Recent Blog Posts

We have to join up the debate and put cybersecurity into business, economic and social context. Hence the importance of the Digital Policy Alliance and its groups.

The presumption of the machine functioning properly in practice, means that the prosecution can rely on the presumption that a computer was operating reliably at all material times. It needs to be ...

The current pipeline supplies less than half the demand. Most of that demand is not for full-time professionals with technical skills. It is for those with the people skills to manage business risk ...

Review the salaries you offer to Cybersecurity and Computer Science Graduates - unless your policy is to pay more for those implementing security by design. If you are worried about losing those ...

There is an urgent need to make rapid use of the trusted partner programmes of the new Cyber Resilience Centres to help business of all sizes (and charities, schools, reputable training providers ...

The UK cybersecurity industry is heavily concentrated. Only 150 suppliers, employing 2/3rd of the work force are large enough to provide realistic in-house work experience for trainees/apprentices. ...

The combination of the Cyber Resilience Centres, Police Cyber Alarm and The Cyber Helpline  provides a major advance towards joining up the UK approach to policing the on-line world,

As cyberattacks continue to increase, capitalising on the new vulnerabilities of remote working, securing the print infrastructure – across the office and home environments – must be a strategic ...

Banks and employers cannot afford to trust the credentials (digital or otherwise) issued by Government or mandated by regulators (e.g. Passports, Driving Licenses or Utility Bills) until the issues ...

The pace of change along criminal supply chains is accelerating. But so too is the response from law enforcement. Lockdown saw the first step with long overdue automation of incident notification ...

“NHS” is the UK’s most trusted brand. Until recently it was one of the least protected/secure. There have been significant improvements but, as a result of Covid, impersonating the NHS now comes ...

The Covid-19 lockdown has led to an explosion of fraud and abuse, both on-line and in the "real" world.  Before Test and Trace is fully operational it is already being spoofed .  The problems are ...

He would never enable Bluetooth on a mobile phone because of its inherent security problems. It is unclear how many of these have been fixed with the latest releases. But some are unlikely to be ...

This is a guest post by Michael Warnock, Australian head of growth for SecureAuth Cyber attackers are turning their attention to identity, raising the security stakes for Australian companies ...

This the first plague where predictions of its likely local impact reached rulers/politicians/journalists before their subjects/voters/readers starting falling ill and/or dying in large numbers ... ...

The UK is apparently the number one target for covid-related on-line fraud but doorstep fraudsters are targeting those who do not go on-line with “testing” and “decontamination” services.

The proportion of special constables to full time police has fallen over the past 20 years from 16% in 1996 to 9% in 2019. The trend is distorted by the Metropolitan Police where the proportion ...

As more cases of the coronavirus are found in the UK, businesses are going to have to face the very real prospect that encouraging people to go into the office, raises the risk of the virus ...

Over a decade ago the EURIM-IPPR study into “Partnership Policing for the Information Society” identified that the police would never have more than a fraction of the resources necessary to address ...

But that is for the future. For the here and now I strongly recommend participation in the DPA cybersecurity skill sub-group in order to make sense of what it happening and ensure that your needs, ...

Most organisations are uninsurable. They spend large amounts on security products and services technology but they are not doing that which reduces the risk of a successful cyberattack, limits the ...

Liverpool may be flying high at the top of the Premier League table right now, but when they get home after a hard-fought 90 minutes, their fans are the most likely to have had their personal data ...

Had my first visit to The Gherkin recently at a “mini” Netevents security briefing in London. I can certainly recommend the brioche-bun bacon butties with a view of the London rain from the 38th ...

The extension of a compliance deadline for PSD2 should not be a signal for banks to reduce preperations

We need voluntary co-operation to join up cybercommunity safety across silo boundaries without waiting for governments, regulators and lobbyists

It is not enough to have policies that satisfy the conflicting requirements of the EU and US for data protection, including notification to attract fraudsters to the victims of a breach, like ...

1 Action Fraud had an impossible task The Times undercover investigation at Action Fraud  has led to a rash of publicity, both tabloid  and professional . The only surprise is that it has taken so ...

Hence the need to address the cyberskills for justice and deterrence , not just those for cyberwarfare, protection and surveillance. And the more widespread those skills, the more dangerous the ...

Words have power – in particular, your choice of words modifies how your readers or listeners react to what you write or say. Politicians do this sort of thing all the time, swapping one word or ...

This year will be the first time I visit Infosec with no agenda. Or to be more precise I will have a Community Safety rather than a Cybersecurity Skills Agenda. This has caused me to take a cool ...

I added a comment on Dominic Rabb's inclusion of degree apprenticeships in his call for Fairness and Choice to my recent blog on the IfA apprenticeship review.  In his opening campaign letter Rory ...

The meeting illustrated the difficulty of the task the DCMS team will have reconciling the need of MoD and GCHQ for patriotic cyberwarriors and the need of the rest of us for the skills to protect ...

Contactless card fraud is rising bit it is easily preventable

By Kimberly Chua Mobile app users in developing Asia-Pacific (APAC) countries prefer convenience over security, signaling a potential rift between companies and users, a new F5 Networks study has ...

What do the Party Manifesto commitments mean for the IT industry? Part 1

An online training initiative promises to make information security accessible and understandable to journalists, confidential sources and whistleblowers.

Report finds Android VPN apps on the official Google Play store fail to deliver basic privacy and security, with some injecting malware and malvertising

The BBC has reported that the University of Bournemouth was attacked 21 times by ransomware. the observant report notes, that this occurred in spite of the university having its own cybersecurity ...

The question is not "What will be the effect of Brexit on the ICT industry?". It is "what do you want the impact of Brexit?" to be. Juncker’s call for “immediate clarity” as to what the UK wants ...

In this day and age, it's not just the techie guy at the helpdesk who know what the numbers and dots posted on the bus mean. Clearly, the bus driver here is on the game. And most Y-gens will ...

The effect of Brexit will depend partly on how well we exploit the opportunities offered, including to help bring about reform of the European Union after an amicable separation as opposed to a ...