Opinion
Opinion
Privacy and data protection
-
Security Think Tank: Creative thinking key to meeting emerging security challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
Security Think Tank: Meeting the security challenge of multiple IT environments
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Use SDN, containerisation and encryption tools to boost security
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Can we live without passwords?
Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading
-
Security Think Tank: Prioritise multifactor authentication in 2019
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted but did happen, and one thing that should happen in 2019 but probably will not Continue Reading
-
Security Think Tank: Prevention and detection key to disrupting malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Severing C&C comms is key, but complex
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: How to tool up to catch evasive malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including “sleepers” designed to be ... Continue Reading
-
Security Think Tank: Combine tech, process and people to block malware comms
As attackers begin to use multiple command and control systems to communicate with backdoors and other malware, how can organisations ensure that they detect such methods and that all C&C systems are removed, including "sleepers" designed to be ... Continue Reading
-
GCHQ offers help to embryonic Irish cyber security organisation
Ciaran Martin head of the UK's National Cyber Security Centre, part of GCHQ, builds bridges with the Republic of Ireland's intelligence community during an official visit to Dublin Continue Reading
-
Security Think Tank: Top considerations to reduce application layer attacks
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Gap, risk and business impact analysis key to application security
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Three ways to safeguard against application layer vulnerabilities
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Defend application layer with good security hygiene
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Counter application layer attacks with automation
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Monitoring key to outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Customers need to be at the centre of GDPR plans
Responding to a breach is not just about data, it is about taking care of, and protecting, customers Continue Reading
-
Security Think Tank: Enable outcomes-based security in software development
What is the first step towards moving from a tick box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: C-suite needs to drive outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Shift to outcomes-based security by focusing on business needs
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Start outcomes-based security with asset identification
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Security governance key to outcomes-based approach
What is the first step towards moving from a tick-box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome? Continue Reading
-
Why the government should rethink the UK’s surveillance laws
The European Court of Human Rights has made clear that the Snoopers’ Charter is an unlawful violation of people’s rights and freedoms Continue Reading
-
Security Think Tank: Eight controls to manage software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Better the data you know – how GDPR is affecting UK tech companies
As the dust settles from the General Data Protection Regulation, the implications for technology firms in the UK are becoming clearer Continue Reading
-
Security Think Tank: Outsource security operations, not control
What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: Outsource responsibility, not accountability
What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: Almost all security can be outsourced, but not the risk
What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: Risk tolerance key to security outsourcing policy
What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: Top things to consider in security outsourcing
What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: A risk-based approach to security outsourcing
What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Security Think Tank: Not all security service providers are created equal
What critical security controls can be outsourced, and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately? Continue Reading
-
Smart cities face challenges and opportunities
IHS Markit analysts Noman Akhtar and Kevin Hasley assess the way forward for smart city technology projects around the world Continue Reading
-
Beyond GDPR: ePrivacy could have an even greater impact on mobile
From how we monitor air pollution and manage our public transport systems, to how we enable connected cars and the next generation of 5G mobile services, the forthcoming ePR could have a lasting impact on European society Continue Reading
-
What the ICO's Facebook fine teaches us
Legal expert Alexander Egerton considers whether the ICO’s planned £500,000 fine for Facebook is the precursor of a spate of increased fines across the board, or if it shows the ICO’s stance has not changed and will continue to target certain ... Continue Reading
-
Cyber security: A work in progress
Piers Wilson, director of the Institute of Information Security Professionals, reflects on the findings of the latest IISP industry survey and suggests there is still more work to do Continue Reading
-
Security Think Tank: A good password policy alone is not enough
In light of the fact that complex passwords are not as strong as most people think and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough? Continue Reading
-
Security Think Tank: Cracking the code – what makes a good password?
In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough? Continue Reading
-
Security Think Tank: Passwords alone are not good enough
In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough? Continue Reading
-
Security Think Tank: How to create good passwords and add security layers
In light of the fact complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password - and when is a password alone not enough? Continue Reading
-
Security Think Tank: Complex passwords provide a false sense of security
In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough? Continue Reading
-
Security Think Tank: Use pass phrases and 2FA to beef up access control
In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password – and when is a password alone not enough? Continue Reading
-
Security Think Tank: Put more layers around passwords to up security
In light of the fact that complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough? Continue Reading
-
Security Think Tank: GDPR requires unprecedented view of data flows
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Focus on data protection, but do not rely on DLP alone
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Understand data for risk-based protection
Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Ignorance about data is tantamount to negligence
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Use data flow information to protect systems
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
GDPR – like a lot of regulation – will mostly benefit the big incumbents
The law of unintended consequences applies to the new EU data protection laws, because the big players it seeks to regulate can better afford to comply Continue Reading
-
Security Think Tank: Data governance is essential to data security
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Data controllers are essential in modern business environment
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Data governance is good for business and security
Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this? Continue Reading
-
Security Think Tank: Information management means better security
Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this? Continue Reading
-
GDPR may not be perfect, but it’s an important milestone in data protection
It's GDPR day, and TechUK's CEO Julian David writes about what is an important milestone in data protection in the digital world Continue Reading
-
Ethics and tech – a double-edged sword
Just because a business activity is legal doesn’t mean it will be acceptable to customers, as the ethical debates in tech are proving Continue Reading
-
It’s not too late to get GDPR ready
With the GDPR compliance deadline on 25 May 2018, there is little time to get ready, but it is not too late, according to the IAPP, which provides a checklist to help organisations ensure they are in the best position possible for the deadline Continue Reading
-
Hacking the internet of things just got easier – it’s time to look at your security
Are you taking security for internet-connected devices seriously enough? Continue Reading
-
Security Think Tank: Five tips for killing the campers on your network
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
Security Think Tank: More time equals more opportunity for cyber attackers
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
Security Think Tank: Containment should be top priority in cyber breaches
Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading
-
Security Think Tank: Reducing cyber attacker dwell time is critical
Why is reducing cyber attacker dwell time important, and how should it be tackled? Continue Reading
-
Security Think Tank: Reducing dwell has never been more important
Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading
-
Security Think Tank: GDPR compliance one good reason to cut attacker dwell time
Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading
-
GDPR and the right to erasure: hiding in the shadows or welcome shade?
The European Union's new data protection laws introduce a right to be forgotten – but what does it means for corporate IT? Continue Reading
-
Security Think Tank: Reduce attacker dwell time with defence in depth
Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading
-
Who do you trust to censor social media?
Calls to censor Facebook and its rivals are growing – but society needs to consider carefully the motivations of those making such demands Continue Reading
-
Why businesses must think like criminals to protect their data
Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place Continue Reading
-
Security Think Tank: Deal with cryptojacking to avoid security vulnerability
How can organisations best defend against cryptojacking? Continue Reading
-
How the IT sector can help plug the cyber security skills gap
Businesses have a role to play in plugging the cyber security skills gap by engaging with future talent at a young age, providing more role models for under-represented groups, communicating the nature of the threat, and changing their approach to ... Continue Reading
-
SD-WAN needs software-defined security
Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected Continue Reading
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Human, procedural and technical response to fileless malware
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: Social engineering at the heart of fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Security Think Tank: How to tackle fileless malware attacks
What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading
-
Hawaii missile alert: Why the wrong guy was fired
In January 2018, an employee at Hawaii’s emergency management agency sent out a false alarm of an imminent missile attack, and was subsequently fired – but perhaps poor system design is really to blame Continue Reading
-
Why police forces need to be honest about mass mobile phone surveillance
Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency Continue Reading
-
Mobile biometrics set to be game-changer in APAC
Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility Continue Reading
-
Security Think Tank: Take care of security basics before automating
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
3, 2, 1, GDPR: How to be prepared on 25 May
There are seven key areas organisations should review to ensure compliance with the General Data Protection Regulation, and even though the deadline is less than four months away, it is still not too late to start Continue Reading
-
Security Think Tank: Approaches to strengthening security operations
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Europe’s shameful role in spy-tech exports that led to torture and jail
Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ... Continue Reading
-
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Don’t automatically automate security
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Humans and AI machines in harmony
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Zero in on your zero-day vulnerabilities
A zero-day attack comes, by definition, out of the blue. You cannot predict its nature or assess how much damage it might cause, but you can take some basic steps to protect yourself from a potentially crippling cyber strike Continue Reading
-
My brother Lauri Love should have the right to a trial in the UK
Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister Continue Reading
-
Why UK police are learning cyber forensics
The need for the UK police force to conduct forensic investigations on computers is nothing new, but a rapid escalation of cyber crime has demanded a different approach Continue Reading
-
A guide for businesses to China’s first cyber security law
Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed Continue Reading
-
A history of hacking and hackers
A security professional’s view on criminal hacking has shifted away from the traditional stereotype of the hacker, towards a much more diverse cross-section of wider society Continue Reading
-
Criminal law: Are Twitter threats taken seriously?
As threats of violence become increasingly common online, law enforcement is taking stronger action against the perpetrators Continue Reading
-
The internet of things: an overview
Despite security and other concerns, there are many benefits associated with embracing the internet of things Continue Reading
-
Security Think Tank: Risk of DNS attacks goes beyond websites
What are the main security risks associated with DNS and how are these best mitigated? Continue Reading
-
Security Think Tank: Top three DNS-related security risks
What are the main security risks associated with the domain name system and how are these best mitigated? Continue Reading
-
Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition
Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon Continue Reading
-
Consumer identity management is the core of real CRM
IAM + CRM is much more than simply IAM for external users, says Ivan Niccolai Continue Reading
-
Six essential processes for keeping data secure
Data security is increasingly vital for organisations as the countdown begins for compliance with new rules imposed by the EU’s general data protection regulation Continue Reading
-
Security Think Tank: Many breaches down to poor access controls
In the modern business environment, what are the most common access control mistakes – and how best are these corrected? Continue Reading
-
The problem with passwords: how to make it easier for employees to stay secure
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
-
Security Think Tank: Top five access control mistakes
In the modern business environment, what are the most common access control mistakes and what is the best way to correct them? Continue Reading