Opinion

Opinion

Privacy and data protection

• Security Think Tank: A good password policy alone is not enough

  In light of the fact that complex passwords are not as strong as most people think and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Cracking the code – what makes a good password?

  In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Passwords alone are not good enough

  In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: How to create good passwords and add security layers

  In light of the fact complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password - and when is a password alone not enough?  Continue Reading

• Security Think Tank: Complex passwords provide a false sense of security

  In the light of the fact that complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: Use pass phrases and 2FA to beef up access control

  In light of the fact complex passwords are not as strong as most people think, and that most password strategies inevitably lead to people following them blindly, what actually makes a good password – and when is a password alone not enough?  Continue Reading

• Security Think Tank: Put more layers around passwords to up security

  In light of the fact that complex passwords are not as strong as most people think and most password strategies inevitably lead to people following them blindly, what actually makes a good password and when is a password alone not enough?  Continue Reading

• Security Think Tank: GDPR requires unprecedented view of data flows

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Focus on data protection, but do not rely on DLP alone

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Understand data for risk-based protection

  Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Ignorance about data is tantamount to negligence

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Use data flow information to protect systems

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• GDPR – like a lot of regulation – will mostly benefit the big incumbents

  The law of unintended consequences applies to the new EU data protection laws, because the big players it seeks to regulate can better afford to comply  Continue Reading

• Security Think Tank: Data governance is essential to data security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Data controllers are essential in modern business environment

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Data governance is good for business and security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest, and what is the best way of achieving this?  Continue Reading

• Security Think Tank: Information management means better security

  Why is it important to know where data flows, with whom it's shared and where it lives at rest – and what is the best way of achieving this?  Continue Reading

• GDPR may not be perfect, but it’s an important milestone in data protection

  It's GDPR day, and TechUK's CEO Julian David writes about what is an important milestone in data protection in the digital world  Continue Reading

• Ethics and tech – a double-edged sword

  Just because a business activity is legal doesn’t mean it will be acceptable to customers, as the ethical debates in tech are proving  Continue Reading

• It’s not too late to get GDPR ready

  With the GDPR compliance deadline on 25 May 2018, there is little time to get ready, but it is not too late, according to the IAPP, which provides a checklist to help organisations ensure they are in the best position possible for the deadline  Continue Reading

• Hacking the internet of things just got easier – it’s time to look at your security

  Are you taking security for internet-connected devices seriously enough?  Continue Reading

• Security Think Tank: Five tips for killing the campers on your network

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Security Think Tank: More time equals more opportunity for cyber attackers

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Security Think Tank: Containment should be top priority in cyber breaches

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• Security Think Tank: Reducing cyber attacker dwell time is critical

  Why is reducing cyber attacker dwell time important, and how should it be tackled?  Continue Reading

• Security Think Tank: Reducing dwell has never been more important

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• Security Think Tank: GDPR compliance one good reason to cut attacker dwell time

  Why is reducing cyber attacker dwell time important, and how should this be tackled?  Continue Reading

• GDPR and the right to erasure: hiding in the shadows or welcome shade?

  The European Union's new data protection laws introduce a right to be forgotten – but what does it means for corporate IT?  Continue Reading

• Security Think Tank: Reduce attacker dwell time with defence in depth

  Why is reducing cyber attacker dwell time important and how should this be tackled?  Continue Reading

• Who do you trust to censor social media?

  Calls to censor Facebook and its rivals are growing – but society needs to consider carefully the motivations of those making such demands  Continue Reading

• Why businesses must think like criminals to protect their data

  Cyber criminals use three main methods of operation to steal commercial data. Understanding their mindset can help organisations put the right defences in place  Continue Reading

• Security Think Tank: Deal with cryptojacking to avoid security vulnerability

  How can organisations best defend against cryptojacking?  Continue Reading

• How the IT sector can help plug the cyber security skills gap

  Businesses have a role to play in plugging the cyber security skills gap by engaging with future talent at a young age, providing more role models for under-represented groups, communicating the nature of the threat, and changing their approach to ...  Continue Reading

• SD-WAN needs software-defined security

  Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected  Continue Reading

• Security Think Tank: Awareness is a good starting point to counter fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Human, procedural and technical response to fileless malware

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: Social engineering at the heart of fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Security Think Tank: How to tackle fileless malware attacks

  What should organisations do at the very least to ensure business computers are protected from fileless malware?  Continue Reading

• Hawaii missile alert: Why the wrong guy was fired

  In January 2018, an employee at Hawaii’s emergency management agency sent out a false alarm of an imminent missile attack, and was subsequently fired – but perhaps poor system design is really to blame  Continue Reading

• Why police forces need to be honest about mass mobile phone surveillance

  Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency  Continue Reading

• Mobile biometrics set to be game-changer in APAC

  Telcos, financial institutions and other industry players risk losing market share if they do not keep up with the demand for security, convenience and mobility  Continue Reading

• Security Think Tank: Take care of security basics before automating

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• 3, 2, 1, GDPR: How to be prepared on 25 May

  There are seven key areas organisations should review to ensure compliance with the General Data Protection Regulation, and even though the deadline is less than four months away, it is still not too late to start  Continue Reading

• Security Think Tank: Approaches to strengthening security operations

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Europe’s shameful role in spy-tech exports that led to torture and jail

  Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of ...  Continue Reading

• Security Think Tank: Automating basic security tasks

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Don’t automatically automate security

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Security Think Tank: Humans and AI machines in harmony

  How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments?  Continue Reading

• Zero in on your zero-day vulnerabilities

  A zero-day attack comes, by definition, out of the blue. You cannot predict its nature or assess how much damage it might cause, but you can take some basic steps to protect yourself from a potentially crippling cyber strike  Continue Reading

• My brother Lauri Love should have the right to a trial in the UK

  Lauri Love should face trial over hacking allegations in a British Court, rather than be extradited to the US, where his extraordinary skills will be lost to society, says his younger sister  Continue Reading

• Why UK police are learning cyber forensics

  The need for the UK police force to conduct forensic investigations on computers is nothing new, but a rapid escalation of cyber crime has demanded a different approach  Continue Reading

• A guide for businesses to China’s first cyber security law

  Companies that break China’s new cyber security law may be fined or even have their licence to trade in the country removed  Continue Reading

• A history of hacking and hackers

  A security professional’s view on criminal hacking has shifted away from the traditional stereotype of the hacker, towards a much more diverse cross-section of wider society  Continue Reading

• Criminal law: Are Twitter threats taken seriously?

  As threats of violence become increasingly common online, law enforcement is taking stronger action against the perpetrators  Continue Reading

• The internet of things: an overview

  Despite security and other concerns, there are many benefits associated with embracing the internet of things  Continue Reading

• Security Think Tank: Risk of DNS attacks goes beyond websites

  What are the main security risks associated with DNS and how are these best mitigated?  Continue Reading

• Security Think Tank: Top three DNS-related security risks

  What are the main security risks associated with the domain name system and how are these best mitigated?  Continue Reading

• Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition

  Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon  Continue Reading

• Consumer identity management is the core of real CRM

  IAM + CRM is much more than simply IAM for external users, says Ivan Niccolai  Continue Reading

• Six essential processes for keeping data secure

  Data security is increasingly vital for organisations as the countdown begins for compliance with new rules imposed by the EU’s general data protection regulation  Continue Reading

• Security Think Tank: Many breaches down to poor access controls

  In the modern business environment, what are the most common access control mistakes – and how best are these corrected?  Continue Reading

• The problem with passwords: how to make it easier for employees to stay secure

  An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems  Continue Reading

• Security Think Tank: Top five access control mistakes

  In the modern business environment, what are the most common access control mistakes and what is the best way to correct them?  Continue Reading

• Life’s a breach: How to handle the press after a hacking attack

  Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines  Continue Reading

• Can legislation stop cyber crime?

  Rising cyber crime suggests criminal law does not deter criminals and that a better legal solution is required to prevent further rises  Continue Reading

• Five questions every board should ask after Sony Pictures breach

  What can the board do to avoid having to answer embarrassing questions at the next shareholder meeting?  Continue Reading

• The legal considerations of the internet of things

  As with many new technologies, there are a number of tricky legal challenges to consider as part of widespread IoT adoption  Continue Reading

• Should you allow a bring your own device policy?

  Employers are realising there are challenges presented by BYOD which, if not dealt with, could have a serious impact on the business  Continue Reading

• Technology, society and morality: the implications for technology leaders

  Technology is evolving at a pace and scale that has never been experienced. Society is struggling to keep up with the social and moral implications  Continue Reading

• Who owns your LinkedIn account?

  It is common for employees to use personal social networking accounts for work, but who actually owns those accounts?  Continue Reading

• Privacy concerns in the digital world

  Considering the full spectrum of privacy, people need to ask themselves if they are comfortable with all their characteristics in the public domain  Continue Reading

• How to appoint a new outsourcing supplier

  Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key  Continue Reading

• The dangers of internet cafés

  Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay  Continue Reading

• The data fragmentation challenge

  Few organisations have policies to guide where data should and should not be stored. The result: data fragmentation  Continue Reading

• The ideology of hacking

  Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information  Continue Reading

• How to assess the security of a cloud service provider

  As businesses continue to put more information online, understanding cloud suppliers and agreements has never been more important  Continue Reading

• The challenges of information governance in our increasingly litigious age

  Formulating the right enterprise-wide information governance policies is essential in heading off potential legal and compliance costs  Continue Reading

• Security Think Tank: You can’t protect what you don’t know you’ve got

  IP theft: who should be tackling it and how?  Continue Reading

• How to survive a data breach

  Six practical tips on how to prepare for and survive a data breach  Continue Reading

• Opinion: Is big data just big hype?

  If the deluge of headlines and vendor marketing materials is anything to go by, big data is the next big thing. So how much is there really to all this big data talk?  Continue Reading

• Bridging the information gap

  The pace at which modern business tends to move has resulted in a situation where centralised decision-making struggles to keep up.  Continue Reading