1. White Papers and Publications
  2. Media Articles and Features
  3. Recorded Media and Conferences
  4. Blog Articles

White Papers and Publications

2023

“SANS 2023 Threat Hunting Survey Results - Focusing on the Hunters and How Best to Support Them”

SANS Institute, with Mathias Fuchs

 

2022

“SANS 2022 Threat Hunting Survey Results - Hunting for a Standard Methodology for Threat Hunting Teams”

SANS Institute, with Mathias Fuchs

 

2021

“SANS 2021 Threat Hunting Survey Results - Threat Hunting in Uncertain Times”

SANS Institute, with Mathias Fuchs

 

2020

“SANS 2020 Threat Hunting Survey Results”

SANS Institute, with Mathias Fuchs

 

2019

“SANS 2019 Threat Hunting Survey Results - The Differing Needs of New and Experienced Hunters”

SANS Institute, with Mathias Fuchs


Media Articles and Features

2024

“Why it matters that Australia unmasked the Medibank hacker”

Australian Financial Review

 

“Cloud 2024: SaaS nightmares, API security boom and the impending cloud ‘identity crisis’”

SC Magazine

 

2023

“Allen & Overy says extent of cyberattack is still unclear”

Australian Financial Review

 

“Australian partners silent on Allen & Overy cyberattack”

Australian Financial Review

 

“Conti successor Akira stole 690GB of BHI Energy data”

SC Magazine

 

“Hackers target US Facebook biz accounts with potent malware cocktail”

SC Magazine

 

“Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework”

SecureWorld

 

“Six interview questions for agile tech leads”

InfoWorld

 

“Why cybersecurity is everyone’s obligation”

Dynamic Business

 

“Latitude says cyberattack ongoing, more customers may be affected”

Australian Financial Review

 

“6 Tips for Outsourcing to a SOC Provider”

IT Pro Today

 

“CBA hit by cyberattack in Indonesia”

Australian Financial Review

 

“Cyber experts worry as Medibank puts hack behind it”

Australian Financial Review

 

2022

“Is it worth taking out personal cyber insurance in case you are caught up in a data hack?”

The Guardian

 

“Cyberattack hits not-for-profit sector”

Probono Australia

 

“‘We know who you are’: AFP closes in on Russian hack criminals”

Australian Financial Review

 

“Hacked Australian Health Insurer Data Posted to Dark Web”

Bloomberg

 

“High stakes in threat to release Medibank data in 24 hours”

Australian Financial Review

 

“Next generation of cyber talent is vital”

Professional Security Magazine Online

 

“Optus data breach: everything we know so far about what happened”

The Guardian

 

“Unlocking cyber skills: This year’s essential back-to-school lesson plan”

FE News

 

“What Optus customers should do now to protect security after data breach”

The Australian

 

“Why cyber security should be top of the curriculum this new school year”

ITWeb

 

“Clue up in cyber security before you finish school”

Careers with STEM

 

“How schools can ease the cybersecurity talent shortage”

Technology Decisions

 

“World’s ‘most prolific’ hacking gang threatens Ukrainian allies”

Australian Financial Review

 

“Cybersecurity tech is expensive but it’s not the only route to protection”

Inside Small Business

 

2021

“It’s time to talk about scams”

Cyber Security Connect

 

“Cybersecurity training in the era of remote work”

Business Daily Media

 

“Dark web boom: How to safeguard your corporate data”

InTheBlack

 

“Cybercrime: how to protect your business, your patients and yourself”

Hospital Healthcare

 

“Australia urged to follow Biden’s lead on cyber attacks”

Australian Financial Review

 

“Facebook stolen data dump hits 7.3 million Australian users”

Australian Financial Review

 

“Hackers have stolen the addresses and phone numbers of SEVEN MILLION Australians have had had their residential address and phone numbers leaked by Facebook hackers over the Easter long weekend, expert claims”

Daily Mail

 

“Hackers claim to have stolen SolarWinds data for sale for $1.3m”

Australian Financial Review

 

“The human factor in cybersecurity”

CEO Tech Asia

 

“Police called as NSW Labor hit by cyber raid”

Australian Financial Review

 

“Breaking Down Barriers in Cybersecurity: Why Diverse Perspectives Like Yours Can Be an Advantage”

training.co.nz

 

“Nine says it has isolated source of cyber attack”

Australian Financial Review

 

“RMIT shuts down systems after malware hit”

Australian Financial Review

 

2020

“Nielsen ransomware attack pushes TV ratings back”

Australian Financial Review

 

2018

“World Youth Day’s IT hangover”

ComputerWorld.com.au


Recorded Media and Conferences

2023

“Keeping Pace in Cyber: Josh Lemon on Incident Response and Building Teams”

Uptycs Cybersecurity Standup

 

“Keeping Pace in Cyber: Josh Lemon on Incident Response and Building Teams”

Spotify - Uptycs Cybersecurity Standup

 

“Building a New Cybersecurity Alert Priority Matrix”

FIRST Annual Conference 2023

 

“DFIR Evidence Collection and Preservation for the Cloud”

RSA Conference 2023

 

“Wait Just An Infosec @ RSAC 2023: Josh Lemon and Megan Roddie”

YouTube

 

“Digital Forensics and Incident Response: Shifting Up DFIR from XDR to the Cloud”

Uptycs Live Webinar

 

“Explaining the Dark Web”

ABC, Australia

 

2022

“Preparing for Container Digital Forensics in the Cloud”

CLOUDSEC 2022

 

“DFIR Evidence Collection and Preservation for the Cloud”

SANS DIFR Summit 2022

 

“Enterprise incident response preparation for the Cloud”

AISA Webinar

 

2021

“You’ve been breached! Deploying OSquery (fast) to support incident response”

Uptycs: OSquery@scale

 

2020

“Forensic Happy Hour Episode 132”

YouTube

 

“Digital Forensics for Compressed Files”

ComfyCon Conference

 

2019

“Re-Building a Scalable CSIRT”

FIRST, Annual Conference

 

“Advanced Incident Response and Threat Hunting Workshop”

AISA Cyber Conference 2019, Australia

 

2018

Memory Forensics in Incident Response and Threat Hunting”

FIRST, Annual Conference

 

“DIFR in an AWS World”

AISA Cyber Conference 2018, Australia


Blog Articles

I mainly post to blog.joshlemon.com.au, below is a listing of other blogs I’ve contributed to.

2021

“Log4j (Version 2) Vulnerability Notification”

Ankura Blog