Security is often closely associated with standards and regulations, and there's an assumption that if you are compliant, by default you are secure. That's a dangerous assumption says Nadav Shatz.
If cyber-crime wasn't considered a business risk before, it is certainly being pushed to the front and centre stage by large firms now, says Chris Dye who urges adoption of file-regeneration technology.
With GDPR imminent, it's crucial we tackle the biggest myths surrounding data regulation and cyber-securityNovember 29, 2016
Lillian Pang addresses some of the most common misconceptions surrounding the new GDPR legislation
Sian John discusses why SMEs should care about having security measures to protect their business since if they fail to comply to with GDPR and other regulations, they can lose a lot of money
Companies should spend less time worrying about meeting minimal requirements for cyber-security compliance, and concentrate more on how to protect their most sensitive operations, according to experts speaking today at SC Congress Chicago.
New global research from Dell reveals the lack of awareness among SMBs and large enterprises of the requirements of the EU's GDPR, going into effect in under two years
Paul Donovan explains the security issues prevalent for today's multinationals, and how to instigate centralised policies to help manage security and compliance.
Former board members and senior employees at SWIFT, said the company did not monitor or make attempts to improve the poor security practices of its clients.
Jonathan Sander discusses why compliance is always a race to the bottom and how security as regulation takes executives off the front lines
Over a quarter (28 percent) of cyber-security professionals compromise their ethics to pass audits, likely due to growing network complexity and disparate technology, security and more to keep cyber-criminals at bay.
Eighty-nine percent of UK organisations feel somewhat or more vulnerable than they have been in the past to internal and external threats to sensitive data.
Data breaches in the worlds of banking, credit and finance have nearly double between 2014 and 2015 according to the Identity Theft Resource Centre's 2015 Breach List report. Despite being unsure of how long it would take, IT pros in financial services are very confident in their ability to detect a breach.
More data is shared online every second today than was available across the entire internet 20 years ago. It is therefore no wonder that thriving in the resulting big data economy requires advanced tools says Lubor Ptacek.
The PCI SSC has pushed back the date by which members must change to a secure version of TLS (currently 1.1 or higher); the migration is being revised today and pushed back from June 2016 to June 2018.
The SC Congress NY conference took place yesterday, 20 October.
A government-commissioned report, carried out by PwC, has found that data breaches are rolling in thick and fast for UK firms - and the costs are mounting up.
PCI DSS v3.1 has been announced in a bid to close known security vulnerabilities in SSL and some TLS protocols;14 month transition.
Verizon's fourth annual report into PCI DSS compliance finds that not a single breached company over the last decade has been fully compliant with PCI standards at the time of breach. However, there is at least light at the end of the tunnel.
Compliance with PCI DSS 3.0 is primarily about enforcing everyday security best practices, but Stuart Facey notes that secure third party access is a key part of that approach.
The latest ICYMI column looks at the biggest stories on SC this week, including worrying news on EU data protection laws, claims of iPhone spyware and new Flash Player zero-days.
The UK government has partnered with the IASME consortium and the Give01Day not-for-profit organisation to offer Cyber Essentials certification to UK charities to help them keep safe online.
The British government will demand that all its suppliers comply with the five cyber security requirements set out by the Cyber Essentials scheme from October 1.
Cyber-warfare is so new that the 'ground-rules' are still being established. After the 2007 APT cyber-attack on Estonia, Nato created a cyber-defence centre and the Tallinn Manual ensued. Nazan Osman provides an overview of some of the CCDCOE's and manual's conclusions
From October 2014 many UK public sector information handling projects will require contractors to be Cyber Essentials certified. Tony Morbin looks at how the scheme works, its aims, implementation, shortcomings and potential next steps
The government's initiative to set a baseline certification scheme for cyber security, Cyber Essentials, is now underway and John Godwin encourages companies to get certified as soon as possible.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Cyber-security must reflect risk not just regulation
- Met Police grab suspect with phone unlocked to get hold of data
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report