Opinion

Opinion

IT security

• Security Think Tank: Monitoring key to outcomes-based security

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based, and how can an organisation test if its security defences are delivering the desired outcome?  Continue Reading

• Customers need to be at the centre of GDPR plans

  Responding to a breach is not just about data, it is about taking care of, and protecting, customers  Continue Reading

• Security Think Tank: Enable outcomes-based security in software development

  What is the first step towards moving from a tick box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome?  Continue Reading

• Security Think Tank: C-suite needs to drive outcomes-based security

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome?  Continue Reading

• Security Think Tank: Use Cyber Essentials to kick-start outcomes-based security

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome?  Continue Reading

• Security Think Tank: Shift to outcomes-based security by focusing on business needs

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome?  Continue Reading

• Everyone, everywhere is responsible for IIoT cyber security

  Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive ...  Continue Reading

• Security Think Tank: Start outcomes-based security with asset identification

  What is the first step towards moving from a tick-box approach to security to one that is outcomes-based and how can an organisation test whether its security defences are delivering the desired outcome?  Continue Reading

• Security Think Tank: Security governance key to outcomes-based approach

  What is the first step towards moving from a tick-box approach to security to one that is outcomes based, and how can an organisation test if its security defences are delivering the desired outcome?  Continue Reading

• Why the government should rethink the UK’s surveillance laws

  The European Court of Human Rights has made clear that the Snoopers’ Charter is an unlawful violation of people’s rights and freedoms  Continue Reading

• Security Think Tank: Supplement security with an MSSP to raise the bar

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Adopt a proactive approach to software vulnerabilities

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Four key steps to managing software vulnerabilities

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Four steps to managing software vulnerabilities

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Balancing cost and risk in software vulnerability management

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: No shortcuts to addressing software vulnerabilities

  What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: How to manage software vulnerabilities

  What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: How to achieve software hygiene

  What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Eight controls to manage software vulnerabilities

  What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Security Think Tank: Follow good practice to reduce risk of software vulnerabilities

  What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities?  Continue Reading

• Information security risk – keeping it simple

  Organisations should start with risk management to understand information security risks and communicate them better internally  Continue Reading

• Better the data you know – how GDPR is affecting UK tech companies

  As the dust settles from the General Data Protection Regulation, the implications for technology firms in the UK are becoming clearer  Continue Reading

• AI: Black boxes and the boardroom

  Computers can and do make mistakes and AI is only as good its training so relying purely on machine intelligence to make critical decisions is risky  Continue Reading

• Security Think Tank: Outsource security operations, not control

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Outsource responsibility, not accountability

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Almost all security can be outsourced, but not the risk

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Risk tolerance key to security outsourcing policy

  What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Top things to consider in security outsourcing

  What critical security controls can be outsourced, and how do organisations – SMEs in particular – maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: A risk-based approach to security outsourcing

  What critical security controls can be outsourced and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Security Think Tank: Not all security service providers are created equal

  What critical security controls can be outsourced, and how do organisations, SMEs in particular, maintain confidence that they are being managed effectively and appropriately?  Continue Reading

• Smart cities face challenges and opportunities

  IHS Markit analysts Noman Akhtar and Kevin Hasley assess the way forward for smart city technology projects around the world  Continue Reading

• Beyond GDPR: ePrivacy could have an even greater impact on mobile

  From how we monitor air pollution and manage our public transport systems, to how we enable connected cars and the next generation of 5G mobile services, the forthcoming ePR could have a lasting impact on European society  Continue Reading

• What the ICO's Facebook fine teaches us

  Legal expert Alexander Egerton considers whether the ICO’s planned £500,000 fine for Facebook is the precursor of a spate of increased fines across the board, or if it shows the ICO’s stance has not changed and will continue to target certain ...  Continue Reading

• Cyber security: A work in progress

  Piers Wilson, director of the Institute of Information Security Professionals, reflects on the findings of the latest IISP industry survey and suggests there is still more work to do  Continue Reading

• Security Think Tank: A good password policy alone is not enough

  In light of the fact that complex passwords are not as strong as most people think and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Cracking the code – what makes a good password?

  In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Some basic password guidelines

  In light of the fact that complex passwords are not as strong as most people think and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Passwords alone are not good enough

  In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Firms need to support good password practices

  In the light of the fact that complex passwords are not as strong as most people think and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: How to create good passwords and add security layers

  In light of the fact complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password - and when is a password alone not enough?  Continue Reading

• Security Think Tank: Complex passwords provide a false sense of security

  In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Use pass phrases and 2FA to beef up access control

  In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password – and when is a password alone not enough?  Continue Reading

• Security Think Tank: Put more layers around passwords to up security

  In light of the fact that complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Cyber security – why you’re doing it all wrong

  Most organisations can list the IT security tools and controls they have, so why do most of them still get the security basics wrong?  Continue Reading

• Digital transformation is just business change

  Don't always start with the technology if you're driving transformation, but always start with the business  Continue Reading

• Security Think Tank: GDPR requires unprecedented view of data flows

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Focus on data protection, but do not rely on DLP alone

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Understand data for risk-based protection

  Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Ignorance about data is tantamount to negligence

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Use data flow information to protect systems

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• GDPR – like a lot of regulation – will mostly benefit the big incumbents

  The law of unintended consequences applies to the new EU data protection laws, because the big players it seeks to regulate can better afford to comply  Continue Reading

• Security Think Tank: Data governance is essential to data security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Data controllers are essential in modern business environment

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Data governance is good for business and security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Information management means better security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• GDPR may not be perfect, but it’s an important milestone in data protection

  It's GDPR day, and TechUK's CEO Julian David writes about what is an important milestone in data protection in the digital world  Continue Reading

• Ethics and tech – a double-edged sword

  Just because a business activity is legal doesn’t mean it will be acceptable to customers, as the ethical debates in tech are proving  Continue Reading

• It’s not too late to get GDPR ready

  With the GDPR compliance deadline on 25 May 2018, there is little time to get ready, but it is not too late, according to the IAPP, which provides a checklist to help organisations ensure they are in the best position possible for the deadline  Continue Reading

• Hacking the internet of things just got easier – it’s time to look at your security

  Are you taking security for internet-connected devices seriously enough?  Continue Reading

• Security Think Tank: Five tips for killing the campers on your network

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Security Think Tank: More time equals more opportunity for cyber attackers

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Security Think Tank: Prevention and detection are key to limit dwell time

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Security Think Tank: Containment should be top priority in cyber breaches

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• Security Think Tank: Reducing cyber attacker dwell time is critical

  Why is reducing cyber attacker dwell time important, and how should it be tackled?  Continue Reading

• Security Think Tank: Reducing dwell has never been more important

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• Security Think Tank: GDPR compliance one good reason to cut attacker dwell time

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• GDPR and the right to erasure: hiding in the shadows or welcome shade?

  The European Union's new data protection laws introduce a right to be forgotten – but what does it means for corporate IT?  Continue Reading

• Security Think Tank: Reduce attacker dwell time with defence in depth

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• How a new ISO standard helps you take control of your IT assets

  The updated ISO standard 19770-1:2017 offers IT managers a way to bring their hardware and software assets under a single management standard  Continue Reading

• Security Think Tank: Use good practice to address cryptojacking risk

  How can organisations best defend against cryptojacking?  Continue Reading

• Lauri Love escaped extradition to the US - what does that mean for future cases?

  The US lost its attempt to extradite Lauri Love to face hacking charges in a landmark case. What will it mean for other UK citizens facing extradition?  Continue Reading

• Who do you trust to censor social media?

  Calls to censor Facebook and its rivals are growing – but society needs to consider carefully the motivations of those making such demands  Continue Reading

• Security Think Tank: Cryptojacking can be costly

  How can organisations best defend against cryptojacking?  Continue Reading

• Security Think Tank: Six tips for securing your organisation against cryptojacking

  How can organisations best defend against cryptojacking?  Continue Reading

• IoT security cannot be an afterthought: it must be the foundation of design

  As technologies for the internet of things mature, developers need to make security by design a fundamental part of their products  Continue Reading

• Why businesses must think like criminals to protect their data

  Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place  Continue Reading

• Security Think Tank: Deal with cryptojacking to avoid security vulnerability

  How can organisations best defend against cryptojacking?  Continue Reading

• Security Think Tank: User vigilance key to cryptojacking defence

  How can organisations best defend against cryptojacking?  Continue Reading

• Security Think Tank: Use awareness, education and controls to halt cryptojacking

  How can organisations best defend against cryptojacking?  Continue Reading

• How the IT sector can help plug the cyber security skills gap

  Businesses have a role to play in plugging the cyber security skills gap by engaging with future talent at a young age, providing more role models for under-represented groups, communicating the nature of the threat, and changing their approach to ...  Continue Reading

• SD-WAN needs software-defined security

  Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected  Continue Reading

• Australian firms need to move faster in the digital age

  Just over a tenth of IT professionals in Australia say their companies can roll out a new product in less than three months, despite operating in fast-moving markets with digitally savvy customers  Continue Reading

• Security Think Tank: Fileless malware not totally undetectable

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Awareness is a good starting point to counter fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Patch, scan and lock down to counter fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Human, procedural and technical response to fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Use layered security and patch management to defeat fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Multi-layered security key to fileless malware defence

  What should organisations do, at the very least, to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Aim to detect and contain fileless malware attacks quickly

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Social engineering at the heart of fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: How to tackle fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• GDPR gotchas and how to handle them

  We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018  Continue Reading

• Hawaii missile alert: Why the wrong guy was fired

  In January 2018, an employee at Hawaii’s emergency management agency sent out a false alarm of an imminent missile attack, and was subsequently fired – but perhaps poor system design is really to blame  Continue Reading

• Why police forces need to be honest about mass mobile phone surveillance

  Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency  Continue Reading

• Mobile biometrics set to be game-changer in APAC

  Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility  Continue Reading

• Security Think Tank: How to evolve SecOps capacity

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Take care of security basics before automating

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: How automation can reduce the load on the security operations team

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• 3, 2, 1, GDPR: How to be prepared on 25 May

  There are seven key areas organisations should review to ensure compliance with the General Data Protection Regulation, and even though the deadline is less than four months away, it is still not too late to start  Continue Reading

• Safer Internet Day: Building online safety practices with young people

  Many organisations around the UK are contributing to the important work on making the internet a safer place for everyone  Continue Reading