Opinion

Opinion

IT security

• Security Think Tank: Smart log monitoring and analysis key to security success

  How can log management be used to bolster information security and improve incident response without infringing user privacy?  Continue Reading

• Security Think Tank: Guidelines to enable security to get the most out of log management

  How can log management be used to bolster information security and improve incident response without infringing end user privacy?  Continue Reading

• Security Think Tank: Merging big data and security is the way to go

  How can log management be used to bolster information security and improve incident response without infringing user privacy?  Continue Reading

• Security Think Tank: Making the most of logs with SIEMs

  How can log management be used to bolster information security and improve incident response without infringing end user privacy?  Continue Reading

• EU General Data Protection Regulation comes into sharper focus

  European authorities have reiterated their resolve to reach an agreement by the end of 2015 on a new data protection law that will reach beyond Europe  Continue Reading

• The internet of things is an opportunity not a threat

  Businesses need to explain how they will use data generated by the internet of things to avoid public fears over how that data is used  Continue Reading

• Three things you may not know that DNS data can tell you

  Big data tools can help network administrators gather new insights into security and performance from DNS data  Continue Reading

• Closing the gaps in EU cyber security

  Inconsistent approaches to cyber security across Europe are undermining attempts to harmonise policy and preparedness in the EU  Continue Reading

• Security Think Tank: Proceed with caution using IP-based collaboration tools

  How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?  Continue Reading

• Security Think Tank: Keep it simple and risk-based to secure collaboration

  How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?  Continue Reading

• Security Think Tank: Select collaboration tools carefully to keep data secure

  How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?  Continue Reading

• How to secure the internet of things

  With the expansion of the IoT market, protecting the company's data and IP is more important than ever. Here are four ways organisations can put security at the core of the IoT value proposition  Continue Reading

• Security Think Tank: Think twice about unlimited collaboration

  How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?  Continue Reading

• Security Think Tank: No company is an island

  How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?  Continue Reading

• Know your cyber enemy inside and out

  Is there a different approach that can help stem the tide of cyber threats? Look to Sun Tzu's “Art of War”, writes Matt White  Continue Reading

• Five key points on supplier profiling of your business

  Big data can do many things, but should you be concerned about the big data that is extracted or exported by suppliers of devices and applications?  Continue Reading

• Security Think Tank: Preparation best way to avoid awkward security audits

  What is the role of information security professionals in handling uncomfortable truths about data security from internal auditors?  Continue Reading

• Can legislation stop cyber crime?

  Rising cyber crime suggests criminal law does not deter criminals and that a better legal solution is required to prevent further rises  Continue Reading

• Security Think Tank: Using audit reports as a communications tool

  What is the role of information security professionals in handling uncomfortable truths about data security from internal auditors?  Continue Reading

• Security Think Tank: Avoid the audit toxic cocktail of obfuscation and back-protecting

  What is the role of information security professionals in handling uncomfortable truths about data security from internal auditors?  Continue Reading

• Security Think Tank: Internal audit an essential component of data security

  What is the role of information security professionals in handling uncomfortable truths about data security from internal auditors?  Continue Reading

• Security Think Tank: Engage with auditors early to improve security

  What is the role of information security professionals in handling uncomfortable truths about data security from internal auditors?  Continue Reading

• Security Think Tank: Cyber security needs to start with the simple things

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• Security Think Tank: Education, process and technology key to security challenge

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• Security Think Tank: Enhanced cyber security requires change in attitude

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• Security Think Tank: Carbanak requires people, process and tech, but mostly people

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• Security Think Tank: Carbanak attacks highlight need for tech and process review  

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• Security Think Tank: People and process remain the soft underbelly of banks

  Does the theft of $1bn from global financial firms by the Carbanak gang show it is time to seek new technologies or improve business processes?  Continue Reading

• The bad theatre of the Intelligence and Security Committee

  The report of the Intelligence and Security Committee was like a piece of bad theatre  Continue Reading

• Drones – taking off or staying grounded?

  While excitement grows in anticipation of potential mass adoption of drones, the industry has to overcome hurdles in the form of regulation  Continue Reading

• Drones in UK skies: an increasingly crowded regulatory airspace

  With drones becoming commonplace in the UK, the law has been required to evolve and play catch-up  Continue Reading

• Sony attack raises questions about how to protect internet assets

  In the light of 2014's cyber attack on Sony Pictures, what can every company do to ensure they are more prepared for this kind cyber assault?  Continue Reading

• Security Think Tank: Use the Sony breach to plan for the worst

  In the light of the 2014 cyber attack on Sony Pictures, what can every company do to ensure they are more prepared for this kind cyber assault?  Continue Reading

• Security Think Tank: Four steps to defend against cyber attack 

  Last November’s cyber attack on Sony Pictures made clear we need to be able to repel the threat from nation states as well as criminals  Continue Reading

• Security Think Tank: Lessons to be learned from Sony breach

  In the light of November 2014’s cyber attack on Sony Pictures, what can every company do to ensure they are more prepared for this kind cyber assault?  Continue Reading

• Security Think Tank: Sony employee lawsuit over data breach marks watershed moment

  In the light of the cyber attack on Sony, what can every company do to ensure they are more prepared for this kind of assault?  Continue Reading

• Five questions every board should ask after Sony Pictures breach

  What can the board do to avoid having to answer embarrassing questions at the next shareholder meeting?  Continue Reading

• Driving Innovation with big data

  Rather than refusing the wider use of data outside the organisation, only by opening it up to third parties can we realise its true value  Continue Reading

• Security Think Tank: Prepare the defences for wiper malware

  To what extent should businesses worry about destructive, computer-killing malware, and what steps should they take to mitigate such attacks?  Continue Reading

• Security Think Tank: How to prepare for computer-killing malware

  To what extent should businesses worry about computer-killing malware and what steps should they take to mitigate such attacks?  Continue Reading

• Security Think Tank: Monitoring and response capabilities key to mitigating cyber attack

  To what extent should businesses worry about malware and what steps should they take to mitigate such attacks?  Continue Reading

• Security Think Tank: Sony attack a reminder to protect company data

  To what extent should businesses worry about destructive, computer-killing malware?  Continue Reading

• Security Think Tank: Mitigation strategies for data-wiping malware

  How much should businesses worry about computer-killing malware? And what steps should they take to mitigate such attacks?  Continue Reading

• A blueprint for taking back control of email as a communication channel 

  A global blueprint for combating fraudulent email and taking back control of email as a communication channel  Continue Reading

• The internet of things: a second digital revolution worth trillions

  The government’s chief scientific adviser has released his long-awaited review on the internet of things  Continue Reading

• The legal issues facing UK businesses from wearable technology

  It is inevitable that wearable technology will be used more frequently in the workplace - but what are the legal considerations?  Continue Reading

• US technology companies facing growing UK pressure over internet spying

  Tension is growing between the UK and US over Prism spying  Continue Reading

• The cyber security outlook for 2015

  The cyber security landscape will evolve rapidly and attacks will increase in number and sophistication, from a wider range of sources  Continue Reading

• Security Think Tank: Data security basics for SMEs

  How can SMEs afford security that is good enough?  Continue Reading

• Security Think Tank: Making SME information security affordable

  How can SMEs afford security that is good enough?  Continue Reading

• Security Think Tank: How to make Cyber Essentials work for SME security

  How can SMEs afford security that is good enough?  Continue Reading

• Security Think Tank: SME security on a shoestring budget

  How can SMEs afford security that is good enough?  Continue Reading

• Security Think Tank: SME security questions to consider

  How can SMEs afford security that is good enough?  Continue Reading

• Security Think Tank: SMEs should put information and people at heart of security strategy

  How can SMEs afford security that is good enough?  Continue Reading

• A phisher’s paradise

  Email is one of the earliest services created on the internet and, arguably, remains the most important  Continue Reading

• Security Think Tank: Use vulnerability management for Shellshock

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Are ex-hackers the answer to addressing the cyber security skills gap?

  Harnessing existing expertise could address the demand for competence in countering cyber security threats  Continue Reading

• Security Think Tank: Patch Shellshock vulnerability without delay

  What steps should businesses take to assess their vulnerability to the Shellshock Bash bug and patch vulnerable systems?  Continue Reading

• Security Think Tank: Isaca guide on tackling Shellshock

  What steps should businesses take to assess the true scope of their vulnerability to the Shellshock Bash bug?  Continue Reading

• Security Think Tank: Businesses cannot afford to be complacent about Shellshock

  What steps should businesses take to assess their vulnerability to the Shellshock Bash bug and patch vulnerable systems?  Continue Reading

• Security Think Tank: Shellshock – check, patch, monitor

  What steps should businesses take to assess their vulnerability to the Shellshock Bash bug and patch vulnerable systems?  Continue Reading

• Security Think Tank: Lessons from Shellshock

  What steps should businesses take to assess their vulnerability to the Shellshock Bash bug and patch vulnerable systems?  Continue Reading

• Security Think Tank: Guidelines for dealing with Shellshock

  What steps should businesses take to assess the true scope of their vulnerability to the Shellshock Bash bug?  Continue Reading

• Security Think Tank: Seven strategies for limiting cloud data leakage

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Why digital governance and data protection matters

  In a digital world, new approaches to data protection and governance are vital for minimising risks and maximising performance  Continue Reading

• Security Think Tank: Three-pronged approach to cloud security

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Control smart devices and apps like the rest of ICT

  What can IT security teams do to ensure users are not unwittingly synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Three ways to reduce risk of cloud data leaks

  How can IT security teams ensure users are not synchronising sensitive corporate data to insecure cloud backup services?  Continue Reading

• Security Think Tank: Use governance strategy to manage cloud backups

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Security Think Tank: Celebrity photo leaks highlight cloud security issues

  What can IT teams do to ensure users are not synchronising sensitive corporate data to insecure cloud services?  Continue Reading

• Disaster recovery for the masses?

  Can DR cover most applications, or is it still just for mission-critical services, asks analyst Tony Lock  Continue Reading

• What to expect from Europe’s NIS Directive

  With cyber crime on the rise, the European Union is trying to fight back with its NIS Directive. The five main points are oulined here  Continue Reading

• Balancing user desires with business needs

  With users increasingly taking IT decisions into their own hands, businesses need to try harder to keep up  Continue Reading

• Security Think Tank: CIOs – demand an automated, standardised integration

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Eight steps to extending IAM to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Apply internal security rules to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Extending IAM controls to third parties

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: IAM can improve security and cut costs

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Pseudonimity key to extending IAM reach

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• PSN makes changes to reduce risk

  Director and head of compliance, PSNGB, Adele Parker, talks about how PSN will transport the bulk of government information  Continue Reading

• Security Think Tank: Extending IAM to third parties is not about IT alone

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• How to make IT governance work

  Governance is undoubtedly an important subject for any organisation, but what does it really involve?  Continue Reading

• Security Think Tank: Design and build in security and resilience from the start

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: Cyber security resilience: Prepare, Share, Test

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: How to build a resilient defence against cyber attacks

  How to build a resilient case against cyber attacks  Continue Reading

• Security Think Tank: For cyber resilience, assume the worst

  How can organisations build cyber security resilience?  Continue Reading

• How to source cyber threat intelligence

  Some pointers on how to select the best sources of cyber threat intelligence  Continue Reading

• Resilience is both a technical and a business responsibility

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: Resilience is about understanding the real threat

  How can organisations build cyber security resilience?  Continue Reading

• The legal considerations of the internet of things

  As with many new technologies, there are a number of tricky legal challenges to consider as part of widespread IoT adoption  Continue Reading

• When consumer grade doesn't make the grade

  For Doug Miles, director of market intelligence at AIIM, new data proves the importance of providing safe data-sharing options  Continue Reading

• Security Think Tank: What should be in an incident response plan

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Minor failings can trigger major data breaches

  It’s not just the big data breach risks that matter – ignore the near misses and the minor policy infractions and you will end up with a major incident  Continue Reading

• Security Think Tank: Key elements of an incident response plan

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Ready for your data breach moment?

  Sooner or later, you will have to deal with a data breach. Do you have an incident response plan ready that will limit the repercussions?  Continue Reading

• Security Think Tank: Three steps to effective incident response

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Incident response – prepare, test, and test again

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Planning key to incident response

  What does a good information security incident response plan look like?  Continue Reading

• Cyber risk and the UK’s Cyber Essentials Scheme

  Cyber risk is on the radar as a threat to business and private life, and it is also grabbing the attention of governments  Continue Reading

• It’s time to add cyber insurance to your cyber security strategy

  Insurance policies for cyber crime have become more credible and viable  Continue Reading