Opinion

Opinion

IT security

• Security Think Tank: Multi-layered security key to fileless malware defence

  What should organisations do, at the very least, to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Aim to detect and contain fileless malware attacks quickly

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Social engineering at the heart of fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: How to tackle fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• GDPR gotchas and how to handle them

  We look at common problems organisations encounter when dealing with the EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018  Continue Reading

• Hawaii missile alert: Why the wrong guy was fired

  In January 2018, an employee at Hawaii’s emergency management agency sent out a false alarm of an imminent missile attack, and was subsequently fired – but perhaps poor system design is really to blame  Continue Reading

• Why police forces need to be honest about mass mobile phone surveillance

  Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency  Continue Reading

• Mobile biometrics set to be game-changer in APAC

  Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility  Continue Reading

• Security Think Tank: How to evolve SecOps capacity

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Take care of security basics before automating

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: How automation can reduce the load on the security operations team

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• 3, 2, 1, GDPR: How to be prepared on 25 May

  There are seven key areas organisations should review to ensure compliance with the General Data Protection Regulation, and even though the deadline is less than four months away, it is still not too late to start  Continue Reading

• Safer Internet Day: Building online safety practices with young people

  Many organisations around the UK are contributing to the important work on making the internet a safer place for everyone  Continue Reading

• Security Think Tank: Approaches to strengthening security operations

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Automating basic security tasks

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Don’t automatically automate security

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Establish best practice before automating security processes

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Humans and AI machines in harmony

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Zero in on your zero-day vulnerabilities

  A zero-day attack comes, by definition, out of the blue. You cannot predict its nature or assess how much damage it might cause, but you can take some basic steps to protect yourself from a potentially crippling cyber strike  Continue Reading

• What a year it’s been for tech in the UK

  2017 was the year technology rose to prominence in government and business agendas – and the sector needs to keep that momentum going into 2018  Continue Reading

• How to futureproof your career as a CIO

  Many CIOs have yet to earn the right to be on the board. How can IT leaders upgrade their business acumen, to benefit their own careers and the health of their employer?  Continue Reading

• Security Think Tank: Encourage employees to use an approved messaging app

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Use policy and guidance to help secure messaging apps

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Educate, enforce policy and monitor to ensure messaging security

  What criteria should organisations use to assess the security of smartphone messaging apps, and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Policy key to limiting messaging app security risks

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Ensure incident response in the face of inevitable messaging leaks

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Government’s cyber security policy: decide or delay?

  The UK government is leaving too many of its options open and needs to implement effective cyber security rules now  Continue Reading

• Security Think Tank: Four steps to securing messaging apps

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Use technical controls and policy to secure messaging apps

  What criteria should organisations use to assess the security of smartphone messaging apps and how can they ensure only approved apps are used by employees?  Continue Reading

• Security Think Tank: Three things to do differently to secure websites in the cloud

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• My brother Lauri Love should have the right to a trial in the UK

  Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister  Continue Reading

• Why UK police are learning cyber forensics

  The need for the UK police force to conduct forensic investigations on computers is nothing new, but a rapid escalation of cyber crime has demanded a different approach  Continue Reading

• Why Europe’s GDPR privacy regulation is good for business

  Organisations will need to become more sensitive about the way they handle personal information, but the General Data Protection Regulation (GDPR) also makes good business sense  Continue Reading

• Security Think Tank: Web security guidelines from FS-ISAC

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• A guide for businesses to China’s first cyber security law

  Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed  Continue Reading

• Security Think Tank: Web security down to good risk management

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Approaches to effective web security

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Look at full security development lifecycle to reduce web threats

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Risk assess all web connections to shore up security

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Three areas of web security challenges

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Dmarc email validation – we're doing it all wrong

  Dmarc is a hugely important way to reduce email fraud – just ask HMRC – but it also makes email marketing campaigns far more effective  Continue Reading

• Security Think Tank: Secure your web applications without prejudice

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Web opportunities must be met with appropriate security controls

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• Security Think Tank: Starter for 10 in the web security challenge

  What are the main web security challenges for organisations and how are they best addressed?  Continue Reading

• A history of hacking and hackers

  A security professional’s view on criminal hacking has shifted away from the traditional stereotype of the hacker, towards a much more diverse cross-section of wider society  Continue Reading

• Is it time to stop blaming organisations for being breached?

  The IT security industry needs to look at itself and its practices before blaming organisations that have been hit by cyber attacks  Continue Reading

• How will the UK supercharge its digital economy?

  The country needs to focus on the key issues it faces to make the most of the opportunities presented by the digital revolution  Continue Reading

• Will the review of Gov.uk Verify fix the UK's digital identity problems?

  The rumoured review of the UK government’s identity assurance programme provides the ideal opportunity to fix problems and accelerate progress  Continue Reading

• Security Think Tank: If you are not measuring, are you really defending?

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Security Think Tank: Security analytics helps find needles in haystacks

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Max Schrems’s mass surveillance complaint knocked back another year or two by Irish judge

  Irish data protection commissioner Helen Dixon has neatly avoided having to deal with the US surveillance of Facebook users in Europe by referring a complaint by Austrian lawyer Max Schrems to the European Court of Justice  Continue Reading

• Security Think Tank: Be selective when it comes to security analytics

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Security Think Tank: Security analytics can provide serious value

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Security Think Tank: Security analytics augments human capabilities

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Is the tide going out for transatlantic data flows?

  Businesses face new uncertainty over their ability to share data with the US, as Europe’s highest court reassesses the legality of the EU’s model data-sharing contracts  Continue Reading

• Security Think Tank: Security analytics may not be for everyone

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Security Think Tank: Security analytics requires talent and experience

  What are the main challenges that security analytics can be used to address?  Continue Reading

• Security Think Tank: Security analytics needs serious resources

  What are the main challenges that security analytics can be used to address?  Continue Reading

• How and why to conduct a cyber threat and risk analysis

  An ethical hacker’s insights into how and why organisations should conduct a cyber threat and risk analysis based on nine years’ experience conducting penetration tests for hundreds of organisations  Continue Reading

• GDPR for the CIO: Data protection is about more than GDPR compliance

  If you approach GDPR as if compliance is all that matters, then you're bound to fail – data protection should be at the heart of business strategy  Continue Reading

• Passive optical LAN: When network speed, bandwidth and security matter

  Copper-based local area networks are increasingly unfit for purpose in a digital enterprise, but passive optical LANs may be a solution. Tech evangelist Paul Ryan, European chair of the Association of Passive Optical LAN, explains why  Continue Reading

• More hospitals in APAC adopting IT to bolster patient care

  Healthcare providers in the APAC region are looking to the cloud and big data analytics to enhance services and lower cost  Continue Reading

• Security Think Tank: Cyber resilience cheaper than attack recovery

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Legal hurdles cloud Max Schrems complaint over US spying

  The Irish High Court in Dublin has embarked on a long hearing into the legality of standard contractual clauses. It is a sideshow from the real issue – the legality of US surveillance in the UK and Ireland  Continue Reading

• Security Think Tank: Four simple ways of blocking cyber attackers

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Security Think Tank: Six ways to boost cyber resilience

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Security Think Tank: Strategies for surviving a cyber attack

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Security Think Tank: Patching, backup and access control key to resilience

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Security Think Tank: Resilience means preparing for unpreventable cyber threats

  What key things should organisations be doing in terms of cyber defences to ensure they are resilient?  Continue Reading

• Security Think Tank: Look to frameworks, guidance and legislation to boost resilience

  What key things should organisations be doing in terms of cyber defences to ensure they are robust/resilient?  Continue Reading

• The NIS Directive: the implications for UK technology businesses

  With the European Union NIS Directive to be implemented into UK law in May 2018, it is important for technology companies to ascertain if and how they will be affected  Continue Reading

• Security Think Tank: No one-size-fits-all security solution

  What key things should organisations be doing in terms of cyber defences to ensure they are robust/resilient?  Continue Reading

• The Data Protection Bill is about securing UK data leadership

  The UK's new data protection legislation is vital to a successful Brexit and for continued UK leadership in technology  Continue Reading

• Security Think Tank: Use a combination of approaches to create cyber safe work environments

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Five security controls to keep employees out of cyber firing line

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Use the work environment to educate on cyber security

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Are employees cyber pawns or cyber heroes?

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Employees should only have to worry about social engineering

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Is a ‘cyber-safe working environment’ a reasonable target?

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: Employees are in the cyber attack firing line, so educate them well

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Security Think Tank: People are part of security, but should not be key element

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• IoT is good news for hackers

  Technology companies, governments and the insurance industry need to band together to counter the mounting cyber threats from the internet of things  Continue Reading

• Security Think Tank: Security is a shared responsibility

  What are the best types of security controls organisations should be using to ensure a safe working environment for employees?  Continue Reading

• Security Think Tank: Avoiding the blame game

  What are the best security controls to ensure a safe working environment where employees do not have the unfair pressure of being the first line of cyber defence?  Continue Reading

• Criminal law: Are Twitter threats taken seriously?

  As threats of violence become increasingly common online, law enforcement is taking stronger action against the perpetrators  Continue Reading

• Why GDPR is so relevant to the business

  The GDPR is not only relevant to CISOs and DPOs, and has a massive impact on businesses  Continue Reading

• Security Think Tank: Five things businesses can do to protect from cyber attack

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Nine key elements to an effective patching regime

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Focus on high risk by automating low-risk patching

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Patching is vital and essentially a risk management exercise

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Can low-cost security defeat malware?

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Key coping strategies for effective patch management

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Apply risk-based approach to patch management

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Security Think Tank: Strategise, prioritise, automate and use cloud to improve patching

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• Energy and healthcare primed for blockchain disruption

  Blockchain applications are upending traditional industries, with startup activity expected to ramp up in years to come  Continue Reading

• Security Think Tank: Ad hoc patching is inadequate

  How should organisations address the need to keep software up to date with security patches without it costing too much or being too labour intensive?  Continue Reading

• GDPR: Five myths you will encounter on your compliance journey

  The General Data Protection Regulation comes into force in May 2018. We explore common myths surrounding GDPR  Continue Reading

• Rethink risk through the lens of antifragility

  Antifragility is an exciting alternative that fuses value and risk, and CIOs and IT executives are well positioned to help  Continue Reading

• Security Think Tank: Scan, educate and back up to block email threats

  What strategies should organisations follow to block malware attachments which continue to account for two-thirds of malware infections that result in data breaches?  Continue Reading