This week's In Case You Missed It (ICYMI), China's industrial spying; US extra-territorial claims; SANS event; Card hacks increase; Malvertsing growth; staff data-theft criminal; Biometric smartphones up tenfold; Celebgate hits cloud; Kids, weakest link; Women's Security Society event; Kyle and Stan hit millions.
Enterprises are questioning their cloud strategy after Apple's iCloud service was implicated in the leak of nude celebrity photos. But should one bad Apple spoil the bunch?
You've accepted that you are going to be breached at some point. Tony Morbin looks at how this new perspective should be reflected in your response planning
Kate O'Flaherty reports how the security implications of wearable technology are becoming clearer as Google Glass infiltrates the corporate market
Cyber-warfare is so new that the 'ground-rules' are still being established. After the 2007 APT cyber-attack on Estonia, Nato created a cyber-defence centre and the Tallinn Manual ensued. Nazan Osman provides an overview of some of the CCDCOE's and manual's conclusions
NSA whistleblower Edward Snowden lifted the lid on government surveillance but, as Doug Drinkwater reports, his disclosures have also had a significant impact on how companies view rogue employees
From October 2014 many UK public sector information handling projects will require contractors to be Cyber Essentials certified. Tony Morbin looks at how the scheme works, its aims, implementation, shortcomings and potential next steps
Here are the five most popular articles, as read by you the reader, in the week for August 22 to 28.
This week's In Case You Missed It column looks at Sony PlayStation Network hack, the rise in security spending and surprising new claims on cyber security skills and encryption.
SCADA systems are essential to the smooth running of critical infrastructure but, as evidenced by the Stuxnet attack, they can be exploited through software and hardware vulnerabilities, and human error. But experts contest if they are really under threat.
This week's In Case You Missed It looks at rumours on a new NSA insider, hackable living rooms and if police are turning the tide on cyber-criminals.
Here are the five most popular articles, as read by you the reader, in the week for August 15 to 21.
While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure.
Here are the five most popular articles, as read by you the reader, in the week for August 8 to 14.
This week's In Case You Missed It looks at data breach response, new concerns on EU privacy and claims that the internet is breaking 'under its own weight'.
During Black Hat Dell SecureWorks' threat reports included details on its research into the Lurk Downloader and hijacking attempts on large hosting companies' networks.
This week's In Case You Missed It (ICYMI) highlights from the Black Hat conference, and reaction to the 'biggest data breach ever'.
Here are the five most popular articles, as read by you, the reader, in the week for August 1 to 7.
Here are the five most popular articles, as read by you the reader, in the week for July 25 to 31.
This week's In Case You Missed It column considers early security questions on driverless cars, the hidden cost behind data breaches and new claims of industrial cyber espionage.
Here are the five most popular SC articles, as seen by you the reader, in the week for July 18 to 24.
This week's In Case You Missed column considers the possibility of cyber warfare, the money reaching cyber security start-ups and how charity can start at home for InfoSec practitioners.
Here are the five most popular SC articles, as seen by you the reader, in the week for July 11 to 17.
UK Financial Cyber Security summit sees call for cross-border and sector info sharing; cyber expenditure plans and investment in exports revealed.
Here are the five most popular articles, as read by you the reader, in the week for July 4 to 11.
But where does this leave anyone whose electronic identity has been stolen as a result of a malware infection?
This week's In Case You Missed It (ICYMI) looks at Microsoft's action against cybercriminals, the cyber security skills gap and NSA spying on Tor users.
A conversation with Jane Wainwright, Co-founder Women's Security Society and now senior manager at PWC.
With a military background in insider threat, Jane Wainwright tackled threats from inside and out to secure London's 2012 Olympics.
The EU is inching ever closer to putting the much-anticipated EU General Data Protection Regulation on the statute books, and that could see many companies playing catch up.
Why don't more women choose information security as a profession? What are the barriers, and what can be done to rectify the situation?
Revelations of government surveillance are fuelling a paranoia that isn't going to subside. So should firms be afraid of adopting cloud?
The latest In Case You Missed Column focuses on PayPal's two-factor authentication, the launch of Google Glass and new banking attacks.
Google Glass is now available in the UK for £1,000, but will the data-gathering wearable computing device face roadblocks because of privacy and security concerns?
This week's In Case You Missed It column looks at NSA friendships, concerns on the cloud and the latest flaw affecting Android users.
The IA14 Conference in London on Monday concluded with GCHQ director, Sir Iain Lobban, giving an insight into how GCHQ sees its role protecting and supporting UK citizens, industry and the economy.
A spate of DDoS attacks against cloud services Evernote and Feedly is the talk of this week's In Case You Missed It column.
Two researchers from Colombia University in the US have found that millions of internet-connected TVs could be taken over in a man-in the-middle attack.
The big news in this week's In Case You Missed It (ICYMI) column is the FBI-led Operation Tovar, which saw the disruption of the Gameover Zeus and CryptoLocker botnets.
eBay's data breach is the top news story in this week's In Case You Missed It (ICYMI) column.
This week's In Case You Missed It column looks at the state of anti-virus, ransomware going mobile and the EU's upcoming Data Protection Regulation.
In a roller coaster week which saw AOL report a data breach, Target appoint a CISO and all the madness around Infosecurity Europe, SC looks at all the major stories in our latest In Case You Missed It column.
With potential fines of up €100 million under EU Data Protection Reform, accidental data breaches have moved up the boardroom agenda. Tony Morbin reports on data concerns at Health Authorities in England and Wales, where despite differing systems, data leakage is also being addressed.
Large-scale cyber espionage is not new - it is the methods behind it which are becoming more complex and sophisticated, reports Kate O'Flaherty.
Bring your own device (BYOD) is in full swing, but most FTSE 100 and SMEs are only now realising that there's more to managing the deluge of personal smartphones and tablets coming into the office than brute force alone, reports Doug Drinkwater
This week's In Case You Missed It column looks at Vladimir Putin's Internet views, bigger and badder DDoS attacks, and further reaction to OpenSSL and Heartbleed.
As another week in information security zips by, we look at the top stories in our weekly In Case You Missed It (ICYMI) column.
There's an increasing demand for cyber security specialists in information security, but the challenge remains bringing the right graduates into the fold.
IT decision makers are leveraging Big Data security analytics tools to serve up more information on threats, reports Doug Drinkwater.
With Windows XP fast approaching its end-of-support deadline, many firms are going to be at risk of attack, reports Kate O'Flaherty.
The UK aims to be the safest place to do business online, but that aim is potentially undermined by cyber security skills shortages, says (ISC)²'s John Colley. Tony Morbin reports
PCI DSS 3.0 may be on the horizon, but a new study suggests that companies are not only slow in updating, but also approaching compliance in the wrong way.
Criminal investigators want changes made to European law so that they can fight international cyber crime faster and more efficiently.
Compliance, standards, a shortage in IT security skills and budgets are reasons behind the 'failure' of cyber security, experts conclude at French information security conference
The world's largest consumer electronics event boasts new gadgets, but concerns rise on the Internet of Things.
The latest PCI update offers improvements to ensure security in online transactions, says Tim Lansdale, head of payment security, WorldPay. Tony Morbin reports.
In a special one-off case study linking our themes of PCI compliance and security spend, Random Storm technical director and co-founder Andrew Mason describes to SC a case study that tackles both issues with the aid of league tables.
It may be a time of great change for the infosec industry, but advice on achieving the budgets needed to keep up with new threats remains remarkably consistent, reports Thomas Brewster.
Check Point VP says individual hacking actions are not always criminal
Malware writing has undergone many changes over the years - from hobbyists to a criminal business - with mobile and social now the hot targets, Rob Buckley reports.
From banking hacks and malicious mobile apps to insider leaks and a serious data breach each month, 2014 promises to a challenging year for CISOs.
Services abound for business continuity and disaster recovery in the cloud, but what's the right choice for your organisation? Alan Earls investigates the options.
Advanced persistent threats are a real and present danger to all organisations big and small, and only the foolhardy would dismiss them as another hyped security buzz phrase.
The role of the chief information security officer is expanding to meet new challenges, says Paul Swarbrick, former CISO at NATS, as Karen Epper Hoffman reports.
A UK college provides its 'digital natives' with a secure environment that can be accessed anywhere from any device, reports Greg Masters.
With so much of the national infrastructure, from utilities to the internet itself, a potential target of attack, the Government is forging partnerships with the private sector to help protect the services we all rely on. But, in the wake of Edward Snowden, defence is no longer just a question of what can be done, but also of what is acceptable. Asavin Wattanajantra reports.
The Payment Card Industry Data Security Standard (PCI DSS) is approaching its third iteration - and with it comes another chance to make the global standard fairer, more relevant and fit for purpose. By Phil Muncaster.
Every business faces the possibility of external attacks, but the real threat could be buried within, in the form of the disgruntled employee, says Dan Raywood.
Recent high-profile password breaches have raised doubts about current security measures, and whether a password can ever really be secure. By Dan Raywood.
Self-encrypting hard drives seemed to be a no-brainer when they hit the market due to their efficacy, but adoption has been poor because trends, such as the cloud, justify reliance on software that protects data wherever it is. By Asavin Wattanajantra.
As the chief information security officer of publishing giant News International, as well as having a pivotal role at ISACA, Amar Singh has a lot on his plate. He tells Dan Raywood about his personal philosophy of managing security in a large organisation, and why he wants to see former soldiers join the industry.
SC Magazine's second survey this month, in association with Good Technology, reveals a healthy attitude to BYOD, reports Tim Baker.
Open source software fosters innovation and inclusion, but what about the security, asks Asavin Wattanajantra.
SC Magazine's latest survey asked the key questions on the skills and people shortage in the infosec industry. Here, we analyse the main findings from the online poll.
It's the problem that won't go away - so what is actually being done by the industry, government and academia to resolve the infosec skills crisis, asks Phil Muncaster.
Dr Eric Cole, founder and CEO of US security consultancy Secure Anchor, speaks exclusively to Dan Raywood about the key issues facing his clients - and why the security industry needs to put its words into practice.
In the current economic climate, computer networks are being relied upon more than ever by UK businesses. But how is this affecting our cyber security, and in turn, our profits?
More than 100 CISOs and security specialists are lining up to speak out at Infosecurity Europe 2013.
Despite the ubiquity of the Trusted Platform Module, hold-ups exist and adoption remains slow. Deb Radcliff reports.
The paradox of information security is that while the best products have necessarily complex functions, they must also be easy to use, writes Rob Buckley.
Brian Shorten, chairman of the Charities Security Forum, tells Dan Raywood about the third sector's unique information security plight - and how his network can help.
As we approach a year since the launch of PCI DSS 2.0, Dan Raywood speaks to organisations in various sectors to find out how they are dealing with the updated regulations.
Twelve months on from the publication of the European Commission's draft revision to data protection laws, claims of heavy-handedness and obsolescence have mounted - but the authority behind the bill remains defiant. Eric Doyle unpicks the issue.
What challenges can individual organisations, and the security industry at large, expect to face in the year ahead? With 2013 upon us, Phil Muncaster gathers the predictions and advice of infosec experts.
For obvious reasons, many people get jittery at the prospect of handing responsibility for their organisation's security to an outsider - and yet the benefits remain alluring. Kathryn Pick weighs up the pros and cons of using managed security service providers.
In the latest roundtable hosted by SC Magazine, in association with Websense, Andrew Kellett asks security professionals to pinpoint the likely trends for 2013.
The cloud, mobile device management and virtualisation are riding to the rescue of organisations faced with the inevitability of 'bring your own device'. By Rob Buckley.
With the US and Israel accused of sending Stuxnet to sabotage Iran's nuclear capability, and China and Russia implicated in cyber attacks on the West - as well as censoring their own citizens - have we entered a new Cold War? Asavin Wattanajantra investigates.
Everything you need to know about our annual industry competition and how to enter.
Once again RSA Conference Europe has pulled it out of the bag with an impressive line-up of keynote speakers - including Wikipedia founder Jimmy Wales - and a schedule of tracks and sessions that reflect the industry's most pressing issues.
In the latest roundtable hosted by SC Magazine, this time in association with Websense, Andrew Kellett asks security professionals how data protection and BYOD can be reconciled.
Kaspersky Lab's eponymous founder tells journalists in Moscow that the International Telecommunication Union is vital in fighting cyber crime. By Mark Mayne.
Employee demand is compelling organisations to make a decision on 'bring your own device' - but despite some big-name cheerleaders of the trend, there is a danger that others might rush in before weighing up the pros and cons, writes Jessica Twentyman.
The most worrying issue for the UK's C-level security professionals is fear of the unknown, Andrew Kellett discovered at a roundtable discussion hosted by SC Magazine in association with FireEye.
SC Magazine's latest survey, on the issue of securing data on the move, shows email in fine fettle and raises concerns about how confidential information is shared. We analyse the key findings from the poll.
Prepare for a host of new networking problems as devices never meant to be computers get hooked up to the system, reports Deb Radcliff.
Before moving assets to the cloud, CISOs must determine how much security they are willing to contract out, reports Stephen Lawton.
With the burden of compliance increasingly falling on the shoulders of information security professionals, Rob Buckley asks how they can navigate the maze of ever-changing and expanding legislation - and keep their employers out of the headlines.
With security becoming more critical in business environments, Jennifer Scott looks at who should take responsibility for the safekeeping of a company and how the two senior information roles must interact.
Despite devoting resources and making arrests, authorities seem little closer to stopping the new face of social protest, reports Jim Romeo.