A data revolution in the Fourth Industrial Revolution

A data revolution in the Fourth Industrial Revolution

Today, as the Fourth Industrial Revolution (Industry 4.0) gathers pace, all areas of industry are experiencing new technological changes at a speed, scale and force unlike anything we have ever seen before says Paul Appleby.

Why passwords will never die

Why passwords will never die

Fundamental issues with the nature of security mean that passwords aren't going anywhere for the foreseeable future says Bill Carey who sees their role remaining as part of multi-factor solutions.

Five cyber-security trends to watch

Five cyber-security trends to watch

Dr Adrian Davis shares his top EMEA technology and security trends to watch this year including changing consumer expectations of data use and privacy as its value becomes apparent.

Into the Mind of a RAT operator

Into the Mind of a RAT operator

Both Dyre and Dridex Trojans now use a combination of local redirection and RAT to effectively escape detection by current anti-fraud and security tools, but Uri Rivner says real-time behaviour analysis can still spot the bad guys.

Video: Building blocks of IT security 1 - Establishing the requirement

Video: Building blocks of IT security 1 - Establishing the requirement

In instalment one of his four-part viewpoint series, Tony Collings outlines the first of his essential building blocks for the successful implementation of an IT project: have you got the business requirement right?

Four key predictions for enterprise security in 2016

Four key predictions for enterprise security in 2016

The threats faced and intelligence needed in enterprise security is always changing and the organisations that stay on top of these trends will be best placed to handle whatever comes their way says Mark Hughes.

Secure Shell (SSH) the key to the post-password world

Secure Shell (SSH) the key to the post-password world

The humble password is often seen as obsolete and ineffective. David Howell suggests that Secure Shell (SSH) key technology has several key advantages and can help to deliver the post-password world.

Security in the age of network virtualisation

Security in the age of network virtualisation

Many enterprise CIOs are learning how Software Defined Networking (SDN) and Network Function Virtualisation (NFV) can bring about business transformation as well as IT efficiencies says Craig D'Abreo.

Three things real-time DNS analysis can reveal about cyber-attacks and vulnerabilities

Three things real-time DNS analysis can reveal about cyber-attacks and vulnerabilities

New tools are making real time data analysis and exploration of DNS traffic possible. This is turning previously ignored data into a source of valuable insight says Chris Griffiths.

TalkTalk's cyber-security lesson

TalkTalk's cyber-security lesson

The TalkTalk breach was not an isolated incident says Clayton Locke who advises companies on the need to monitor user-behaviour for inconsistencies.

Know your enemy: making a business case for identity and access management

Know your enemy: making a business case for identity and access management

If 2015 is anything to benchmark against when it comes to data breaches, then 2016 should be the year that businesses button down against the escalating issue of ID and access management says Paul Trulove.

Data transfers after Schrems: discord in the EU

Data transfers after Schrems: discord in the EU

The EU Court of Justice's Schrems decision essentially declared the US-EU Safe Harbour to be invalid. However, the immediate practical consequences of Schrems remain unclear say lawyers at White & Case.

Are firewalls still relevant to security?

Are firewalls still relevant to security?

With many in the IT security industry predicting the imminent demise of the firewall, Nimmy Reichenberg argues that it remains integral to protecting an organisation's networks.

Keeping abreast of governance risk and compliance goals

Keeping abreast of governance risk and compliance goals

More data is shared online every second today than was available across the entire internet 20 years ago. It is therefore no wonder that thriving in the resulting big data economy requires advanced tools says Lubor Ptacek.

International fraud trends

International fraud trends

As e-commerce opportunities continue to develop, so too do fraud strategies. The fraudsters' approaches are multifaceted and knowing your customer is not enough says Andrew Edem.

Is your reputation at risk?

Is your reputation at risk?

2015 saw businesses worldwide face a formidable challenge when it comes to data security. As a result, companies are quickly realising the risk of cyber-attacks is becoming more and more likely Tim Critchley explains.

Can bug bounties replace traditional web security?

Can bug bounties replace traditional web security?

Bug bounties may appear to be an attractive way to crowd-source security testers and only pay on results, but there may be serious pitfalls for your organisation's cyber-security, says Ilia Kolochenko.

Recognising and combating insider threat

Recognising and combating insider threat

When looking for the insider threat, don't assume you will find a Snowden or Manning in your midst - you may find instead that someone in a trusted position has become an unwitting helper for an outside threat, says Dr Eric Cole

The rise of the political and ideological motivated attack

The rise of the political and ideological motivated attack

Hacking sources are proliferating so organisations need to understand their risk of political or ideological attack, install proactive security defences and be able to detect and contain threats quickly,says Dan Holden.

Protecting personal data during HMRC phishing season

Protecting personal data during HMRC phishing season

While people are wary of shopping on banking online, use of goverment services is potentially more risky due to the nature of information provided explains Brian Spector, with phishing particularly prevelant at tax-return time.

The 'silver lining' of growing cyber-security concerns

The 'silver lining' of growing cyber-security concerns

Oscar Arean predicts that 2016 will be the year that IT managers finally start to see more buy-in from the rest of the business when it comes to cyber-security.

Last Word: A CISO checklist

Last Word: A CISO checklist

Understanding how a breach impacts your business is crucial to deciding how to respond explains Andrew Nanson, CTO cyber at CORVID

2 Minutes On: Safe Harbour ruled invalid

2 Minutes On: Safe Harbour ruled invalid

The data-sharing agreement known as Safe Harbour was ruled invalid on 6 October by the Court of Justice of the European Union, with widespread ramifications for organisations ranging from cloud computing providers to multinational companies that move information across the Atlantic.

Shadow IT and the Middle East - innovation versus risk

Shadow IT and the Middle East - innovation versus risk

The onus on forward-thinking businesses shouldn't be on stamping out shadow IT, says Ed Macnair, but rather encouraging employees to adopt and get the most out of their tools of choice in a secure and productive fashion.

Lessons learned? A look back at five cyber-security trends of 2015

Lessons learned? A look back at five cyber-security trends of 2015

2015 was another big year for cyber-security headlines. In fact, the past 12 months have seen some of the biggest data breaches on record, across a wide range of global industries and sectors notes Luke Brown.

Are backdoors a necessity, or just a 'welcome' sign to hackers?

Are backdoors a necessity, or just a 'welcome' sign to hackers?

In today's age of political instability are backdoors necessary to safeguard national borders, or would it instead increase technical vulnerability and undo the progress that encryption has provided, asks Rick Orloff?

Fighting a war without being at war

Fighting a war without being at war

Cyber-warfare is not replacing conventional warfare, but becoming an integral part of the military toolbox to be used in hybrid-warfare, but - so far, more for disruption than destruction, as Jarno Limnéll explains.

Ensuring IT resilience in the face of change

Ensuring IT resilience in the face of change

Most organisations don't know how their networks can handle the worst hacks or high-stress traffic anomalies. Richard Page suggests new solutions for hardening IT infrastructures and security defences are needed.

The rise of hybrid IT and the implications for CISOs

The rise of hybrid IT and the implications for CISOs

Paul Donovan highlights how Hybrid IT is affecting the user, the CISO and the organisation and what should be done to reduce the security risk that this new game changer poses.

Why password sharing has become a common working practice

Why password sharing has become a common working practice

François Amigorena explains how and why password sharing has become popular in business today

Contain yourself: The new wave of cyber-security

Contain yourself: The new wave of cyber-security

Enterprises spend millions combatting cyber-attacks, but much less on threats inside their systems, says Tom Patterson. Containment via micro segmentation is one way for enterprises to fight back.

Rethinking how we relay risk - why poor cyber-risk reporting is still an issue

Rethinking how we relay risk - why poor cyber-risk reporting is still an issue

Risk may be now on the corporate agenda but cyber-risk reporting remains an issue. So James Henry asks how do we ensure risk becomes actionable intelligence?

Generation Z: A security conundrum

Generation Z: A security conundrum

Generation Z, the internet generation, brings its own devices, but also its own apps and approach into the enterprise; Diana Wong explains how we must adapt our security to recognise and cater for this change.

JD Wetherspoon breach: three data management mistakes that could have been avoided

JD Wetherspoon breach: three data management mistakes that could have been avoided

Following the JD Wetherspoon data breach, there are many questions about the cause and the mistakes that led to it. But the company's mistakes offer valuable lessons for other businesses as Pat Clawson explains.

Social media is more than just a phishing risk

Social media is more than just a phishing risk

Most organisations know about the phishing risks of social media - Ian Trump looks at why social media presents other risks to an employer, and what can be done about it.

Germany's approach to securing critical infrastructure - a benchmark for others?

Germany's approach to securing critical infrastructure - a benchmark for others?

Wolfgang Kandek notes that a key concern for countries securing critical infrastructure is ensuring legislation compliance doesn't limit flexibility, and asks if new German laws might provide a benchmark.

Companies beware: The dark web is easier to find than you think

Companies beware: The dark web is easier to find than you think

Julian Meyrick explains how companies should work toward a better understanding of the Dark Web and have useage policies in place for any rare instances where it is not blocked to employees.

Check Point Security Predictions for 2016

Check Point Security Predictions for 2016

Simon Moor, UK regional director for Check Point gives his security predictions for the coming year, featuring Scada, IoT and wearable attacks increasing but most problems still due to software vulnerabilities unpatched.

It's the tools not the talent: the flip side to the cyber skills debate

It's the tools not the talent: the flip side to the cyber skills debate

Technology, which can offer scale, speed and simplicity, needs to be adopted and, importantly, the benefits need to be understood by the board so that time and education is a dedicated part of staff training says Richard Olver.

Getting smarter vulnerability management by applying some intelligence

Getting smarter vulnerability management by applying some intelligence

Brian Chappell explains how technology can help us make sure we are focusing on the right things that will deliver the biggest bang for our buck, after all, only a small percentage of the vulnerabilities we have are easy to exploit.

Safe Harbour: no decision yet, but that shouldn't mean no action yet

Safe Harbour: no decision yet, but that shouldn't mean no action yet

Since the scrapping of Safe Harbour businesses have been in limbo when it comes to data transfer with many companies sitting tight until a decision is reached, but, says Michael Hack, that course of action isn't advisable.

Inquiry launched into online data security after TalkTalk data hack

Inquiry launched into online data security after TalkTalk data hack

London employment partner Pulina Whitaker examines the recent data leaks, current legislation, and ways in which companies can protect themselves.

Employees playing Facebook quizzes could put their employers at risk

Employees playing Facebook quizzes could put their employers at risk

Paul Bischoff explains that companies should educate their employees on the importance of Facebook privacy and other data-gathering apps that can potentially compromise both personal and company security.

An inconvenient truth: New customer data regulations coming

An inconvenient truth: New customer data regulations coming

Jeremy King discusses the EU Data Protection Directive and Directive on Payment Services (PSD) and the impact this will have on organisations and their data security policies.

Macs aren't immune to hacks

Macs aren't immune to hacks

Following a spate of Apple-specific vulnerabilities, James Maude warns that CIOs need to be wary of their Mac footprint

Application Testing - a gaping hole in enterprise data protection efforts

Application Testing - a gaping hole in enterprise data protection efforts

Huw Price suggests that data masking, where sensitive information is obscured by realistic but not authentic data, is an effective way to protect data in the application testing process, thus improving overall data security.

Cyber-insurance cover leaves IT teams exposed

Cyber-insurance cover leaves IT teams exposed

Chris Pace argues that failure to achieve the correct balance between transfer of risk to an insurance provider and appropriate level of IT security measures, implemented and managed by in-house IT, puts companies at risk.

Putting the brakes on car hacking

Putting the brakes on car hacking

To achieve the best possible protection for connected cars, authentication and authorisation between entities and devices exchanging data is simply mandatory says Ameneh Zaher.

Fines for non-compliance with data regulations are just the tip of the iceberg

Fines for non-compliance with data regulations are just the tip of the iceberg

ICO fines should be the least of a company's worries should it suffer a data breach according to Nigel Hawthorn who says on-going and potentially business-fatal repercussions of a data-breach that should be the main concern.

Securing the Internet of Things (IoT)

Securing the Internet of Things (IoT)

With 26 billion devices set to be connected by 2020, what security threats could the IoT pose, and what steps can businesses take to keep the hackers out? Sukamal Banerjee delves deep into the processes.

Are you cyber resilient?

Are you cyber resilient?

Haroon Malik describes how CISOs can develop a cyber-security resilience strategy by having a clear vision of where they are going and what needs to be done.

The Internet of Everything demands 100% availability

The Internet of Everything demands 100% availability

John Pepper insists the challenge for IT is to accept that the traditional break/fix model is no longer good enough and embrace a predictive environment to deliver 100 percent availability across all of the connected business.

The Hackers Calendar

The Hackers Calendar

Itay Glick advises on the unforeseen cyber-dangers that abound during the entire calendar year of a hacker as well as the holiday season, a time when consumers are most vulnerable.

Sensible Security and the Cloud

Sensible Security and the Cloud

Tom Read points out key recommendations one should consider when reviewing their information security strategy

Social engineering: hacker tricks that make recipients click

Social engineering: hacker tricks that make recipients click

Amichai Shulman demonstrates the role that social engineering plays in the life of a cyber-attacker.

The interwoven perks and pitfalls in building stress testing models

The interwoven perks and pitfalls in building stress testing models

Stess testing has become an essential activity rather than simply best practice says Martijn Groot who adds that banks require comprehensive data management capabilities to reduce the operational risk of unknown data.

Terrorism? Now is not the time to bury our heads in the sand

Terrorism? Now is not the time to bury our heads in the sand

Ed Macnair addresses the need to strengthen cyber-security in businesses and schools to take a step in the right direction in the fight against terrorism.

A game of minesweeper in the inbox

A game of minesweeper in the inbox

Darren White looks at how organisations can prioritise email security to protect their customers online.

What does 2016 have in store for IT security?

What does 2016 have in store for IT security?

In the run up to the year-end, SC will run publish projections from different commentators on what's in store for the cyber-security industry in 2016. First up Adam Boone ranges over IoT to mitigation in breached systems.

Purchasing cyber-insurance without a proven security system will leave businesses out of pocket

Purchasing cyber-insurance without a proven security system will leave businesses out of pocket

Purchasing cyber-insurance without a proven security system will leave businesses out of pocket, while absence of cover is a false economy says Steve Watts.

User behaviour analytics: Combat the threat within

User behaviour analytics: Combat the threat within

A malicious insider has the potential to be an organisation's worst nightmare. Márton Illés looks at how user behaviour analytics can be implemented to help close the gap on insider threats.

Why OEMs need to pay attention to security in the connected car

Why OEMs need to pay attention to security in the connected car

Lars Thyroff discusses the importance of best practices for intelligent digital security in a connected car to enable trust in the device, data and network.

What the EU's Safe Harbour ruling means for European businesses

What the EU's Safe Harbour ruling means for European businesses

Mike Fey recalls the European Court of Justice invalidating the agreement between EU and US organisations on data transfer on 6 October.

What are the costs associated with the TalkTalk breach?

What are the costs associated with the TalkTalk breach?

Steve Armstrong considers why breaches like TalkTalk continue to occur and notes how the associated costs exceed the cost of encryption, testing and more secure coding.

Security response and the 'Richter Scale' of incidents

Security response and the 'Richter Scale' of incidents

Anthony Di Bello explains how it is necessary to understand the scale of various security incidents and their ramifications to provide a measured response.

Don't be a victim of information ignorance

Don't be a victim of information ignorance

Cindy Truyens highlights how businesses fail to protect themselves by not comprehending the impact GDPR has on data management and other processes.

Cyber-security analytics: how to make the numbers meaningful

Cyber-security analytics: how to make the numbers meaningful

John Smith, looks at the wealth of data churned up by cyber-security analytics and how vendors have a responsibility to make the numbers actionable.

The price of outsourcing to reduce IT costs: innovation and business outcomes

The price of outsourcing to reduce IT costs: innovation and business outcomes

George Davies highlights the risks and considerations necessary to keep in mind prior to outsourcing your IT to a third party.

Up in the air: How to protect against cloud account hijacking

Up in the air: How to protect against cloud account hijacking

Awareness of the risks that come with cloud computing is essential for any business that utilises it says Luke Brown.

Protecting the future: working together to combat tomorrow's cyber-security risks

Protecting the future: working together to combat tomorrow's cyber-security risks

Professor Chris Hankin demonstrates that with the advancement of cyber technology, our methods of connecting with and traveling between each other grow more sophisticated as well.

How vulnerable is the fingerprint scanner on your phone?

How vulnerable is the fingerprint scanner on your phone?

There are legal issues and technical vulnerabilties aound the use of fingerprint scanners on mobiles, hence, Anthony Neary says, it is vital to have a mix of solutions which enable maximum possible security.

Small businesses are losing money to cyber-criminals

Small businesses are losing money to cyber-criminals

SMEs are at greater risk from the consequences of cyber-attack, less able to recover, with more mission-critical data on a single machine, so educating themselves about mitigating the risk is essential says Andrew Conway.

Sandbox reliance is virtual insanity

Sandbox reliance is virtual insanity

Traditional email sandboxing techniques are increasingly unable to defend all employees against evolving threats, says Neil Murray

Mobile Security - the device isn't the problem

Mobile Security - the device isn't the problem

Securing the device is only the first step in reducing the risk of mobile employees says Eldar Tuvey, noting we need to secure and monitor both the hardware and the endpoint activity and implement a multi-level approach.

Simple steps for safe cloud storage

Simple steps for safe cloud storage

A common-sense approach to cloud storage will ensure your valuable data remains safe and secure, says Thomas Chappelow.

Keeping pace with an evolving cyber-crime landscape

Keeping pace with an evolving cyber-crime landscape

Luke Brown explains why today's cyber-security strategy needs to focus more on data protection technologies and strategies.

Three Stages to cyber-situational awareness and more effective cyber-security

Three Stages to cyber-situational awareness and more effective cyber-security

What's lacking in many organisations' cyber-defences is cyber-situational-awareness that provides a more holistic and specific view of threats and vulnerabilities relevant to your organisation says Alastair Paterson.

Lessons from the Experian hack

Lessons from the Experian hack

Experian breach is more than just another hack as cross referencing of data sets opens up even more scope for ciminal activity says Max Vetter

Is North Korea climbing to the top of the cyber-attack tree?

Is North Korea climbing to the top of the cyber-attack tree?

Pete Shoard asks how powerful are less developed countries such as North Korea when it comes to cyber-threats, and can it be regarded as a major player in cyber-warfare anyway for the impact it has achieved?

Building a new cloud security model

Building a new cloud security model

Users need to realise that cloud services can be more secure, not less, but it is a new security model where we need to be clear what we want to do and how we plan to do it says Russell Spitler.

Testing, Testing - 4 simple IT security mistakes that leave a business vulnerable

Testing, Testing - 4 simple IT security mistakes that leave a business vulnerable

Luke Potter looks at four of the most basic security oversights identified during penetration testing

Why should enterprises care about the Ashley Madison breach?

Why should enterprises care about the Ashley Madison breach?

Torben Andersen warns of the danger of corporates relying on passwords alone to protect their businesses...

Data breaches are out of control - act now or get fired!

Data breaches are out of control - act now or get fired!

Norman Shaw looks at the latest data breaches, their causes, what the Safe Harbour ruling could mean for data protection and what you should be doing now to protect your company and yourself.

Adaptive two-factor authentication: is it all it's cracked up to be?

Adaptive two-factor authentication: is it all it's cracked up to be?

Steve Watts considers options for two-factor identificaiton and suggests Near Field Communication (NFC)-based mobile authentication as a possible solution.

How to find a 'Super Hacker'

How to find a 'Super Hacker'

Anomaly-based detection, rather than signatures or threat intelligence, is more likely to detect nation-state and advanced criminal 'Super Hackers' before they can gain a significant foothold on networks says Peter Cohen.

How to attract and retain great cyber security talent

How to attract and retain great cyber security talent

Give your new graduates mentoring support and challenge them, rather than just giving them menial tasks if you want to attract and retain the best says Dr. Scott McVicar.

Why does the UK top global cybercrime hit list?

Why does the UK top global cybercrime hit list?

Anthony Neary describes what he sees as the six main reasons why the UK a top target for cyber-criminals.

Is it time to stop duelling with employees and their devices?

Is it time to stop duelling with employees and their devices?

Having to carry around two mobile devices - one for personal use and the other for corporate business - is an anachronism, says Sebastian Goodwin.

The three methodologies behind DNS threat detection

The three methodologies behind DNS threat detection

Intelligent and analytical identification of anomalies in DNS activity is key to stopping threats before they become a real problem says Dr Malcolm Murphy, systems engineering manager, Infoblox

How to minimise the risks of LinkedIn - the hacker's research tool

How to minimise the risks of LinkedIn - the hacker's research tool

Staff need ongoing training in defending against the latest threats - which currently includes LinkedIn says Andrew Tang, service director, security at MTI Technology

Four security questions to ask when moving to the cloud

Four security questions to ask when moving to the cloud

Security is a reasonable concern when considering moving your IT services to the cloud, but four key questions can help you assess the risk, says Chris Pace.

Spotting and staying ahead of the next network breach

Spotting and staying ahead of the next network breach

If they can't identify attacks when they happen, how can financial organisations effectively combat them, asks Ron Miller.

Are SYNful Knock-style router attacks set to become the new normal?

Are SYNful Knock-style router attacks set to become the new normal?

In the wake of the SYNful Knock attack on its routers, Cisco should re-engineer its devices to prevent future attacks, says Raimund Genes.

Last Word: Behavioural patterns & cloud

Last Word: Behavioural patterns & cloud

Using individual user's behaviour patterns can identify both the individual and Bot activity to thwart RATs says Uri Rivner

Threat of the month: Zero-day

Threat of the month: Zero-day

The rules of engagement for automating cyber-security

The rules of engagement for automating cyber-security

Kane Hardy explores how the rise of automated attacks dictates the need for automated defence.

The rise of state-sponsored cyber attacks

The rise of state-sponsored cyber attacks

Never underestimate just how valuable enterprise data is to cyber-criminals, from low-level thieves to extremely well-funded (and therefore, well-armed) state-sponsored attackers, says Matt Middleton-Leal.

How do we tackle SMS spear phishing?

How do we tackle SMS spear phishing?

It didn't take much time following internet connections on mobile phones to become commonplace for scammers to realise they had another avenue for phishing attacks, says Claire Cassar.

How to counter the M&A cybersecurity threat: hint, don't use Twitter, email

How to counter the M&A cybersecurity threat: hint, don't use Twitter, email

A leak, a hack, or a simple mistake can blow up any M&A deal carefully crafted over months or even years, says Stephen Dearing.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US