Opinion
Opinion
Hackers and cybercrime prevention
-
Security Think Tank: Business needs to see infosec pros as trusted advisers
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Top infosec task is getting on board agenda
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Building a cyber-physical immune system
Shantanu Rane, researcher in cyber-physical systems security at the Palo Alto Research Center, explains how our own immune systems can inspire the design of modern cyber-physical systems Continue Reading
-
Security Think Tank: Infosec needs to avoid FUD and keep it real
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Security risk ratings key to security/business understanding
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Focus on business impact and likelihood of cyber attacks
How can cyber security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Frame cyber security impacts in business contexts
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Infosec letter to the board
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Joining the dots to deliver effective cyber security
In too many organisations, cyber security is dislocated and siloed. Security chiefs need to take a more joined-up approach, but that is likely to mean a rethink of how the security team operates Continue Reading
-
Making threat intelligence greater than the sum of its parts
Organisations can become more secure if they join up their varied sources of intelligence about business threats, and avoid losing valuable information within individual silos Continue Reading
-
Security Think Tank: Effective IT segregation must involve the business
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: In-app segregation more intelligent and permissive
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: IT asset separation is a risk-based decision
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Challenges of segregation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Understanding tech is key to effective data segregation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: How to realise the benefits of security zoning
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Benefits and challenges of security segmentation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Surviving the existential cyber punch, part 3
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Surviving the existential cyber punch part 2
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Surviving the existential cyber punch
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Seven steps to manage risk of catastrophic cyber attack
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Cyber attack survival not a matter of luck
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Aim for integrated resilience, continuity and recovery
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Incident response vital to guard against catastrophic cyber attack
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Why cyber security needs to be prioritised at board level
Despite the rising number of headline-grabbing security breaches, many company executives are still not prioritising cyber security in the boardroom Continue Reading
-
Security Think Tank: BC/DR plan key to cyber attack survival
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: How to reduce the impact of a potential cyber extinction event
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Mind the Brexit gap in cyber security
Leaving the EU could mean a new cyber security regime for the UK – firms need to understand how the changes might affect them Continue Reading
-
Growing board focus on cyber risk challenges current thinking
As digital transformation continues to drive change in the business and risk landscape, business and cyber security leaders need to improve discussions around this topic Continue Reading
-
Security Think Tank: Map your own important risk metrics
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Financial loss as a key security risk indicator
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: No one key risk indicator is generic across all businesses
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Is it true you can't manage what you don't measure?
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Key considerations for determining cyber risk
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Five elements of a key cyber risk indicator
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Aim for business intelligence-driven system of risk indicators
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Invest in proactive approach to security and digital risk
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Cyber metrics need to be meaningful
What should be the key cyber security risk indicator for any business? Continue Reading
-
Breaking the chains: How FUD is holding the cyber sector hostage
The cyber security industry must move past fear tactics and get back to the basics of good cyber security practice Continue Reading
-
Security Think Tank: UTM a key part of a well-rounded security strategy
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: No tech will ever counter-balance poorly implemented processes
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Know strengths and weaknesses of UTM systems
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Approach UTM with caution
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: UTM attractive to SMEs, but beware potential pitfalls
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Focus UTM capabilities on security and business needs
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Many routes to UTM to boost security capabilities
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Arguments for and against unified threat management
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Cloud tech helps to protect advanced networks
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Walk before you run
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Apply different techniques to safeguard against rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Combine SDN, containerisation and encryption to halt rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: How to use SDN, containers and encryption – and some warnings
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Creative thinking key to meeting emerging security challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: The security role of SDN, containers, encryption and SDP
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
Security Think Tank: Meeting the security challenge of multiple IT environments
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Use SDN, containerisation and encryption tools to boost security
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Can we live without passwords?
Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading
-
Security Think Tank: Pay attention to attribute-based system access permissions
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not Continue Reading
-
Security Think Tank: Focus on malicious use of AI in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Strong 2FA should be a goal in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Let’s hope for treaty on online norms
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Put collaboration on 2019 security agenda
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Align security strategy to business objectives
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not Continue Reading
-
Security Think Tank: Let’s get back to basics in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Prioritise multifactor authentication in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Smart botnets resist attempts to cut comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including "sleepers" designed to be ... Continue Reading
-
Security Think Tank: Strategies for blocking malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Prevention and detection key to disrupting malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Severing C&C comms is key, but complex
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Firms neglect DNS security at their peril
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Three steps to detect malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: How to tool up to catch evasive malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Drawing the line for cyber warfare
With alleged Russian meddling in elections and the state-backed attack on Iran’s nuclear programme, it is becoming difficult to define the boundaries of cyber warfare Continue Reading
-
Security Think Tank: Situational awareness underpins effective security
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure they detect such methods and that all C&C systems are removed, including ‘sleepers’ designed to be activated... Continue Reading
-
Security Think Tank: Basic steps to countering malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure they detect such methods and that all C&C systems are removed, including "sleepers" designed to be activated... Continue Reading
-
Security Think Tank: Combine tech, process and people to block malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including "sleepers" designed to be ... Continue Reading
-
GCHQ offers help to embryonic Irish cyber security organisation
Ciaran Martin head of the UK's National Cyber Security Centre, part of GCHQ, builds bridges with the Republic of Ireland's intelligence community during an official visit to Dublin Continue Reading
-
Security Think Tank: Top considerations to reduce application layer attacks
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Making the UK the safest place to live and work online
Government, industry and individuals all have to play their part in enhancing cyber security practices Continue Reading
-
Security Think Tank: Gap, risk and business impact analysis key to application security
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Three ways to safeguard against application layer vulnerabilities
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Deploy multiple defence layers to protect data-rich applications
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: A three-pronged approach to application security
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Think Tank: Application layer attack mitigation needs to start with risk analysis
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Defend application layer with good security hygiene
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Counter application layer attacks with automation
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Focus on security before app deployment
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Monitoring key to outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Enable outcomes-based security in software development
What is the first step towards moving from a tick box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: C-suite needs to drive outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Use Cyber Essentials to kick-start outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Shift to outcomes-based security by focusing on business needs
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Everyone, everywhere is responsible for IIoT cyber security
Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ... Continue Reading
-
Security Think Tank: Start outcomes-based security with asset identification
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Security governance key to outcomes-based approach
What is the first step towards moving from a tick-box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Supplement security with an MSSP to raise the bar
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Adopt a proactive approach to software vulnerabilities
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Four key steps to managing software vulnerabilities
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading