Opinion
Opinion
Application security and coding requirements
-
Security Think Tank: It’s time to secure the collaboration revolution
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Cyber effectiveness, efficiency key in 2021
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ... Continue Reading
-
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ... Continue Reading
-
Don’t believe the hype: AI is no silver bullet
We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check Continue Reading
-
Security Think Tank: The past and future of security automation
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the... Continue Reading
-
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the... Continue Reading
-
Security Think Tank: SIEM and AI – a match made in heaven?
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the... Continue Reading
-
Security Think Tank: Artificial intelligence will be no silver bullet for security
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ... Continue Reading
-
Security Think Tank: AI cyber attacks will be a step-change for criminals
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ... Continue Reading
-
Security Think Tank: Get your house in order before deploying AI
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of ... Continue Reading
-
Security Think Tank: ‘Shift left’ to secure containers
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Security Think Tank: Securing containers needn’t be taxing
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Security Think Tank: Container security starts with good DevOps practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Security Think Tank: Four steps to container security best practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
The impact of spycraft on how we secure our data
The history of cyber security owes much to the world of espionage, as a recent, pre-lockdown Science Museum exhibition showed Continue Reading
-
JavaScript skimmers: An evolving and dangerous threat
Cyber attacks exploiting Magecart JavaScript skimmers are spiking during the coronavirus pandemic, and like biological viruses, they just keep evolving Continue Reading
-
Security Think Tank: Zero trust strategies must start small, then grow
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust ... Continue Reading
-
Security Think Tank: Ask yourself if zero trust is right for you
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ... Continue Reading
-
Security Think Tank: How zero trust lets you take back control
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust ... Continue Reading
-
Security Think Tank: Zero trust is complex, but has rich rewards
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ... Continue Reading
-
Security Think Tank: No trust in zero trust need not be a problem
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ... Continue Reading
-
Security Think Tank: In-depth protection is a matter of basic hygiene
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
Security Think Tank: Pay attention to attribute-based system access permissions
At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not Continue Reading
-
Raising security awareness through phishing simulation – how to get it right
Testing employees’ security practices by sending fake phishing emails has become commonplace, but few organisations are conducting such exercises effectively Continue Reading
-
Security Think Tank: Top considerations to reduce application layer attacks
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Gap, risk and business impact analysis key to application security
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Three ways to safeguard against application layer vulnerabilities
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Deploy multiple defence layers to protect data-rich applications
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: A three-pronged approach to application security
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Think Tank: Application layer attack mitigation needs to start with risk analysis
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Defend application layer with good security hygiene
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Counter application layer attacks with automation
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Focus on security before app deployment
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Security Think Tank: Use Cyber Essentials to kick-start outcomes-based security
What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome? Continue Reading
-
Security Think Tank: Supplement security with an MSSP to raise the bar
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Adopt a proactive approach to software vulnerabilities
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Four key steps to managing software vulnerabilities
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Four steps to managing software vulnerabilities
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Balancing cost and risk in software vulnerability management
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: No shortcuts to addressing software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: How to manage software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: How to achieve software hygiene
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Eight controls to manage software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Follow good practice to reduce risk of software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
Security Think Tank: Encourage employees to use an approved messaging app
What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees? Continue Reading
-
Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition
Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon Continue Reading
-
Managing open-source security: a legal perspective
Open-source software is being used more widely than ever – but do IT leaders understand the legal risks? Continue Reading
-
Security Think Tank: Allocate maintenance processes to each piece of key software
What strategies can companies adopt to help keep up with and deal with the huge volume of software updates they are facing? Continue Reading
-
Security Think Tank: Using vulnerability management to support the patching process
What strategies can companies adopt to deal with the huge volume of software updates they are facing? Continue Reading
-
Security Think Tank: Five strategies for dealing with software security updates
What strategies can companies adopt to keep up with, and deal with, the huge volume of software updates they face? Continue Reading
-
The problem with passwords: how to make it easier for employees to stay secure
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
-
Are cloud users worrying about nothing when it comes to data sovereignty?
With the upheaval surrounding the EU-US Privacy Shield, Clive Longbottom takes a closer look at the issue of sovereignty Continue Reading
-
When a slowdown in IT budgets is a good thing
IT budgets will grow at their slowest rate for four years in 2016, yet companies are spending more on digital technology Continue Reading
-
Saving Bletchley Park: The women of Station X
Sue Black recalls her first experience of Bletchley Park and the women who worked there, inspiring a campaign to save the home of the WW2 codebreakers Continue Reading
-
Network security systems – dedicated or multifunction?
For small and medium-sized businesses looking to secure their networks, multifunction security systems are a better option than best-of-breed technology Continue Reading
-
Security Think Tank: Aim for win-win in SecDevOps
How can development, operations and security teams collaborate around change to ensure security is maintained and even improved? Continue Reading
-
Security Think Tank: Cyber security should be a pillar of any business plan
How can development, operations and security teams collaborate around change to ensure security is maintained and even improved? Continue Reading
-
Security Think Tank: Involve all stakeholders to ensure smooth, secure change
How can development, operations and security teams collaborate around change to ensure security is maintained and even improved? Continue Reading
-
European regulation shakes up online payments security
Payment service providers and merchants should lose no time in assessing the affect of proposed European security regulations Continue Reading
-
The bad theatre of the Intelligence and Security Committee
The report of the Intelligence and Security Committee was like a piece of bad theatre Continue Reading
-
A phisher’s paradise
Email is one of the earliest services created on the internet and, arguably, remains the most important Continue Reading
-
It’s time to add cyber insurance to your cyber security strategy
Insurance policies for cyber crime have become more credible and viable Continue Reading
-
Security: the oft-forgotten dimension
Companies are investing in sophisticated devices to protect the security of their computer systems but they are forgetting about one critical element - the employee. Continue Reading
-
Why collaboration is the only way to combat cyber threats
Cyber threats are the most effective way to attack an organisation and those with malicious intent are finding more sophisticated ways of carrying out their activities Continue Reading
-
So when do employees start following security rules?
As security needs are rapidly transformed, when do enterprises feel that they are getting on top of information security? Continue Reading
-
Security Think Tank: Risk of software procurement cannot be ignored
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: Security testing a vital part of software procurement
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: Risk-based security will ease software testing challenge
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: Beef up due diligence
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: If cost is king, security suffers
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: How to ensure vendors act efficiently
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: Security pros need to be plugged into procurement
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
Security Think Tank: Procurement and security are uneasy bedfellows
How can security professionals ensure security testing becomes part of the procurement process for all business software? Continue Reading
-
IT needs soldiers
The government has recognised that its returning troops can bring value to Britain. Unfortunately it has backed the wrong profession. Continue Reading
-
How to build a website security programme
Follow this step-by-step strategy for building a website security programme that yields results Continue Reading
-
Stop service providers becoming data security Achilles heel
Minimising cyber security risks through third-party suppliers is a challenge facing many organisations. Continue Reading
-
Securing the hypervisor: expert tips
There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances Continue Reading
-
Selling online? A guide to complying with the PCI
PCI-DSS compliance can leave retailers confused about how best to approach this daunting task. What is it they actually need to do? Continue Reading
-
Trusted computing for industrial control systems and infrastructure
The Trusted Computing Group’s open standards now include specifications for securing industrial control systems and infrastructure Continue Reading