This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

New threats or old? It's both

Share this article:

It's a New Year with a new editor and new team members on SC. Thanks for the warm welcome from everyone we've met and we'll be talking to more of you throughout the year.

SC Magazine UK editor-in-chief Tony Morbin
SC Magazine UK editor-in-chief Tony Morbin
It's a New Year with a new editor and new team members on SC. Thanks for the warm welcome from everyone we've met and we'll be talking to more of you throughout the year.

Now back to business. In January we consider the challenges and opportunities that lay ahead; the accelerating speed of change, old threats in new clothes, genuinely new concerns and business opportunities to be grasped.

If the basics are properly covered, we might slash the incidence of incursions, and in this issue Paco Hope reminds readers of the five most common security development errors. People remain the biggest vulnerability as they're unpredictable, not doing as they're told, doing it wrong, or failing to do it at all – from establishing vulnerable passwords to leaving the firewall switched off.

Money has superseded bragging rights to motivate hackers, as Rob Buckley reports, but while criminal gains rise, CISOs strive to secure the funds needed to meet new challenges of the cloud, mobile, APT, BYOD and more. Thomas Brewster argues that enabling roll-out of secure new services is a more effective tactic than seeking minimum compliance.

Compliance doesn't equal security, but it is the first priority for many, especially those accepting online credit card payments, who must meet the latest card scheme regulations. SC talks to merchants, issuing banks, merchant acquirers and the vendor community, as well as the PCI SSC itself, to look at the impact and implementation of PCI DSS version three.

While mobile data presents new challenges, it also enhances location and context-based analysis of usage, helping identify anomalous patterns, as Vijay Dheap explains. And post-Snowden, it's not just the Chinese, but also the US government that we're wary of, with Alan Kessler potentially identifying where cryptography has been compromised.

But for every threat faced, there's a countermeasure – and counter threat. Whether that reassures or terrifies it's what our industry's built on.

Share this article:
close

Next Article in Opinion

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in Opinion

Real threats start with humans, not technology

Real threats start with humans, not technology

When the two IPs meet (intellectual property and internet protocol) the value of the business becomes vulnerable says Dave King, with IT often just providing a sticking plaster to hide ...

Securing the energy industry: is success a dead CERT?

Securing the energy industry: is success a dead ...

Industry needs a brighter collaborative approach to help bring it out of the dark ages says Alan Carter

The science behind DDoS extortion

The science behind DDoS extortion

Don't capitulate, have a plan in place, and of course, prevention is better than cure when it comes to tackling the prospect of DDoS ransom attacks says Dan Holden.