Account takeover fraud is not a lottery: lax security allows fraudsters in

Account takeover fraud is not a lottery: lax security allows fraudsters in

Roberto Valerio addresses the latest breach from the National Lottery and analyses how and why this type of fraud is on the rise

Comply to supply - Firms to prove their cyber-credentials or risk losing business

Comply to supply - Firms to prove their cyber-credentials or risk losing business

If cyber-crime wasn't considered a business risk before, it is certainly being pushed to the front and centre stage by large firms now, says Chris Dye who urges adoption of file-regeneration technology.

Never stop learning - the need for a risk-based approach to cyber-security

Never stop learning - the need for a risk-based approach to cyber-security

Kristine Olson-Chapman advises senior executives and IT security professionals on how to manage the challenges of cyber-security by using a risk-based approach

Industrial control systems (ICS) and cyber-risks

Industrial control systems (ICS) and cyber-risks

One of Europe's foremost specialists in securing the technology that controls critical infrastructure, Mark Carolan, believes information security pros should be worried about ICS in their infrastructure.

With GDPR imminent, it's crucial we tackle the biggest myths surrounding data regulation and cyber-security

With GDPR imminent, it's crucial we tackle the biggest myths surrounding data regulation and cyber-security

Lillian Pang addresses some of the most common misconceptions surrounding the new GDPR legislation

Mergers & acquisitions: a lesson in cyber-security complacency and reputational ruin

Mergers & acquisitions: a lesson in cyber-security complacency and reputational ruin

When you undertake an acquisition, cyber-security must be a top integration priority. If left to fester, it will eventually catch you out says Ian Kayne.

Keeping pace with the speeding wheel of change

Keeping pace with the speeding wheel of change

Kevin Davis discusses how vital it is that organisations look to agility as a way of providing speed of change and embracing new technologies to facilitate customer needs

Data manipulation heralds a new era of hacking

Data manipulation heralds a new era of hacking

Jason Hart discusses how data manipulation will be the biggest threat to businesses and public figures in the future.

The new measure of security: visibility

The new measure of security: visibility

Kasey Cross discusses the importance of having the ability to see active attackers on your network at work

Why you should have a DDoS defence

Why you should have a DDoS defence

Duncan Hughes explains the best methods to use to effectively protect businesses and ensure networks can stand up to a DDoS attack

What bicycle thefts can teach us about mobile security

What bicycle thefts can teach us about mobile security

Avi Rosen explores how a common crime - and the mitigations against it - can be applied to the world of mobile security.

Will the GDPR prevent the next headline-grabbing data breach?

Will the GDPR prevent the next headline-grabbing data breach?

Gavin Millard says that while having a regulation such as the EU GDPR in place would have reduced the chance of a breach the size of Yahoo!, practicing good cyber-hygiene and timely disclosure have the best effects when dealing with any major breach that compromises personal data.

Fighting cyber-crime: an investment for the future

Fighting cyber-crime: an investment for the future

Graham Carberry provides insight into why Britain is one of the biggest targets of cyber-attack worldwide and the technological developments that come from innovative security businesses

Digital revolution: how IT can minimise cyber-risk and drive profit

Digital revolution: how IT can minimise cyber-risk and drive profit

John Ferron discusses the best way to embark on a digital transformation exercise that can deliver business efficiency and security.

The big data era for DDoS protection has arrived

The big data era for DDoS protection has arrived

Avi Freedman discusses the use of big data to cope with the increasingly large scale DDoS attacks.

Man and Machine Learning Merging to Boost Cyber-security

Man and Machine Learning Merging to Boost Cyber-security

Bogdan Botezatu discusses how defenders are using machine learning algorithms to help beat the malware and give themselves the best possible chance of evading and protecting against APTs.

Automation: why humanity is vital

Automation: why humanity is vital

Dik Vos explores how automation requires humanity and predictions on how the industry is set to change dramatically over the next ten years.

Unaware and under attack: why small businesses must wake up to the cyber-crime threat

Unaware and under attack: why small businesses must wake up to the cyber-crime threat

Sian John discusses why SMEs should care about having security measures to protect their business since if they fail to comply to with GDPR and other regulations, they can lose a lot of money

An accident waiting to happen

An accident waiting to happen

Jon Fielding discusses the need to manage information security at the data level and not simply at the network perimeter.

The threat of privileged user access - monitoring and controlling privilege users

The threat of privileged user access - monitoring and controlling privilege users

Marcell Gogan discusses the threat of privileged user access and how it often goes largely ignored

Cyber-security needs real innovation

Cyber-security needs real innovation

Sam Hutton says that as the rapidly growing menace of cyber-crime climbs the corporate agenda, it is increasingly recognised that the answers to such a severe threat lay in innovation.

Can tackling security threats also boost your organisation's productivity?

Can tackling security threats also boost your organisation's productivity?

Dave Schuette discusses the measures enterprises must adopt to ensure security in the age of mobility and BYOD

Why security vendors should put their money where their mouth is

Why security vendors should put their money where their mouth is

Jeremiah Grossman says it's not uncommon to see security vendors claim they're the best vendor to protect you from cyber-threats. These claims are all well and good, but where is the evidence to back these figures up?

Security: from the basement to the boardroom

Security: from the basement to the boardroom

Justin Dolly discusses why security should be high on the agenda of the board and seen as a business enabler, not a drain on resources

How to protect your business from DDoS attacks

How to protect your business from DDoS attacks

Annette Murphy explores how security professionals can prepare and protect their assets from Distributed Denial of Service (DDoS) attacks

Securing remote control is the first step to safely managing changing working patterns

Securing remote control is the first step to safely managing changing working patterns

Pascal Bergeot says being able to take remote control of users' PCs is crucial to managing modern and disparate work forces, but can you really be sure how safe you are?

Recent OpenSSL patches show why using containers to enhance vulnerability response plans is good idea

Recent OpenSSL patches show why using containers to enhance vulnerability response plans is good idea

Tim Mackey explains the value of taking a container approach to vulnerability response plans

The right connections - how graph analytics beats fraudsters and cyber-crime

The right connections - how graph analytics beats fraudsters and cyber-crime

Phil Filleul discusses how banks can beat off cyber-criminals using a range of methods and explores how graph analytics can improve their defence and protection

Post-Brexit Cyber-Security

Post-Brexit Cyber-Security

Henrik Kiertzner asks how will the UK's departure from the European Union impact cyber-security?

Why ransomware is a paper tiger

Why ransomware is a paper tiger

Nic Scott discusses what IT decision makers can do to make their organisation immune from ransomware so they too can laugh at the scammers trying to take company files for a ride.

Cyber-crime: on an upward trend

Cyber-crime: on an upward trend

Cyber-crime growth is accelerating. Rob Wainwright reports how Europol's 2016 Internet Organised Crime Threat Assessment identifies an expanding cyber-criminal economy exploiting our increasingly Internet-enabled lives.

Breaches happen - the key is being prepared

Breaches happen - the key is being prepared

Rory Duncan argues that companies need to invest not only in detective and defensive controls, but also in the ability to take action when an attack is occurring

Leveraging Big Data with information security

Leveraging Big Data with information security

Bhupender Singh discusses how Big Data is adding a new paradigm to cyber-security

Multi-factor authentication — it's not as good as you think

Multi-factor authentication — it's not as good as you think

François Amigorena argues that multi-factor authentication impedes end users and slows them down in their jobs, and goes into detail about how context-aware security works in the background to secure users

Facing the UK cyber-security threat

Facing the UK cyber-security threat

Jeremy King discusses what businesses can do today to prioritise data security

YOUR business website has at least one severe vulnerability - giving hackers open access - what can you do?

YOUR business website has at least one severe vulnerability - giving hackers open access - what can you do?

Statistically your company website already has at least one severe flaw - and there could be many more, says Ian Muscat. Why are website vulnerabilities so frequent and on the rise? What should organisations be focusing on and how can they protect themselves in the future?

Will Brexit be a game changer for GDPR?

Will Brexit be a game changer for GDPR?

Michael Hack touches on what we need to know about the GDPR in regard to risk evaluation, personal information compliance, the right to be forgotten, disclosure days, training and technology, and the consequences

Digital forensics leads the fight against cyber-crime

Digital forensics leads the fight against cyber-crime

Andrew Sheldon discusses how there is considerable danger in allowing digital forensic triage to be carried out in haste or in ignorance

How organisations can better protect customer data from insider threats

How organisations can better protect customer data from insider threats

Dana Simberkoff discusses what organisations can learn from the Sage incident and how to stop insider threats in their tracks through policy creation and internal safeguards

Data protection: proactive prevention is better than cure

Data protection: proactive prevention is better than cure

With employees and endpoints the weak links in the cyber-security chain, David Angwin says organisations must break away from traditional protection and switch focus to preventing sophisticated attacks before it's too late.

Physical identities are dead. Long live digital identities!

Physical identities are dead. Long live digital identities!

Claire de Longeaux discusses how physical identities need to change, notably through a numerical evolution.

Contact centre security in the cloud - how can you best protect your customer's data?

Contact centre security in the cloud - how can you best protect your customer's data?

Ralph Echemendia discusses the best practices for ensuring security of customer data for a contact centre in the cloud

iOS 10: Is Apple starting a new era of collaborative security?

iOS 10: Is Apple starting a new era of collaborative security?

Kevin Bocek argues that by decrypting the kernel and inviting developers to root around in its OS, Apple will actually make users more secure as any vulnerabilities will instantly be brought to light.

Fighting new cyber-threats the 'old-fashioned' way doesn't work

Fighting new cyber-threats the 'old-fashioned' way doesn't work

Shai Morag discusses the importance of endpoint visibility for a large organisation, what stands in the way of organisations maturing their endpoint visibility and ways technology can help ascertain this essential missing piece of the incident response puzzle.

Password thefts and account hijacking - why every data dump should be on your mind

Password thefts and account hijacking - why every data dump should be on your mind

The theft of millions of password credentials can lead to automated attacks on other companies' sites. But Stephen Singam asks how can they be prepared to spot this risk?

Enabling security and compliance in a complex multinational framework

Enabling security and compliance in a complex multinational framework

Paul Donovan explains the security issues prevalent for today's multinationals, and how to instigate centralised policies to help manage security and compliance.

e-Signatures & eIDAS - what you need to know

e-Signatures & eIDAS - what you need to know

David Alexander discusses three ways in which the new EU e-Signature Regulation will affect wealth management companies.

Ponemon: Financial institutions not prepared to address cyber-attacks in encrypted traffic

Ponemon: Financial institutions not prepared to address cyber-attacks in encrypted traffic

Duncan Hughes explains how SSL decryption will increasingl be needed to ensure encrypted traffic does not become a facilitator for attackers.

Why hacking yourself is your best bet to keeping safe

Why hacking yourself is your best bet to keeping safe

Jason Hart says the best thing we can do to protect our business and personal lives from cyber-criminals looking to gain access to our information is to beat them to it with ethical hacking.

Getting smart - a joined up approach to beating the hackers

Getting smart - a joined up approach to beating the hackers

As data breaches become commonplace and organisations struggle to keep pace, Treavor Dearing explains why integration and collaboration among IT security vendors is emerging as the only viable solution to beat cyber-criminals once and for all.

Time to upgrade data loss prevention to DLP 2.0

Time to upgrade data loss prevention to DLP 2.0

Rui Biscaia discusses how companies can overcome the weaknesses in data loss programmes to make them relevant and effective again.

Yahoo! and the mega breaches that keep on happening

Yahoo! and the mega breaches that keep on happening

James Henry looks at the Yahoo! Incident within the context of other mega breaches to look at the trends and where security is failing.

Apprenticeships vs university

Apprenticeships vs university

Lawrence Jones explains how apprenticeships can help to develop the next generation of technical engineers and innovators.

Guccifer 2.0 and Russia's hidden agenda

Guccifer 2.0 and Russia's hidden agenda

Rob Sloan explains how the DNC hack was tied to Russian state hackers

Cyber-security - turning a threat into an opportunity for Poland

Cyber-security - turning a threat into an opportunity for Poland

Dr Joanna Świątkowska says that a comprehensive, multi-dimensional strategy in necessary for cyber-defence, and for Poland, the need for national defence is an opportunity to build an export business in cyber-security.

Biometric authentication - are the Brits too trusting of biometric security?

Biometric authentication - are the Brits too trusting of biometric security?

André Malinowski discusses his view on how Britain is too trusting of biometric security

Are hackers playing the fame game?

Are hackers playing the fame game?

Michael Marriott looks at how hackers are increasingly using tactics used by commercial organisations to raise their profile and publicise their 'business'.

Connected cars - addressing concerns around public safety

Connected cars - addressing concerns around public safety

Stephen Morrow discusses that automotive manufacturers have been focusing so much on adding functionality and usability to connected cars that they haven't properly considered the threats

Brexit and the GDPR: What can UK businesses do now?

Brexit and the GDPR: What can UK businesses do now?

While the result of the referendum in the UK to leave the EU was unexpected by commentators, Brexit isn't the disaster that some critics claim and for nimble companies, it provides some opportunities, says Jack Bedell-Pearce.

The Internet of Things, cyber-security and the role of the CIO

The Internet of Things, cyber-security and the role of the CIO

Andy Taylor discusses how CIOs can tackle the problems with IoT security and what precautions they could be taking.

Will the Investigatory Powers Bill mean handing over the keys to the kingdom?

Will the Investigatory Powers Bill mean handing over the keys to the kingdom?

Nic Scott discusses how the IP Bill will fundamentally change the relationship between UK citizens and the government.

Identity sensors: using IAM focussed honeypots to enhance security

Identity sensors: using IAM focussed honeypots to enhance security

Darran Rolls discusses proactive IAM techniques organisations can use to stay protected

After GDPR, Privacy Shield and Brexit, 5 questions you need to ask about your data

After GDPR, Privacy Shield and Brexit, 5 questions you need to ask about your data

Fortunato Guarino looks at the importance of having the necessary processes and technology in place for finding personally identifiable information (PII) anywhere on the company network

Five common enterprise questions about OpenStack security

Five common enterprise questions about OpenStack security

Travis McPeak lists the top five OpenStack questions often asked by users and technologists and provides responses to each

The top seven ways for UK business to protect themselves in today's cloud-enabled world

The top seven ways for UK business to protect themselves in today's cloud-enabled world

Steve Nice discusses where UK businesses are falling short on security, what's at stake for them, and what they need to do to protect themselves.

Why some friction in the payment process can be a good thing

Why some friction in the payment process can be a good thing

David Poole discusses how technology and the internet have transformed our payment process and the issues that come with these new developments.

Protecting your records ahead of GDPR

Protecting your records ahead of GDPR

Gavin Siggers explores six key steps to getting GDPR-ready to help businesses understand the impact of the GDPR on their information management processes.

Why corporate security fails - A focus on leadership

Why corporate security fails - A focus on leadership

Mark Kedgley looks at how cyber-security technology is marketed and the recurring disconnect between product investment and incremental improvements in information security effectiveness.

New study reveals that numerous UK businesses are unprepared for a cyber-attack

New study reveals that numerous UK businesses are unprepared for a cyber-attack

Andrew Dalglish explains the potential risk for UK businesses as a result of so many not being prepared for an attack, plus looks at common weaknesses in current cyber-security and how they might be overcome.

Artificial Intelligence - is it the answer for identity management?

Artificial Intelligence - is it the answer for identity management?

Lee Painter says a rise in security breaches due to abuse of access has put the spotlight on Identity and Access Management. So how might Artificial Intelligence shape its future?

Real world assets under cyber-attack - how do we defend CNI - SCADA, IOT, utilities?

Real world assets under cyber-attack - how do we defend CNI - SCADA, IOT, utilities?

Critical Infrastructure is now at risk. Transport, finance and utilities are all targets. Graham Mann looks at some key issues and how they can be tackled.

Minimising the damage caused by a breach

Minimising the damage caused by a breach

Protecting data is a significant task faced by security managers every day. Paul German discusses creating cyber-security strategies for government agencies.

Letter to the Editor: Biometrics - does it strengthen or weaken security?

Letter to the Editor: Biometrics - does it strengthen or weaken security?

Biometrics can actually weaken authentication security if not implemented correctly says Hitoshi Kokumai, who asks, what exactly does the NIST Authentication Guideline have to say on this issue?

A human-shaped approach to security

A human-shaped approach to security

Given the myriad of security solutions available today, Danny Ilic says the key challenge is to ensure customers accept new products and services and are comfortable using them.

Is security automation the solution for overworked cyber-security staff?

Is security automation the solution for overworked cyber-security staff?

Paul Cash discusses the use of automation technologies to improve security processes

Are you getting a 'Return on Governance'?

Are you getting a 'Return on Governance'?

David Mount discusses the need for access governance, the kind of return that can be expected on it, and delivering a return on governance

Ransomware stops here - preventing network-wide ransom attacks

Ransomware stops here - preventing network-wide ransom attacks

Kasey Cross explains the devastation an organisation undergoes when struck by ransomware and describes preventative measures that can be taken to avoid spread from a single machine to a network.

Artificial intelligence and the future of cyber-security

Artificial intelligence and the future of cyber-security

Alexandre Arbelet and Daniel Brown explain the role of artificial intelligence in enhancing cyber-security

The cyber-security skills gap: maximise value from the team you have

The cyber-security skills gap: maximise value from the team you have

Nik Whitfield says before you worry about whether you have enough people with the right skills, worry about how people who have the most skills are spending their time - and why.

A data breach survival guide

A data breach survival guide

Matt Little asks how do companies identify, react to and guard against thieves, snoops and idiots?

Playing nicely with others is the key to security

Playing nicely with others is the key to security

Brian Chappell is passionate about the importance of integration to the security industry and explains why it has the power to help companies make quicker and better decisions.

The three best ways to combat ransomware

The three best ways to combat ransomware

Brian Vecci discusses why ransomware is so dangerous and the three best ways that organisations can catch and stop it before its devastating effects take place.

The General Data Protection Regulation - A post Brexit positive for British enterprise

The General Data Protection Regulation - A post Brexit positive for British enterprise

Andrew Tang discusses the fact that the legislation won't technically apply to the UK once the GDPR is enforced in 2018 and what it will mean for UK security

Network security - Stick to the plan

Network security - Stick to the plan

Will Embrey argues that, to maximise its budget and resources, determining a company's network security strategy should fall on the shoulders of its CEO.

The Ransomware villain: Why companies mustn't rely on heroes

The Ransomware villain: Why companies mustn't rely on heroes

Andy Buchanan discusses why companies need to take practical steps to defend against the consistent threat of ransomware

How a 'compliance mindset' can provide bad guys with short cuts if we're not careful

How a 'compliance mindset' can provide bad guys with short cuts if we're not careful

Jonathan Sander discusses why compliance is always a race to the bottom and how security as regulation takes executives off the front lines

Closing the cyber-skills gap: How to attract and keep the best cyber-security talent

Closing the cyber-skills gap: How to attract and keep the best cyber-security talent

Andrew Rogoyski says new ideas are needed to further motivate the quest for cyber-skills

No company is an Island

No company is an Island

John Suffolk describes the challenge of combating supply chain risk in a globalised marketplace

The Hidden Role of DDoS in Ransomware Attacks

The Hidden Role of DDoS in Ransomware Attacks

Dave Larson offers advice for organisations wishing to protect themselves from the latest types of cyber-extortion

As Microsoft Exchange users move to Office 365, so do cyber-criminals

As Microsoft Exchange users move to Office 365, so do cyber-criminals

Lewis Henderson discusses the migration to Office 365 and how companies are holding off migrating due to risks highlighted in recent news

What Hollywood has taught us about biometric hacking

What Hollywood has taught us about biometric hacking

Tony Anscombe says biometric identification is becoming the security measure of choice for a growing number of companies.

Container Security: The Code You Don't Know About

Container Security: The Code You Don't Know About

Mike Pittenger discusses what he believes is the most dangerous code in your application, whether standalone or containerised

Solving the IT skills crisis: the five skills businesses need IT to master

Solving the IT skills crisis: the five skills businesses need IT to master

Nigel Hawthorn discusses the IT skills crisis and the five skills that will become vital to businesses operating in the cloud

Is it time to look at red teaming?

Is it time to look at red teaming?

Mark Nicholls delves into the world of red teaming and explains why more companies are adopting this no-holds-barred approach to testing network security

Securing tomorrow's clouds

Securing tomorrow's clouds

Finding the right partner is the key to making cloud use secure for your organisation says Kevin Patel.

Brexit leads to pageviews — pageviews lead to malware

Brexit leads to pageviews — pageviews lead to malware

Media and news websites represent some of the world's most trusted brands. Jason Steer explains why they can be security vulnerabilities for their readers — and what you can do to protect yourself.

3 Steps to Help DevOps Go Fast, Safe and Secure

3 Steps to Help DevOps Go Fast, Safe and Secure

Kevin Bocek looks at DevOps' rise in popularity and the frequently overlooked security headaches that accompany it, and considers with how these issues might be remedied by automation.

Privacy Shield - not just Safe Harbour 2

Privacy Shield - not just Safe Harbour 2

With the final Privacy Shield, the European Commission and US Government have concluded years of negotiation over transatlantic data flows. Cameron Kerry and Maarten Meulenbelt consider the implications.

Countdown to compliance — is your business GDPR ready?

Countdown to compliance — is your business GDPR ready?

Rick Orloff describes what the GDPR means for businesses including a range of statistics which uncovered the disparity between ITDMs and knowledge workers on security and policy issues

Who is Guccifer 2.0?

Who is Guccifer 2.0?

Toni Gidwani challenges Guccifer 2.0's claimed attribution for the Democratic National Committee (DNC) breach

SC Webcasts UK

Sign up to our newsletters

FOLLOW US