Opinion
Opinion
Privacy and data protection
-
The fight against cyber crime: Why cooperation matters
With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today Continue Reading
-
Security Think Tank: Facing the challenge of zero trust
In theory, the elimination of trust on the network simplifies IT security, but zero trust also brings new complications and new challenges. How should CISOs go about moving their organisations from traditional network security to a zero-trust ... Continue Reading
-
Security Think Tank: Bug bounties are changing the image of hackers
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Teens in basements don’t represent a positive security culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think-Tank: Tackle insider threats to achieve data-centric security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Learning from the Travelex cyber attack: Failing to prepare is preparing to fail
The key lesson to take from the Travelex breach is that an effective response to a breach is a critical business function and no longer the sole province of the IT department Continue Reading
-
Security Think Tank: Hooded hackers? More like ruthless competitors
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Changing attitudes to cyber is a team sport
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Hero or villain? Creating a no-blame culture
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Get your users to take pride in security
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Let’s call time on inciting fear among users
The traditional picture of a hacker is of a script kiddie in a hoodie hunched over a computer keyboard, but this stereotype is stale and outdated. Is it time to move away from a fear-based approach to security? Continue Reading
-
Security Think Tank: Put information at the heart of security
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Can Europe legally share data with the US? A court far away is about to decide
The European Court of Justice will deliver an opinion on whether Europe can legally continue to send private data about European citizens to the US Continue Reading
-
Security Think Tank: Data-centric security requires a holistic approach
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
We can’t allow fake news and disinformation to upend our democracy
Fake news, misinformation and cyber attacks are part of our political process – now is the time to act Continue Reading
-
Security Think Tank: Data-centric security requires context and understanding
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Security Think Tank: Risk-based response critical to protect data
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
The art of surveillance: the Stasi archives and the Investigatory Powers Act
A photographic exhibition captures the chilling impact of surveillance in the UK and the former German Democratic Republic Continue Reading
-
Security Think Tank: Is data more or less secure in the cloud?
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Security Think Tank: Time for a devolution of responsibility
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Security Think Tank: Optimise data-centric strategies with AI
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Cyber security: How to avoid a disastrous PICNIC
Fieldfisher’s David Lorimer examines how individual employees often facilitate cyber attacks, and what can be done to reduce the risk Continue Reading
-
Security Think Tank: In-depth protection is a matter of basic hygiene
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but ... Continue Reading
-
Security Think Tank: Stopping data leaks in the cloud
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Security Think Tank: Base cloud security posture on your data footprint
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Security Think Tank: Cloud security is a shared responsibility
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Security in the supply chain – a post-GDPR approach
A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher's James Walsh reviews the fundamentals of supply chain security Continue Reading
-
What changes are needed to create a cyber-savvy culture?
PA Consulting's Cate Pye considers the people and process changes that are necessary to build a security aware business culture Continue Reading
-
Security Think Tank: Adapt security posture to your cloud model
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Security Think Tank: In the cloud, the buck stops with you
Misconfigured cloud environments are increasingly identified as the source of damaging data breaches and leaks, raising serious questions for enterprises. Where does responsibility for data security in the cloud lie, and how can security ... Continue Reading
-
Gartner: Three Barriers to AI Adoption
CIOs are set to include artificial intelligence in their IT strategy. Technical, legislative and cultural challenges could influence their AI ambitions Continue Reading
-
Security Think Tank: Embed security professionals in your risk strategy
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Security Think Tank: Risk management must go beyond spreadsheets
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Security Think Tank: Consider risk holistically, not just from an IT angle
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision making? Continue Reading
-
Security Think Tank: The operational approach to integrated risk management
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Security Think Tank: Get basic security policy right, and the rest will follow
Paying attention to basic aspects of cyber security such as policy and permission will give you a sold base to build from Continue Reading
-
Security Think Tank: Risk is unavoidable in digital transformation
How can security professionals help their organisations move from traditional governance, risk and compliance to integrated risk management that integrates risk activities from across an organisation to enable better strategic decision-making? Continue Reading
-
Regulators globally are shaping up to rein in Facebook
We need to move fast and fix Facebook, before it breaks us Continue Reading
-
Security Think Tank: The case for blockchain-based identity
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Too soon to dismiss blockchain in cyber security
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Use blockchain for integrity and immutability checks
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Blockchain is not for everyone, so look carefully before you leap
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Blockchain utility depends on business type and cost
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Risk mitigation is key to blockchain becoming mainstream
What are the best and most effective ways information security professionals can use blockchain technology? Continue Reading
-
Security Think Tank: Data architects should be key allies of infosec pros
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Balancing data accessibility with security controls
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Security is a business, not an IT function
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Dialogue between data architects and security leads is essential
How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: Close interdisciplinary ties are key to security integration
How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Security Think Tank: CIA at heart of infosec-data architect partnership
How can infosec professionals and data architects work together to support business goals and achieve a good level of cyber security? Continue Reading
-
Would you trust a criminal with your cyber security?
Several industry sectors have set a good example by hiring ex-offenders, and the cyber security industry could benefit in similar ways by looking at members of the hacker community Continue Reading
-
Security Think Tank: Engage business to address commercial risk
What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Translating GDPR compliance into business benefits
What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Aligning data privacy with business objectives
What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Don’t dismiss the business benefits of GDPR
What strategies can infosec pros use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Align compliance objectives with business goals
What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Changing the GDPR focus to business benefit
What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Benefits of GDPR compliance
What strategies can information security professionals use to shift focus from General Data Protection Regulation fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Embrace data protection as a necessary business process
What strategies can information security professionals use to shift focus from GDPR fines to enabling business gains and success, changing the way data is used, and aligning data privacy with business purpose? Continue Reading
-
Security Think Tank: Business needs to see infosec pros as trusted advisers
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Security risk ratings key to security/business understanding
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Focus on business impact and likelihood of cyber attacks
How can cyber security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Frame cyber security impacts in business contexts
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Security Think Tank: Infosec letter to the board
How can security professionals communicate effectively with the board and senior business leaders – what works and what doesn’t? Continue Reading
-
Is GDPR worth the cost?
Regulations have costs, which are meant to be recouped by the expected benefits. But who decides whether this is a good deal? Ultimately, it’s you Continue Reading
-
Are there any positives from the first year of GDPR?
A year has passed since the new EU data protection law came into force. What have we learned in that time that can help organisations deliver benefits from the regulation? Continue Reading
-
Security Think Tank: How to realise the benefits of security zoning
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Benefits and challenges of security segmentation
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
Security Think Tank: Cyber attack survival not a matter of luck
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Aim for integrated resilience, continuity and recovery
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Security Think Tank: Incident response vital to guard against catastrophic cyber attack
How should businesses plan to survive a potential cyber attack extinction event? Continue Reading
-
Why cyber security needs to be prioritised at board level
Despite the rising number of headline-grabbing security breaches, many company executives are still not prioritising cyber security in the boardroom Continue Reading
-
Mind the Brexit gap in cyber security
Leaving the EU could mean a new cyber security regime for the UK – firms need to understand how the changes might affect them Continue Reading
-
Growing board focus on cyber risk challenges current thinking
As digital transformation continues to drive change in the business and risk landscape, business and cyber security leaders need to improve discussions around this topic Continue Reading
-
Security Think Tank: Map your own important risk metrics
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Financial loss as a key security risk indicator
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: No one key risk indicator is generic across all businesses
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Key considerations for determining cyber risk
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Five elements of a key cyber risk indicator
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Aim for business intelligence-driven system of risk indicators
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Invest in proactive approach to security and digital risk
What should be the key cyber security risk indicator for any business? Continue Reading
-
Security Think Tank: Cyber metrics need to be meaningful
What should be the key cyber security risk indicator for any business? Continue Reading
-
Wearable technology in the workplace and data protection law
Wearable technology is slowly creeping into the workplace to monitor staff performance and health, but do employers understand the legal implications? We assess the data protection implications Continue Reading
-
Breaking the chains: How FUD is holding the cyber sector hostage
The cyber security industry must move past fear tactics and get back to the basics of good cyber security practice Continue Reading
-
Security Think Tank: UTM a key part of a well-rounded security strategy
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: No tech will ever counter-balance poorly implemented processes
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Know strengths and weaknesses of UTM systems
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Approach UTM with caution
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Focus UTM capabilities on security and business needs
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Many routes to UTM to boost security capabilities
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Security Think Tank: Arguments for and against unified threat management
How can organisations best use unified threat management tools to help stem the tide of data breaches? Continue Reading
-
Brexit and data protection: What’s next?
PA Consulting assesses how a no-deal Brexit would affect the flow of data from the UK into and out of Europe Continue Reading
-
Security Think Tank: Cloud tech helps to protect advanced networks
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Facebook’s high-stakes privacy gamble goes to Dublin court
A high-wire gamble with billions in compensation at stake for European internet users – part of a complex case between Facebook and the Irish information commissioner – hides challenge to the unlawfulness of US state internet surveillance Continue Reading
-
Security Think Tank: Walk before you run
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Apply different techniques to safeguard against rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Combine SDN, containerisation and encryption to halt rogue code
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
Security Think Tank: Creative thinking key to meeting emerging security challenges
How can organisations combine software-defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading
-
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
-
Security Think Tank: Meeting the security challenge of multiple IT environments
How can organisations combine software defined networking, containerisation and encryption to prevent rogue code from running freely across a corporate network? Continue Reading