Are you getting a 'Return on Governance'?

Are you getting a 'Return on Governance'?

David Mount discusses the need for access governance, the kind of return that can be expected on it, and delivering a return on governance

Ransomware stops here - preventing network-wide ransom attacks

Ransomware stops here - preventing network-wide ransom attacks

Kasey Cross explains the devastation an organisation undergoes when struck by ransomware and describes preventative measures that can be taken to avoid spread from a single machine to a network.

Artificial intelligence and the future of cyber-security

Artificial intelligence and the future of cyber-security

Alexandre Arbelet and Daniel Brown explain the role of artificial intelligence in enhancing cyber-security

The cyber-security skills gap: maximise value from the team you have

The cyber-security skills gap: maximise value from the team you have

Nik Whitfield says before you worry about whether you have enough people with the right skills, worry about how people who have the most skills are spending their time - and why.

A data breach survival guide

A data breach survival guide

Matt Little asks how do companies identify, react to and guard against thieves, snoops and idiots?

Playing nicely with others is the key to security

Playing nicely with others is the key to security

Brian Chappell is passionate about the importance of integration to the security industry and explains why it has the power to help companies make quicker and better decisions.

The three best ways to combat ransomware

The three best ways to combat ransomware

Brian Vecci discusses why ransomware is so dangerous and the three best ways that organisations can catch and stop it before its devastating effects take place.

The General Data Protection Regulation - A post Brexit positive for British enterprise

The General Data Protection Regulation - A post Brexit positive for British enterprise

Andrew Tang discusses the fact that the legislation won't technically apply to the UK once the GDPR is enforced in 2018 and what it will mean for UK security

Network security - Stick to the plan

Network security - Stick to the plan

Will Embrey argues that, to maximise its budget and resources, determining a company's network security strategy should fall on the shoulders of its CEO.

The Ransomware villain: Why companies mustn't rely on heroes

The Ransomware villain: Why companies mustn't rely on heroes

Andy Buchanan discusses why companies need to take practical steps to defend against the consistent threat of ransomware

How a 'compliance mindset' can provide bad guys with short cuts if we're not careful

How a 'compliance mindset' can provide bad guys with short cuts if we're not careful

Jonathan Sander discusses why compliance is always a race to the bottom and how security as regulation takes executives off the front lines

Closing the cyber-skills gap: How to attract and keep the best cyber-security talent

Closing the cyber-skills gap: How to attract and keep the best cyber-security talent

Andrew Rogoyski says new ideas are needed to further motivate the quest for cyber-skills

No company is an Island

No company is an Island

John Suffolk describes the challenge of combating supply chain risk in a globalised marketplace

The Hidden Role of DDoS in Ransomware Attacks

The Hidden Role of DDoS in Ransomware Attacks

Dave Larson offers advice for organisations wishing to protect themselves from the latest types of cyber-extortion

As Microsoft Exchange users move to Office 365, so do cyber-criminals

As Microsoft Exchange users move to Office 365, so do cyber-criminals

Lewis Henderson discusses the migration to Office 365 and how companies are holding off migrating due to risks highlighted in recent news

What Hollywood has taught us about biometric hacking

What Hollywood has taught us about biometric hacking

Tony Anscombe says biometric identification is becoming the security measure of choice for a growing number of companies.

Container Security: The Code You Don't Know About

Container Security: The Code You Don't Know About

Mike Pittenger discusses what he believes is the most dangerous code in your application, whether standalone or containerised

Solving the IT skills crisis: the five skills businesses need IT to master

Solving the IT skills crisis: the five skills businesses need IT to master

Nigel Hawthorn discusses the IT skills crisis and the five skills that will become vital to businesses operating in the cloud

Is it time to look at red teaming?

Is it time to look at red teaming?

Mark Nicholls delves into the world of red teaming and explains why more companies are adopting this no-holds-barred approach to testing network security

Securing tomorrow's clouds

Securing tomorrow's clouds

Finding the right partner is the key to making cloud use secure for your organisation says Kevin Patel.

Brexit leads to pageviews — pageviews lead to malware

Brexit leads to pageviews — pageviews lead to malware

Media and news websites represent some of the world's most trusted brands. Jason Steer explains why they can be security vulnerabilities for their readers — and what you can do to protect yourself.

3 Steps to Help DevOps Go Fast, Safe and Secure

3 Steps to Help DevOps Go Fast, Safe and Secure

Kevin Bocek looks at DevOps' rise in popularity and the frequently overlooked security headaches that accompany it, and considers with how these issues might be remedied by automation.

Privacy Shield - not just Safe Harbour 2

Privacy Shield - not just Safe Harbour 2

With the final Privacy Shield, the European Commission and US Government have concluded years of negotiation over transatlantic data flows. Cameron Kerry and Maarten Meulenbelt consider the implications.

Countdown to compliance — is your business GDPR ready?

Countdown to compliance — is your business GDPR ready?

Rick Orloff describes what the GDPR means for businesses including a range of statistics which uncovered the disparity between ITDMs and knowledge workers on security and policy issues

Who is Guccifer 2.0?

Who is Guccifer 2.0?

Toni Gidwani challenges Guccifer 2.0's claimed attribution for the Democratic National Committee (DNC) breach

Forget the tech, security is cultural

Forget the tech, security is cultural

Christian Matthies explores how agile security demands radical methods of trust and responsibility for all staff, emphasising the need for a holistic approach that makes security a consideration for everyone in the company.

Why SMEs shouldn't be putting cyber-security on the back burner

Why SMEs shouldn't be putting cyber-security on the back burner

Andy Taylor discusses the ways SMEs can better protect themselves by placing cyber-security as a top business priority

The five tips for a safer Cloud

The five tips for a safer Cloud

Tony Anscombe discusses the biggest mistakes companies make when moving to the cloud and tips to reap the benefits

Poking around with Pokémon: why app developers need to address permission abuse

Poking around with Pokémon: why app developers need to address permission abuse

Ken Munro discusses why Pokémon Go is symptomatic of a wider problem - permissions abuse by mobile apps - and the implications of this for the user and app developer

How to protect against compromised credentials — without affecting employee productivity

How to protect against compromised credentials — without affecting employee productivity

François Amigorena explains why compromised credentials are a major cyber-threat to organisations and how cumbersome security wastes time, whereas contextual awareness allows greater security automatically.

The security implications of China's quantum communications satellite

The security implications of China's quantum communications satellite

Dwayne Melancon discusses why he thinks China's quantum communication satellite is more of a novelty than a practical solution to the eavesdropping problem.

Why you should expect even more data snooping outside of the EU

Why you should expect even more data snooping outside of the EU

Mateo Meier discusses how Brexit is set to impact data privacy/security in the UK

Despite Brexit, UK businesses must still prepare for the EU General Data Protection Regulation

Despite Brexit, UK businesses must still prepare for the EU General Data Protection Regulation

Lewis Henderson explains how companies need to prepare to EU general data protection regulation in light of the post Brexit situation in relation to cyber-security.

Phishing: What makes people click?

Phishing: What makes people click?

Dr Jules Pagna Disso explains why phishing remains one of the most successful forms of attack, and why staff education is key to tackling the problem.

Shifting the Economic Balance of Cyber-Defence

Shifting the Economic Balance of Cyber-Defence

Ben Johnson discusses threat intelligence sharing and how current standards are without expert input.

Should we still worry about EU GDPR?

Should we still worry about EU GDPR?

James Henry explores the implications of Brexit on the adoption of the EU GDPR legislation

How to stop a 'Hillary' in your organisation

How to stop a 'Hillary' in your organisation

Stacy Leidwinger looks at the Hillary Clinton email scandal and how companies can avoid the potential security risk of staff using shaddow IT.

Fencing with the digital highwayman: How to give ransomware a run for its money

Fencing with the digital highwayman: How to give ransomware a run for its money

Laurance Dine discusses what you can do to mitigate the risk of being struck by ransomware

The Impact of the SWIFT Hacks

The Impact of the SWIFT Hacks

Ross Brewer discusses the impact of the Bangladesh bank cyber-attack and the growing problem of stolen credentials.

You're about to get the most skilled cyber-crime assistant you could wish for

You're about to get the most skilled cyber-crime assistant you could wish for

Mike Foreman says we're about to get some much-needed help ... smarter technology to save us from ourselves.

Encryption: the reason I weep for the future of security

Encryption: the reason I weep for the future of security

Norman Shaw looks at why encryption alone is not the answer to avoiding a data breach and outlines where he thinks companies should be focusing.

The scourge of social engineering

The scourge of social engineering

Social media platforms are a social engineering resource for hackers. Andrew Tang, service director, security, MTI Technology outlines the problem and what is required to guard against it

The next five years: what could the UK's 2016-2021 Cyber-Security Strategy look like?

The next five years: what could the UK's 2016-2021 Cyber-Security Strategy look like?

Bryan Lillie puts forward suggestions for what the UK's cyber-security strategy should contain in the next five years

A push for data-centric security: What organisations must consider

A push for data-centric security: What organisations must consider

Ron Arden takes a data-centric approach to security where the focus is on protecting the data within a system, and not just the system itself

The five pillars of Network Access Control (NAC) needed to enforce BYOD

The five pillars of Network Access Control (NAC) needed to enforce BYOD

Paul Donovan outlines the main questions to ask when choosing a NAC solution to work alongside a BYOD policy while protecting the network

Email is dead ... Long live malicious email

Email is dead ... Long live malicious email

email is one of the main routes for delivering malware into the enterprise, but despite frequent reports of its demise, it appears here to stay, so companies had better tailor their security posture accordingly says Carl Leonard.

Protecting Your Business Advantage

Protecting Your Business Advantage

Andrew Rogoyski says that companies need to identify what is truly their most sensitive, most valuable data - the thing that would most severely impact the company if stolen or compromised.

UK Cyber-security after Brexit: May not be as bad as it first appears

UK Cyber-security after Brexit: May not be as bad as it first appears

It's difficult to predict how the global and British economies will react to Brexit in the long run, however UK Cyber-security has every chance of staying in very good shape says Ilia Kolochenko.

The battle between security and privacy

The battle between security and privacy

Joanna Ward looks at the recent battles between tech providers and law enforcement agencies over encryption and considers how the escalation potentially be avoided.

No inbox left behind: What security education lacks and how we might fix it

No inbox left behind: What security education lacks and how we might fix it

Itay Glick says that new spear-phishing scams suggest that this method of spreading malware will surely continue to grow

Biometrics or a password?

Biometrics or a password?

Tony Anscombe asks, which is more secure, the password or biometrics?

Ransomware: The great white shark of malware, and what you need to do about it

Ransomware: The great white shark of malware, and what you need to do about it

The threat of a cyber-attack is a concern for us all, but nothing strikes more fear than ransomware says Mark Kedgley.

Driving (cyber) security

Driving (cyber) security

Paco Hope asks if black boxes can make our cars and lives less safe instead of safer

Hunting the hackers: Why threat intelligence isn't enough

Hunting the hackers: Why threat intelligence isn't enough

James Parry explores why the enterprise needs to move beyond threat intelligence to proactively seek out emerging threats on social media and the dark web

After a decade, why can't we finally be rid of the Microsoft scam?

After a decade, why can't we finally be rid of the Microsoft scam?

Oren Kedem asks if we're using the right methods to teach victims about scams or are some other forces preventing the warning messages from being effective?

Is printing the biggest security threat for your business?

Is printing the biggest security threat for your business?

Wes Mulligan says organisations are on high alert when it comes to network security, yet they are overlooking the potential risks posed by the many printing devices that are connected directly to their network

Russia´s cyber-operations alter balance of power - tougher response called for

Russia´s cyber-operations alter balance of power - tougher response called for

Russia is alterering the balance of power with superior human resources in the cyber-realm and a strategy and will to used them offensively, including via proxies - and lack of western response encourages escalation says Jarno Limnéll.

What your business can learn from the Government's cyber-security policy

What your business can learn from the Government's cyber-security policy

Stuart Aston offers suggestions that an everyday business can learn from the Government and should consider when creating their own cyber-security protection framework

Empowering cyber-security providers

Empowering cyber-security providers

Cyber-security companies can cooperate to help facilitate and encourage standardisation of certifications and practices and even exercise their power at a global level to influence policy-making say Chris Southworth and Allen Dixon.

Making cyber-security due diligence an M&A priority

Making cyber-security due diligence an M&A priority

Shawn Henry explores the potential security pitfalls involved when companies make an acquisition, along with the steps that must be taken to mitigate these risks

People worry about robots taking over, but what are the bots doing already?

People worry about robots taking over, but what are the bots doing already?

Alistair Tooth talks about bots and what they are doing to your website - and says its time to take control.

IT security should start with questions not vendors...

IT security should start with questions not vendors...

Aidan Simister highlights basic questions to establish how much visibility organisations have around the most basic of security risks.

Tor at work - the privacy and security dilemma

Tor at work - the privacy and security dilemma

Thomas Fischer believes that the Investigatory Powers Bill will incentivise more citizens to use Tor to protect their online privacy. In turn, this could lead to more people using the Tor network at work, either for privacy reasons or to bypass the company firewall and browsing policies.

Restoring faith in the IT department

Restoring faith in the IT department

Rick Orloff highlights the importance of trust between IT and employees, and how to restore it in the wake of the current cyber-crime climate, including communicating that you understand user concerns..

Protecting yourself from the inside out

Protecting yourself from the inside out

Mav Turner shares top tips to help IT pros address the growing issue of insider threats within their business.

Hacking: The case for prevention rather than cure

Hacking: The case for prevention rather than cure

Amit Ashbel explains how source code is the one advantage vendors have over hackers and how testing code earlier in the development process can prevent many of the vulnerabilities that hackers exploit today

Ransomware has been labeled the biggest threat this year, but is it as dangerous as it's made out to be?

Ransomware has been labeled the biggest threat this year, but is it as dangerous as it's made out to be?

Steve Donald says ransomware is emerging as the major cyber-threat of 2016 but what can organisations do to protect themselves?

Cyber-security of the fridge: Assessing the Internet of Things threat

Cyber-security of the fridge: Assessing the Internet of Things threat

From nuclear power stations to cars, 'Things' are increasingly vulnerable to attack. Greater adoption of security best practices is needed says Mark Kedgley, who urges more building-in security to devices and how they use the internet.

Prioritising threat intelligence

Prioritising threat intelligence

Steven Rogers advises steps that will allow security teams to prioritise threats based on relevant threat intelligence.

Netflix's VPN ban may result in stronger security for VPN customers

Netflix's VPN ban may result in stronger security for VPN customers

Despite very vocal critics, Netflix will not give in to the demands of overseas VPN users that want access to the US catalogue of shows says Paul Bischoff.

The people problem: How to manage the human factor to shore up security

The people problem: How to manage the human factor to shore up security

Data security has never before featured so highly on the boardroom agenda, mostly thanks to a continued avalanche of major breach incidents says Tony Pepper.

Resilience in the mid-market: Improving incident response capabilities of mid-sized organisations

Resilience in the mid-market: Improving incident response capabilities of mid-sized organisations

In today's cyber-threat landscape, the importance of incident response (IR) as a critical priority is fast gaining traction among the security community says John Bruce.

IoT: Making the case for true interoperability

IoT: Making the case for true interoperability

Cesare Garlati says having a device rendered useless because of a shut down in cloud service highlights the need for open standards in IoT devices.

Healthcare phishing attacks - Is the NHS next and how can it prepare?

Healthcare phishing attacks - Is the NHS next and how can it prepare?

The healthcare sector is vulnerable to cyber-attack, keeping a lot of personal data that attackers are increasingly targetting, and the NHS needs to get its defences in place now says Stuart Robb.

Enterprises are facing rising mobile threats

Enterprises are facing rising mobile threats

Sean Ginevan outlines how attackers are changing their methods to attack the mobile enterprise, and what can be done to shut down vulnerabilities.

To pay or not to pay...

To pay or not to pay...

Andrew Tang explores the contentious issue of paying bug bounties when software flaws are discovered.

Post-breach forensics: Building the trail of evidence

Post-breach forensics: Building the trail of evidence

New approaches to user monitoring and behavioural analytics enable firms to analyse all user activity, allowing tracking and visualising of user activity in real-time to understand what is really happening on the network says Balázs Scheidler.

Security training — luck is all about practice

Security training — luck is all about practice

When it comes to cyber-security, almost half of organisations rely on luck to get them through a cyber-attacks says Bethany Mayer.

How to create an appetite for cyber-security risk management in the organisation

How to create an appetite for cyber-security risk management in the organisation

Poor risk appetite remains a problem for companies, yet cyber-security is one area that needs urgent attention says Stuart Reed.

EU business leaders must act now before new security law takes effect

EU business leaders must act now before new security law takes effect

Jason Hart explains why EU businesses need to evaluate their security practices now before the new law takes effect.

A synchronised approach to security

A synchronised approach to security

Without synchronised security, information system controls don't talk to each other, so can't work together to react to threats says John Shaw, advocating a more joined-up approach to security to defend against attacks.

Getting personal with cyber-security

Getting personal with cyber-security

Identity Access Management (IAM) tools don't just protect the perimeter, they protect the identities of everyone that logs on to the network, enabling users to benefit from productivity applications with less risk says Mark Hughes.

The ransomware epidemic shows firms are failing the security basics

The ransomware epidemic shows firms are failing the security basics

Its not just anti-malware, but a holistic security review including policies and processes that's needed to minimise the risk of ransomware says Raimund Genes - with basics such as data segmentation being ignored.

Is your data safe?

Is your data safe?

As technology advances it brings with it new and more efficient ways to live and work says Todd Partridge.

Training the Mastermind (board-game) generation

Training the Mastermind (board-game) generation

Mike Loginov and Viv MacDonald explore the importance of management awareness of cyber-security in an organisation

A successful move to a global cashless society requires a comprehensive information security strategy

A successful move to a global cashless society requires a comprehensive information security strategy

With electronic payments rapidly becoming the new way to transact, the idea of a cashless society is becoming a bigger reality, leading to demands for stronger authentication - without slowing transactions - says David Poole.

Meeting the new vulnerability disclosure challenge

Meeting the new vulnerability disclosure challenge

Michael Fimin considers the impact new EU General Data Protection Regulation (GDPR) laws will have on current vulnerability disclosure practices and recommends a number of best practices to help organisations measure up to the challenge.

The BYOD explosion: How much of a threat do personal devices really pose to your network?

The BYOD explosion: How much of a threat do personal devices really pose to your network?

How much of a risk is BYOD to network security? No more than company-issued hardware - provided businesses follow these four essential steps says Lee Painter.

The Snooper's Charter is a tricky subject, not least because of its double standards

The Snooper's Charter is a tricky subject, not least because of its double standards

Brian Chappell looks at why the backdoors of the Snooper's Charter are so repugnant to tech firms and how it can't be reconciled with the government's own directive to businesses to protect people's personal data.

Bracing your browser: how to keep the fraudsters at bay

Bracing your browser: how to keep the fraudsters at bay

Whether through loss of financial assets or damage to an organisation's brand, online fraud is becoming more of a problem and has the capacity to significantly and negatively impact a business, says Gad Elkin.

Ensure that your employment contracts are fit for purpose for cyber-security

Ensure that your employment contracts are fit for purpose for cyber-security

Katherine Maxwell says most organisations don't include cyber/data negligence within their employment contracts, and it is often not given the same respect as other employment issues.

Have retailers secured themselves against the Insider threat before you head to the checkout?

Have retailers secured themselves against the Insider threat before you head to the checkout?

The entire company must be aware of security risks, and their role, with safeguards in place to make it harder for mistakes to happen, as well as training to raise awareness of the consequences of a leak says Jens Puhle.

Four Tips to kick-start your web application security effort

Four Tips to kick-start your web application security effort

Ian Muscat offers four crucial tips on securing web applications - with the general theme of being prepared.

How will the new EU-US privacy shield fit with the upcoming General Data Protection Regulation?

How will the new EU-US privacy shield fit with the upcoming General Data Protection Regulation?

Tracey Stretton and Lauren Grest look at the EU-US Privacy Shield and the consequences of the Schrems judgement for international data transfers and how it (or any successor) fits into the EU GDPR.

Leading the fight against loyalty fraud

Leading the fight against loyalty fraud

Loyalty points have value. And when something has value, criminals will want to get their hands on it. So retailers and consumers have to work to keep these loyalty programmes safe according to Don Bush.

Last Word: GDPR could help Europe take the lead for breach notification

Last Word: GDPR could help Europe take the lead for breach notification

Companies operating in Europe have until 2018 to comply with compulsory breach notification under the EU GDPR or face heavy fines, but Gant Redmon says this could be a good thing for the industry and provide a global legislative model

Identity management in the post-Persona world

Identity management in the post-Persona world

The impending demise of Mozilla's identity management system, Persona, doesn't thange the fact that a sound blend of password management and unified authentication is the future of identity management says V Balasubramanian.

Three reasons to consider Managed Security Services

Three reasons to consider Managed Security Services

Jeff Finch offers reasons for organisations to take advantage of Managed Security Services (MSS).

Biometrics deployed with a fallback password: statistics on false sense of security

Biometrics deployed with a fallback password: statistics on false sense of security

Hitoshi Kokumai provides follow-up statistical data regarding "False sense of security" confirming eroneous perceptions exist regarding identity verification when two factors are used but not not linked.

Governments, criminals and personal privacy - the question of encryption

Governments, criminals and personal privacy - the question of encryption

Two recent events have highlighted the issue of whether service providers should be forced to find a way to give government agencies access to encrypted, private communications says Richard Anstey.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US