Opinion

Opinion

Cloud security

• Security Think Tank: Plan for hybrid working to become normal

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Don’t bet on a new normal just yet

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Cyber effectiveness, efficiency key in 2021

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• How to manage non-human identities

  Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach  Continue Reading

• Negotiating the complexities of international transfers of personal data

  How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection  Continue Reading

• Security Think Tank: Integration between SIEM/SOAR is critical

  SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: SOAR to the next level with automation

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• SIEM or SOAR or both? Consider your business complexity first

  SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?  Continue Reading

• Security Think Tank: Adapting defences to evolving ransomware and cyber crime

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Covid-19 has changed how we think about cyber security forever

  Six months into the global pandemic, the true impact on the future of cyber security is beginning to look clearer, says Microsoft’s Ann Johnson  Continue Reading

• Security Think Tank: Edge security in the world of Covid-19

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Edge datacentre security depends on specific needs

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: No secret sauce for edge security, just good practice

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Beware security blind spots at the edge

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Datacentre security is a business imperative

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Sharing responsibility: Why we need to work together to keep the cloud secure

  The education sector has been fundamentally altered by months of lockdown, with cloud services topping must-have lists for academic staff, but now it’s time to consider security  Continue Reading

• Security Think Tank: Seven steps to edge security

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Security at the distributed edge

  That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Security Think Tank: Ignore AI overheads at your peril

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: ‘Shift left’ to secure containers

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Australian government has failed on cyber security

  The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries  Continue Reading

• Security Think Tank: Securing containers needn’t be taxing

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Container security starts with good DevOps practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Container security is evolving, so must CISOs

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Four steps to container security best practice

  Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers?  Continue Reading

• Security Think Tank: Zero trust strategies must start small, then grow

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: How zero trust lets you take back control

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero trust ...  Continue Reading

• Security Think Tank: Is data more or less secure in the cloud?

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Stopping data leaks in the cloud

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Base cloud security posture on your data footprint

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Cloud security is a shared responsibility

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security in the supply chain – a post-GDPR approach

  A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security  Continue Reading

• Security Think Tank: Adapt security posture to your cloud model

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: The cloud needs security by design

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Secure the cloud when negotiating contracts

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: In the cloud, the buck stops with you

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: Benefits and challenges of security segmentation

  What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome?  Continue Reading

• Security Think Tank: Cloud tech helps to protect advanced networks

  How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network?  Continue Reading

• Facebook’s high-stakes privacy gamble goes to Dublin court

  A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance  Continue Reading

• eIDAS and the EU’s mission to create a truly portable identity

  It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes   Continue Reading

• Can we live without passwords?

  Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve  Continue Reading

• Security Think Tank: Pay attention to attribute-based system access permissions

  At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not  Continue Reading

• Everyone, everywhere is responsible for IIoT cyber security

  Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ...  Continue Reading

• Why businesses must think like criminals to protect their data

  Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place  Continue Reading

• SD-WAN needs software-defined security

  Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Automating basic security tasks

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Encourage employees to use an approved messaging app

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Three things to do differently to secure websites in the cloud

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• My brother Lauri Love should have the right to a trial in the UK

  Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister  Continue Reading

• Legal hurdles cloud Max Schrems complaint over US spying

  The Irish High Court in Dublin has embarked on a long hearing into the legality of standard contractual clauses. It is a sideshow from the real issue – the legality of US surveillance in the UK and Ireland  Continue Reading

• Security Think Tank: Are employees cyber pawns or cyber heroes?

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Focus on high risk by automating low-risk patching

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Why Azure developers need security skills

  The unprecedented adoption of Microsoft Azure is a huge opportunity for developers, but they must keep their security skills updated  Continue Reading

• Security Think Tank: Know the business risks of using the internet

  What are the main security risks associated with DNS and how are these best mitigated?  Continue Reading

• Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition

  Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon  Continue Reading

• The problem with passwords: how to make it easier for employees to stay secure

  An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems  Continue Reading

• Are cloud users worrying about nothing when it comes to data sovereignty?

  With the upheaval surrounding the EU-US Privacy Shield, Clive Longbottom takes a closer look at the issue of sovereignty  Continue Reading

• When a slowdown in IT budgets is a good thing

  IT budgets will grow at their slowest rate for four years in 2016, yet companies are spending more on digital technology  Continue Reading

• Network security systems – dedicated or multifunction?

  For small and medium-sized businesses looking to secure their networks, multifunction security systems are a better option than best-of-breed technology  Continue Reading

• Life’s a breach: How to handle the press after a hacking attack

  Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines  Continue Reading

• European regulation shakes up online payments security

  Payment service providers and merchants should lose no time in assessing the affect of proposed European security regulations  Continue Reading

• The bad theatre of the Intelligence and Security Committee

  The report of the Intelligence and Security Committee was like a piece of bad theatre  Continue Reading

• US technology companies facing growing UK pressure over internet spying

  Tension is growing between the UK and US over Prism spying  Continue Reading

• A phisher’s paradise

  Email is one of the earliest services created on the internet and, arguably, remains the most important  Continue Reading

• Security Think Tank: Seven strategies for limiting cloud data leakage

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Three-pronged approach to cloud security

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Control smart devices and apps like the rest of ICT

  What can IT security teams do to ensure users are not unwittingly synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Three ways to reduce risk of cloud data leaks

  How can IT security teams ensure users are not synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Use governance strategy to manage cloud backups

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Celebrity photo leaks highlight cloud security issues

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: CIOs – demand an automated, standardised integration

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Eight steps to extending IAM to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Extending IAM controls to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• It’s time to add cyber insurance to your cyber security strategy

  Insurance policies for cyber crime have become more credible and viable  Continue Reading

• Security Think Tank: Do not trust the network to ensure secure collaboration

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: Enable collaboration by putting data at the heart of security

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: CISOs should be first stop on the way to cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: UK firms still not entirely comfortable with cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Choose public or private cloud with a clear head

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Balancing cloud risk and reward

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Striking the hybrid cloud balance

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Before cloud, engage with asset owners

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Living with Google Glass – not quite useful enough to overcome the dork-factor

  Businesses will use Google Glass first, says Simon Dring after spending a few days living with the technology.  Continue Reading

• Security Think Tank: A pragmatic and practical guide to secure hybrid clouds

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Cloud is not that different

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Why collaboration is the only way to combat cyber threats

  Cyber threats are the most effective way to attack an organisation and those with malicious intent are finding more sophisticated ways of carrying out their activities  Continue Reading

• Dark data could halt big data’s path to success

  Dark data – data that lacks any control or classification, but is all too prevalent in many organisations – could halt big data's path to success  Continue Reading

• How to prepare the IT workforce for cloud and mobility    

  CompTIA is working to identify the key skills that staff responsible for cloud and mobility implementations need  Continue Reading

• Security Think Tank: KuppingerCole’s security predictions for 2014

  What are the top security issues businesses must address in 2014?  Continue Reading

• Security Think Tank: ISF’s top security threats for 2014

  What are the top security issues businesses need to address going into 2014?  Continue Reading

• So when do employees start following security rules?

  As security needs are rapidly transformed, when do enterprises feel that they are getting on top of information security?  Continue Reading

• Information security in the cloud: Time to switch to panic mode?

  Some people already argue that there is no longer any security in the cloud at all. Is it time to switch to panic mode?  Continue Reading

• Security Think Tank: Consumer cloud is fine for business, if....

  How can businesses use free or low-cost cloud storage services aimed at consumers, but ensure their data is safe and secure?  Continue Reading

• Security Think Tank: Firms must take responsibility for security in the cloud

  How can businesses make use of free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Security Think Tank: Four steps to using public cloud storage

  How can businesses make use of free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Security Think Tank: In the cloud, low or no cost means little or no control

  How can businesses use free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Security Think Tank: How to keep data secure when resident or used by cloud applications

  How can businesses make use of free or low cost cloud storage services and ensure data is safe and secure?  Continue Reading

• The Death Of Cloud Has Been Greatly Exaggerated

  Revelations about the extent of US and UK government surveillance on the internet will not mean the death of cloud computing, but companies will change their approach.  Continue Reading

• The data fragmentation challenge

  Few organisations have policies to guide where data should and should not be stored. The result: data fragmentation  Continue Reading