Today, as the Fourth Industrial Revolution (Industry 4.0) gathers pace, all areas of industry are experiencing new technological changes at a speed, scale and force unlike anything we have ever seen before says Paul Appleby.
Fundamental issues with the nature of security mean that passwords aren't going anywhere for the foreseeable future says Bill Carey who sees their role remaining as part of multi-factor solutions.
Dr Adrian Davis shares his top EMEA technology and security trends to watch this year including changing consumer expectations of data use and privacy as its value becomes apparent.
Both Dyre and Dridex Trojans now use a combination of local redirection and RAT to effectively escape detection by current anti-fraud and security tools, but Uri Rivner says real-time behaviour analysis can still spot the bad guys.
In instalment one of his four-part viewpoint series, Tony Collings outlines the first of his essential building blocks for the successful implementation of an IT project: have you got the business requirement right?
The threats faced and intelligence needed in enterprise security is always changing and the organisations that stay on top of these trends will be best placed to handle whatever comes their way says Mark Hughes.
The humble password is often seen as obsolete and ineffective. David Howell suggests that Secure Shell (SSH) key technology has several key advantages and can help to deliver the post-password world.
Many enterprise CIOs are learning how Software Defined Networking (SDN) and Network Function Virtualisation (NFV) can bring about business transformation as well as IT efficiencies says Craig D'Abreo.
New tools are making real time data analysis and exploration of DNS traffic possible. This is turning previously ignored data into a source of valuable insight says Chris Griffiths.
The TalkTalk breach was not an isolated incident says Clayton Locke who advises companies on the need to monitor user-behaviour for inconsistencies.
If 2015 is anything to benchmark against when it comes to data breaches, then 2016 should be the year that businesses button down against the escalating issue of ID and access management says Paul Trulove.
The EU Court of Justice's Schrems decision essentially declared the US-EU Safe Harbour to be invalid. However, the immediate practical consequences of Schrems remain unclear say lawyers at White & Case.
With many in the IT security industry predicting the imminent demise of the firewall, Nimmy Reichenberg argues that it remains integral to protecting an organisation's networks.
More data is shared online every second today than was available across the entire internet 20 years ago. It is therefore no wonder that thriving in the resulting big data economy requires advanced tools says Lubor Ptacek.
As e-commerce opportunities continue to develop, so too do fraud strategies. The fraudsters' approaches are multifaceted and knowing your customer is not enough says Andrew Edem.
2015 saw businesses worldwide face a formidable challenge when it comes to data security. As a result, companies are quickly realising the risk of cyber-attacks is becoming more and more likely Tim Critchley explains.
Bug bounties may appear to be an attractive way to crowd-source security testers and only pay on results, but there may be serious pitfalls for your organisation's cyber-security, says Ilia Kolochenko.
When looking for the insider threat, don't assume you will find a Snowden or Manning in your midst - you may find instead that someone in a trusted position has become an unwitting helper for an outside threat, says Dr Eric Cole
Hacking sources are proliferating so organisations need to understand their risk of political or ideological attack, install proactive security defences and be able to detect and contain threats quickly,says Dan Holden.
While people are wary of shopping on banking online, use of goverment services is potentially more risky due to the nature of information provided explains Brian Spector, with phishing particularly prevelant at tax-return time.
Oscar Arean predicts that 2016 will be the year that IT managers finally start to see more buy-in from the rest of the business when it comes to cyber-security.
Understanding how a breach impacts your business is crucial to deciding how to respond explains Andrew Nanson, CTO cyber at CORVID
The data-sharing agreement known as Safe Harbour was ruled invalid on 6 October by the Court of Justice of the European Union, with widespread ramifications for organisations ranging from cloud computing providers to multinational companies that move information across the Atlantic.
The onus on forward-thinking businesses shouldn't be on stamping out shadow IT, says Ed Macnair, but rather encouraging employees to adopt and get the most out of their tools of choice in a secure and productive fashion.
2015 was another big year for cyber-security headlines. In fact, the past 12 months have seen some of the biggest data breaches on record, across a wide range of global industries and sectors notes Luke Brown.
In today's age of political instability are backdoors necessary to safeguard national borders, or would it instead increase technical vulnerability and undo the progress that encryption has provided, asks Rick Orloff?
Cyber-warfare is not replacing conventional warfare, but becoming an integral part of the military toolbox to be used in hybrid-warfare, but - so far, more for disruption than destruction, as Jarno Limnéll explains.
Most organisations don't know how their networks can handle the worst hacks or high-stress traffic anomalies. Richard Page suggests new solutions for hardening IT infrastructures and security defences are needed.
Paul Donovan highlights how Hybrid IT is affecting the user, the CISO and the organisation and what should be done to reduce the security risk that this new game changer poses.
François Amigorena explains how and why password sharing has become popular in business today
Enterprises spend millions combatting cyber-attacks, but much less on threats inside their systems, says Tom Patterson. Containment via micro segmentation is one way for enterprises to fight back.
Risk may be now on the corporate agenda but cyber-risk reporting remains an issue. So James Henry asks how do we ensure risk becomes actionable intelligence?
Generation Z, the internet generation, brings its own devices, but also its own apps and approach into the enterprise; Diana Wong explains how we must adapt our security to recognise and cater for this change.
Following the JD Wetherspoon data breach, there are many questions about the cause and the mistakes that led to it. But the company's mistakes offer valuable lessons for other businesses as Pat Clawson explains.
Most organisations know about the phishing risks of social media - Ian Trump looks at why social media presents other risks to an employer, and what can be done about it.
Wolfgang Kandek notes that a key concern for countries securing critical infrastructure is ensuring legislation compliance doesn't limit flexibility, and asks if new German laws might provide a benchmark.
Julian Meyrick explains how companies should work toward a better understanding of the Dark Web and have useage policies in place for any rare instances where it is not blocked to employees.
Simon Moor, UK regional director for Check Point gives his security predictions for the coming year, featuring Scada, IoT and wearable attacks increasing but most problems still due to software vulnerabilities unpatched.
Technology, which can offer scale, speed and simplicity, needs to be adopted and, importantly, the benefits need to be understood by the board so that time and education is a dedicated part of staff training says Richard Olver.
Brian Chappell explains how technology can help us make sure we are focusing on the right things that will deliver the biggest bang for our buck, after all, only a small percentage of the vulnerabilities we have are easy to exploit.
Since the scrapping of Safe Harbour businesses have been in limbo when it comes to data transfer with many companies sitting tight until a decision is reached, but, says Michael Hack, that course of action isn't advisable.
London employment partner Pulina Whitaker examines the recent data leaks, current legislation, and ways in which companies can protect themselves.
Paul Bischoff explains that companies should educate their employees on the importance of Facebook privacy and other data-gathering apps that can potentially compromise both personal and company security.
Jeremy King discusses the EU Data Protection Directive and Directive on Payment Services (PSD) and the impact this will have on organisations and their data security policies.
Following a spate of Apple-specific vulnerabilities, James Maude warns that CIOs need to be wary of their Mac footprint
Huw Price suggests that data masking, where sensitive information is obscured by realistic but not authentic data, is an effective way to protect data in the application testing process, thus improving overall data security.
Chris Pace argues that failure to achieve the correct balance between transfer of risk to an insurance provider and appropriate level of IT security measures, implemented and managed by in-house IT, puts companies at risk.
To achieve the best possible protection for connected cars, authentication and authorisation between entities and devices exchanging data is simply mandatory says Ameneh Zaher.
ICO fines should be the least of a company's worries should it suffer a data breach according to Nigel Hawthorn who says on-going and potentially business-fatal repercussions of a data-breach that should be the main concern.
With 26 billion devices set to be connected by 2020, what security threats could the IoT pose, and what steps can businesses take to keep the hackers out? Sukamal Banerjee delves deep into the processes.
Haroon Malik describes how CISOs can develop a cyber-security resilience strategy by having a clear vision of where they are going and what needs to be done.
John Pepper insists the challenge for IT is to accept that the traditional break/fix model is no longer good enough and embrace a predictive environment to deliver 100 percent availability across all of the connected business.
Itay Glick advises on the unforeseen cyber-dangers that abound during the entire calendar year of a hacker as well as the holiday season, a time when consumers are most vulnerable.
Tom Read points out key recommendations one should consider when reviewing their information security strategy
Amichai Shulman demonstrates the role that social engineering plays in the life of a cyber-attacker.
Stess testing has become an essential activity rather than simply best practice says Martijn Groot who adds that banks require comprehensive data management capabilities to reduce the operational risk of unknown data.
Ed Macnair addresses the need to strengthen cyber-security in businesses and schools to take a step in the right direction in the fight against terrorism.
Darren White looks at how organisations can prioritise email security to protect their customers online.
In the run up to the year-end, SC will run publish projections from different commentators on what's in store for the cyber-security industry in 2016. First up Adam Boone ranges over IoT to mitigation in breached systems.
Purchasing cyber-insurance without a proven security system will leave businesses out of pocket, while absence of cover is a false economy says Steve Watts.
A malicious insider has the potential to be an organisation's worst nightmare. Márton Illés looks at how user behaviour analytics can be implemented to help close the gap on insider threats.
Lars Thyroff discusses the importance of best practices for intelligent digital security in a connected car to enable trust in the device, data and network.
Mike Fey recalls the European Court of Justice invalidating the agreement between EU and US organisations on data transfer on 6 October.
Steve Armstrong considers why breaches like TalkTalk continue to occur and notes how the associated costs exceed the cost of encryption, testing and more secure coding.
Anthony Di Bello explains how it is necessary to understand the scale of various security incidents and their ramifications to provide a measured response.
Cindy Truyens highlights how businesses fail to protect themselves by not comprehending the impact GDPR has on data management and other processes.
John Smith, looks at the wealth of data churned up by cyber-security analytics and how vendors have a responsibility to make the numbers actionable.
George Davies highlights the risks and considerations necessary to keep in mind prior to outsourcing your IT to a third party.
Awareness of the risks that come with cloud computing is essential for any business that utilises it says Luke Brown.
Professor Chris Hankin demonstrates that with the advancement of cyber technology, our methods of connecting with and traveling between each other grow more sophisticated as well.
There are legal issues and technical vulnerabilties aound the use of fingerprint scanners on mobiles, hence, Anthony Neary says, it is vital to have a mix of solutions which enable maximum possible security.
SMEs are at greater risk from the consequences of cyber-attack, less able to recover, with more mission-critical data on a single machine, so educating themselves about mitigating the risk is essential says Andrew Conway.
Traditional email sandboxing techniques are increasingly unable to defend all employees against evolving threats, says Neil Murray
Securing the device is only the first step in reducing the risk of mobile employees says Eldar Tuvey, noting we need to secure and monitor both the hardware and the endpoint activity and implement a multi-level approach.
A common-sense approach to cloud storage will ensure your valuable data remains safe and secure, says Thomas Chappelow.
Luke Brown explains why today's cyber-security strategy needs to focus more on data protection technologies and strategies.
What's lacking in many organisations' cyber-defences is cyber-situational-awareness that provides a more holistic and specific view of threats and vulnerabilities relevant to your organisation says Alastair Paterson.
Experian breach is more than just another hack as cross referencing of data sets opens up even more scope for ciminal activity says Max Vetter
Pete Shoard asks how powerful are less developed countries such as North Korea when it comes to cyber-threats, and can it be regarded as a major player in cyber-warfare anyway for the impact it has achieved?
Users need to realise that cloud services can be more secure, not less, but it is a new security model where we need to be clear what we want to do and how we plan to do it says Russell Spitler.
Luke Potter looks at four of the most basic security oversights identified during penetration testing
Torben Andersen warns of the danger of corporates relying on passwords alone to protect their businesses...
Norman Shaw looks at the latest data breaches, their causes, what the Safe Harbour ruling could mean for data protection and what you should be doing now to protect your company and yourself.
Steve Watts considers options for two-factor identificaiton and suggests Near Field Communication (NFC)-based mobile authentication as a possible solution.
Anomaly-based detection, rather than signatures or threat intelligence, is more likely to detect nation-state and advanced criminal 'Super Hackers' before they can gain a significant foothold on networks says Peter Cohen.
Give your new graduates mentoring support and challenge them, rather than just giving them menial tasks if you want to attract and retain the best says Dr. Scott McVicar.
Anthony Neary describes what he sees as the six main reasons why the UK a top target for cyber-criminals.
Having to carry around two mobile devices - one for personal use and the other for corporate business - is an anachronism, says Sebastian Goodwin.
Intelligent and analytical identification of anomalies in DNS activity is key to stopping threats before they become a real problem says Dr Malcolm Murphy, systems engineering manager, Infoblox
Staff need ongoing training in defending against the latest threats - which currently includes LinkedIn says Andrew Tang, service director, security at MTI Technology
Security is a reasonable concern when considering moving your IT services to the cloud, but four key questions can help you assess the risk, says Chris Pace.
If they can't identify attacks when they happen, how can financial organisations effectively combat them, asks Ron Miller.
In the wake of the SYNful Knock attack on its routers, Cisco should re-engineer its devices to prevent future attacks, says Raimund Genes.
Using individual user's behaviour patterns can identify both the individual and Bot activity to thwart RATs says Uri Rivner
Kane Hardy explores how the rise of automated attacks dictates the need for automated defence.
Never underestimate just how valuable enterprise data is to cyber-criminals, from low-level thieves to extremely well-funded (and therefore, well-armed) state-sponsored attackers, says Matt Middleton-Leal.
It didn't take much time following internet connections on mobile phones to become commonplace for scammers to realise they had another avenue for phishing attacks, says Claire Cassar.
A leak, a hack, or a simple mistake can blow up any M&A deal carefully crafted over months or even years, says Stephen Dearing.