to hurt!</p>

<h3 id="race">Race</h3> <p>I’d intended to stick with the 4 hour pacer till the end, with a final push at the end to come in as far under 4 hours as possible. Unfortunately, after only about 2 miles, the pacer lost his balloon, and I lost track of him leaving me to my own devices. Luckily (i.e., slightly obsessive), I’d written my own pace cards for every 5km, so was able to track progress. Managed to team up with a few other runners along the way and we stuck together until close to the end, keeping each other motivated, and on-pace.</p>

<p>The crowds were amazing, and it was a great course. With much encouragement before turning left at the seafront, when the crowds did thin on the way out of town, picking up again, briefly, at Ovingdean before we turned back on ourselves, heading back towards the massive crowds at the pier. The halfway mark came soon after the pier, which was both a feeling of relief, and despair! I was also on the lookout for my wife, who I couldn’t find in the crowds, much to her disappointment.</p>

<p>I think that the adrenaline took over from this point, just getting one foot in front of another, keeping fuelled and watered, and pushing ahead.</p>

<p>I did manage to spot my wife on the way back towards the seafront after the loop around Hove! I think she was quite relieved to see me in one piece, and smiling.</p>

<p>After heading west out of town, we turned back on ourselves after the Shoreham Power Station for the final 6 miles to the finish along the seafront.</p>

<p>At about a mile from the finish I dug deep and gave one final push to the end (after one more quick wave to my wife again!) at as fast a pace as I could manage, coming it at 3h 54m 58s!</p>

<h3 id="post-race-and-after-thoughts">Post-Race and after-thoughts</h3> <p>I felt quite good post-race, but did get cold quite quickly, luckily there were foil blankets being handed out. Managed to find my wife and walked back to our hotel for a shower and lunch before heading home. Climbing steps were definitely a challenge, and the next day my left ankle was quite swollen and bruised. Luckily that cleared after a few days and by the end of the week I was feeling fine. I did decide to take another week off to let my ankle fully heal</p>

<p>I learnt a lot during my training too – good nutrition is important (pre, during and post run), the human body is amazingly capable, long runs are long and take a lot of time out of weekend, and cheap headphones are cheap for a reason!</p>

<p>Long runs did also mean a chance to discover some amazing off-road running, and a great appreciation for the countryside right out my front door.</p>

<p>I set out to achieve a sub-four hour time, and trained to meet this goal, but without wanting to sound over-confidant, I do think I could have done a bit better! But for a first time, I’m extremely happy. There’s always next time</p>

<p>This post was generated using <a href="martellaj.github.io/race-repo… new race reportr</a>, a tool built by <a href="www.reddit.com/u/bbqlays… for making organized, easy-to-read, and beautiful race reports.</p>

<blockquote> <p>Photo by me. <br /><a rel="license" href="creativecommons.org/licenses/… alt="Creative Commons License" style="border-width:0" src="i.creativecommons.org/l/by-sa/4… /></a><br />This work is licensed under a <a rel="license" href="creativecommons.org/licenses/… Commons Attribution-ShareAlike 4.0 International License</a>.</p> </blockquote>

Super cold run yesterday. Maybe it helped though… I’m sure that wearing my prostatecanceruk shirt helped too

Photo by me.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

<p>Super cold run yesterday. Maybe it helped though… I’m sure that wearing my prostatecanceruk shirt helped too</p>

<blockquote> <p>Photo by me. <br /><a rel="license" href="creativecommons.org/licenses/… alt="Creative Commons License" style="border-width:0" src="i.creativecommons.org/l/by-sa/4… /></a><br />This work is licensed under a <a rel="license" href="creativecommons.org/licenses/… Commons Attribution-ShareAlike 4.0 International License</a>.</p> </blockquote>

Although it is reported that “very limited” credit and debit card information was accessed in the Wetherspoons breach, it is of no less significant concern that personal details including names and email addresses may have been stolen. In fact, theft of card details is relatively easy to ‘deal with’ – they can be blocked and replaced. It’s the other – seemingly innocuous – information that can pose a bigger problem.

Details such as your mother’s maiden name, your date of birth, and where you live can be pieced together relatively easily by would-be criminals and used as bait for targeting phishing attacks and identity theft to access more sensitive information. Armed with this information, hackers can continue to commit behavioural attacks well beyond the initial breach.

In today’s data-flooded world, security is increasingly becoming a big data problem – accessing personal details is just one more step in building a large database to mine information. Businesses need to change the way they think about data protection, extending their encryption policies to cover all personally identifiable information, so it is ‘detoxified’ should it fall into the wrong hands. Without this, there’s a real danger that attackers will know much more about you than your favourite beer..

Image: Keys, Beer Flights; Lauren Topor; CC-BY-2.0

<p>Although it is reported that “very limited” credit and debit card information was accessed in the Wetherspoons breach, it is of no less significant concern that personal details including names and email addresses may have been stolen. In fact, theft of card details is relatively easy to ‘deal with’ – they can be blocked and replaced. It’s the other – seemingly innocuous – information that can pose a bigger problem.</p>

<p>Details such as your mother’s maiden name, your date of birth, and where you live can be pieced together relatively easily by would-be criminals and used as bait for targeting phishing attacks and identity theft to access more sensitive information. Armed with this information, hackers can continue to commit behavioural attacks well beyond the initial breach.</p>

<p>In today’s data-flooded world, security is increasingly becoming a big data problem – accessing personal details is just one more step in building a large database to mine information. Businesses need to change the way they think about data protection, extending their encryption policies to cover all personally identifiable information, so it is ‘detoxified’ should it fall into the wrong hands. Without this, there’s a real danger that attackers will know much more about you than your favourite beer..</p>

<blockquote> <p>Image: Keys, <a href="flic.kr/p/zdbgxo&… Flights</a>; Lauren Topor; CC-BY-2.0</p> </blockquote>

<p>We learned a few weeks ago that master keys for every elevator in New York, from skyscrapers to subways to construction sites, had been <a href="[nypost.com/2015/09/2...](http://nypost.com/2015/09/20/the-8-key-that-can-open-new-york-city-to-terrorists/">copied) and leaked, and are now being freely sold online</a>. Let’s hope the image used in that article isn’t of the actual key, else we’ll have an even bigger problem on our hands - thanks to a news piece on baggage handling from last year, replica TSA keys (that open every modern suitcase) have <a href="[arstechnica.com/security/...](http://arstechnica.com/security/2015/09/video-3d-printed-tsa-travel-sentry-keys-really-do-open-tsa-locks/">now) been 3D printed</a> using leaked photographs of the keys.</p>

<p>Both these types of physical key are in place for our safety and protection, but the entire system hinges on our trust that only authorised personnel have access to them. In the physical world, ensuring this level of security involves a great deal of process – who can unlock the safe to obtain the key? Who else must be present for them to do so?  When are they authorised to do so? How can you keep track of when the key has been put back? And ensure that it hasn’t been altered or copied?</p>

<p>The same system of trust applies when considering digital encryption keys. Much like a skilled locksmith can replicate a key based on an image, a skilled attacker can replicate a cryptographic key if they are able to gain access to your server. Once they have this, they can do everything with this key that you can – encrypt data, decrypt data, and sign documents that to all the world, will appear legitimate, as though you had authorised them.</p>

<p>Encryption effectively ‘neutralises’ data, rendering it useless to hackers. However, time and time again, weak key management is revealed as encryption’s greatest vulnerability. In addition to performing secure cryptographic processing, Hardware Security Modules (HSMs) are specifically designed to protect and manage the keys – exactly the same processes that are used to protect critical physical keys. With HSMs, however, organisations are able to enforce policy on the use of the keys, rather than rely solely on people and processes.</p>

<p>Keys represent trust, and their secrecy and integrity determine whether that trust can be relied on – they are the anchor points for reputation, confidence and value. Of course, managing digital keys brings its own challenges, particularly in light of now well-established enterprise trends such as cloud computing and mobility, which require businesses to tread an ever finer line between trust and control with third party service providers. In our recent survey with the Ponemon Institute, the pain of key management emerges as one of the biggest barriers to the widespread adoption of encryption, with 56% of global business respondents rating the “pain” of key management as seven or more on a scale of one to ten. A feeling that there is ‘no clear ownership of the problem’ topped the chart of frustrations.</p>

<p>So, if you want your enterprise security to be “where dreams are made of”, it’s simple. Keep control of your keys, and keep control of your data.</p>

<blockquote> <p>(Image: Keys, <a href="flic.kr/p/9ticGr&… Bowfin</a>; Joseph Novak; CC-BY-2.0)</p> </blockquote>

We learned a few weeks ago that master keys for every elevator in New York, from skyscrapers to subways to construction sites, had been copied and leaked, and are now being freely sold online. Let’s hope the image used in that article isn’t of the actual key, else we’ll have an even bigger problem on our hands - thanks to a news piece on baggage handling from last year, replica TSA keys (that open every modern suitcase) have now been 3D printed using leaked photographs of the keys.

Both these types of physical key are in place for our safety and protection, but the entire system hinges on our trust that only authorised personnel have access to them. In the physical world, ensuring this level of security involves a great deal of process – who can unlock the safe to obtain the key? Who else must be present for them to do so? When are they authorised to do so? How can you keep track of when the key has been put back? And ensure that it hasn’t been altered or copied?

The same system of trust applies when considering digital encryption keys. Much like a skilled locksmith can replicate a key based on an image, a skilled attacker can replicate a cryptographic key if they are able to gain access to your server. Once they have this, they can do everything with this key that you can – encrypt data, decrypt data, and sign documents that to all the world, will appear legitimate, as though you had authorised them.

Encryption effectively ‘neutralises’ data, rendering it useless to hackers. However, time and time again, weak key management is revealed as encryption’s greatest vulnerability. In addition to performing secure cryptographic processing, Hardware Security Modules (HSMs) are specifically designed to protect and manage the keys – exactly the same processes that are used to protect critical physical keys. With HSMs, however, organisations are able to enforce policy on the use of the keys, rather than rely solely on people and processes.

Keys represent trust, and their secrecy and integrity determine whether that trust can be relied on – they are the anchor points for reputation, confidence and value. Of course, managing digital keys brings its own challenges, particularly in light of now well-established enterprise trends such as cloud computing and mobility, which require businesses to tread an ever finer line between trust and control with third party service providers. In our recent survey with the Ponemon Institute, the pain of key management emerges as one of the biggest barriers to the widespread adoption of encryption, with 56% of global business respondents rating the “pain” of key management as seven or more on a scale of one to ten. A feeling that there is ‘no clear ownership of the problem’ topped the chart of frustrations.

So, if you want your enterprise security to be “where dreams are made of”, it’s simple. Keep control of your keys, and keep control of your data.

(Image: Keys, USS Bowfin; Joseph Novak; CC-BY-2.0)