Opinion

Opinion

Endpoint security

• Why we need to reset the debate on end-to-end encryption to protect children

  Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent  Continue Reading

• Security Think Tank: Attacks on CNI – an evolving frontier in warfare

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Back to square one – ground-up CNI protection

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: Take a realistic perspective on CNI cyber attacks

  In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• Security Think Tank: CNI operators must focus on core issues

  In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them?  Continue Reading

• EncroChat ruling has ‘far-reaching effects’ for legal role of interception in UK investigations

  The computer forensic experts involved in the review of police use of data hacked from the ultra-secure EncroChat phone network assess the impact of the Appeal Court ruling on future legal use of intercept evidence    Continue Reading

• Rogue drones beware: We’re here to ground you

  Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office  Continue Reading

• Vaccine passports highlight social impact of systems design

  Vaccine or immunity passports are an opportunity to advance the design of trustworthy digital systems, but much more work still needs to be done  Continue Reading

• Security Think Tank: Are security teams the unsung heroes of 2020?

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Time to rethink stopgap solutions

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: It’s time to secure the collaboration revolution

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: In 2021, enable, empower and entrust your users

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Plan for hybrid working to become normal

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Time for security teams to learn from Covid

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Don’t bet on a new normal just yet

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• Security Think Tank: Cyber effectiveness, efficiency key in 2021

  After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be ...  Continue Reading

• How to manage non-human identities

  Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach  Continue Reading

• Security Think Tank: Adapting defences to evolving ransomware and cyber crime

  The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the ...  Continue Reading

• Security Think Tank: Edge security in the world of Covid-19

  That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentre to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure ...  Continue Reading

• Don’t believe the hype: AI is no silver bullet

  We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check  Continue Reading

• Security Think Tank: Ignore AI overheads at your peril

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Security Think Tank: The past and future of security automation

  Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the...  Continue Reading

• Australian government has failed on cyber security

  The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries  Continue Reading

• Australia is painting a big red cyber target on its critical infrastructure

  Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems  Continue Reading

• Identification and access management: some possible futures

  Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future  Continue Reading

• Security Think Tank: Security teams are key workers and need support

  Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout?  Continue Reading

• Security Think Tank: Amid panic, how to find a sound level of security

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Security Think Tank: A guide to security best practice for pandemics

  In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances?  Continue Reading

• Addressing the IoT security challenge

  We consider how best to address some of the critical security challenges around the internet of things  Continue Reading

• Security Think Tank: Zero trust strategies must start small, then grow

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs approach moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Ask yourself if zero trust is right for you

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: Zero trust is complex, but has rich rewards

  In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ...  Continue Reading

• Security Think Tank: In-depth protection is a matter of basic hygiene

  The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ...  Continue Reading

• Security Think Tank: Secure the cloud when negotiating contracts

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Security Think Tank: In the cloud, the buck stops with you

  Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ...  Continue Reading

• Small business guide: How to keep your organisation secure from fraudsters and hackers

  Doing a few things well can keep your organisation protected from common cyber attacks and fraudsters  Continue Reading

• Security Think Tank: Get basic security policy right, and the rest will follow

  Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from  Continue Reading

• Space – the new frontier in cyber security

  50 years after the Moon landings, our growing reliance on satellite communications presents a new target for malicious cyber attacks  Continue Reading

• What the UK can learn from the Nordics when it comes to digital ID

  The UK and other countries can learn from the Nordic region when it comes to digital identity  Continue Reading

• Security Think Tank: Proper segregation is more important than ever

  What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome?  Continue Reading

• eIDAS and the EU’s mission to create a truly portable identity

  It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes   Continue Reading

• Can we live without passwords?

  Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve  Continue Reading

• Security Think Tank: Pay attention to attribute-based system access permissions

  At the close of 2018, we asked CW Security Think Tank contributors to name one thing predicted for 2018 that did not happen, one thing that was not predicted and did happen and one thing that should happen in 2019, but probably will not  Continue Reading

• Security Think Tank: Use Cyber Essentials to kick-start outcomes-based security

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome?  Continue Reading

• Cyber security – why you’re doing it all wrong

  Most organisations can list the IT security tools and controls they have, so why do most of them still get the security basics wrong?  Continue Reading

• Hacking the internet of things just got easier – it’s time to look at your security

  Are you taking security for internet-connected devices seriously enough?  Continue Reading

• IoT security cannot be an afterthought: it must be the foundation of design

  As technologies for the internet of things mature, developers need to make security by design a fundamental part of their products  Continue Reading

• Mobile biometrics set to be game-changer in APAC

  Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Automating basic security tasks

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• How to futureproof your career as a CIO

  Many CIOs have yet to earn the right to be on the board. How can IT leaders upgrade their business acumen, to benefit their own careers and the health of their employer?  Continue Reading

• Security Think Tank: Encourage employees to use an approved messaging app

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Educate, enforce policy and monitor to ensure messaging security

  What criteria should organisations use to assess the security of smartphone messaging apps, and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Use technical controls and policy to secure messaging apps

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Risk assess all web connections to shore up security

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Dmarc email validation – we're doing it all wrong

  Dmarc is a hugely important way to reduce email fraud – just ask HMRC – but it also makes email marketing campaigns far more effective  Continue Reading

• IoT is good news for hackers

  Technology companies, governments and the insurance industry need to band together to counter the mounting cyber threats from the internet of things  Continue Reading

• Five tips to improve cyber security in the health sector

  Jocelyn Paulley, an IT lawyer at Gowling WLG, shares her top tips on how the NHS can “quick fix” its cyber resilience  Continue Reading

• Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition

  Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon  Continue Reading

• The problem with passwords: how to make it easier for employees to stay secure

  An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems  Continue Reading

• Are cloud users worrying about nothing when it comes to data sovereignty?

  With the upheaval surrounding the EU-US Privacy Shield, Clive Longbottom takes a closer look at the issue of sovereignty  Continue Reading

• When a slowdown in IT budgets is a good thing

  IT budgets will grow at their slowest rate for four years in 2016, yet companies are spending more on digital technology  Continue Reading

• Supercharging cyber security protection: Questions to ask when hiring a managed services provider

  With information security concerns and challenges at an all-time high, and a global shortage of security professionals to address them, some enterprises are turning to managed security services for help. To ease the selection process, Dragana Vranic...  Continue Reading

• Network security systems – dedicated or multifunction?

  For small and medium-sized businesses looking to secure their networks, multifunction security systems are a better option than best-of-breed technology  Continue Reading

• European regulation shakes up online payments security

  Payment service providers and merchants should lose no time in assessing the affect of proposed European security regulations  Continue Reading

• The bad theatre of the Intelligence and Security Committee

  The report of the Intelligence and Security Committee was like a piece of bad theatre  Continue Reading

• A phisher’s paradise

  Email is one of the earliest services created on the internet and, arguably, remains the most important  Continue Reading

• Balancing user desires with business needs

  With users increasingly taking IT decisions into their own hands, businesses need to try harder to keep up  Continue Reading

• PSN makes changes to reduce risk

  Director and head of compliance, PSNGB, Adele Parker, talks about how PSN will transport the bulk of government information  Continue Reading

• When consumer grade doesn't make the grade

  For Doug Miles, director of market intelligence at AIIM, new data proves the importance of providing safe data-sharing options  Continue Reading

• It’s time to add cyber insurance to your cyber security strategy

  Insurance policies for cyber crime have become more credible and viable  Continue Reading

• Security Think Tank: Enable collaboration by putting data at the heart of security

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Should you allow a bring your own device policy?

  Employers are realising there are challenges presented by BYOD which, if not dealt with, could have a serious impact on the business  Continue Reading

• Why collaboration is the only way to combat cyber threats

  Cyber threats are the most effective way to attack an organisation and those with malicious intent are finding more sophisticated ways of carrying out their activities  Continue Reading

• The state of the VDI industry in 2014

  There were two major technological advancements last year that make virtual desktops much more attractive than in the past  Continue Reading

• The security education dilemma

  Many employees, including executives, do not understand the implications of security. As a result, organisatons can lose focus  Continue Reading

• Security Think Tank: BYOD requires focus on security risk in 2014

  What are the top security issues must businesses address in 2014?  Continue Reading

• So when do employees start following security rules?

  As security needs are rapidly transformed, when do enterprises feel that they are getting on top of information security?  Continue Reading

• Why understanding context is the key to biometric success.

  Since Apple launched the double whammy of the iPhone 5S and 5C in September, internet chatter has focussed primarily on the merits and disadvantages of the new home button on the 5S and whether its biometric fingerprint scanner is ultimately secure ...  Continue Reading

• BYOD: data protection and information security issues

  Allowing employees to use their own devices to access company data raises data protection issues that a business must answer  Continue Reading

• Security Think Tank: Consumer cloud is fine for business, if....

  How can businesses use free or low-cost cloud storage services aimed at consumers, but ensure their data is safe and secure?  Continue Reading

• The dangers of internet cafés

  Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay  Continue Reading

• Security Think Tank: Cloud, BYOD and security – lock your doors

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: Management is key to secure BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: MDM just one way to lower the risk of BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: BYOD – a challenge and an opportunity

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD means the map is no longer the territory

  With the growth of BYOD and personal cloud at work, how can IT ensure the security of corporate data and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD – key tenets and best practices

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: MDM is no BYOD silver bullet

  With BYOD and personal cloud at work, what measures can IT take to ensure security of enterprise data and does MDM really have a role?  Continue Reading

• Security Think Tank: BYOD security: policy, control, containment, and management

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: Embrace BYOD, but be wary of the risks

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• First BYOD, now BYON poses security challenge

  Like BYOD before it, the march of BYON is happening silently, stealthily and almost completely outside of management control  Continue Reading

• Going digital: No simple solutions for information security professionals

  Technology evolution is proving itself to be something of a double-edged sword  Continue Reading

• Embrace BYOD and manage the risks

  BYOD might sound like an invitation (bring), but it is actually more of a rebellion (I’m bringing). Firms must get ready  Continue Reading

• Security Think Tank: High levels of control require detailed security intelligence

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context, the 5 Ws and H of security

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Selling online? A guide to complying with the PCI

  PCI-DSS compliance can leave retailers confused about how best to approach this daunting task. What is it they actually need to do?  Continue Reading

• Security Think Tank: New tech trends fuel need for context-based security

  How should firms approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Zone: A three-dimensional approach to BYOD (part 2)

  Employees are the first line of defence and crucial to BYOD success, but process and technology are equally important  Continue Reading

• Security Zone: A three-dimensional approach to BYOD

  Minimise the security threat of BYOD by taking a three-dimensional approach involving people, process and technology  Continue Reading