François Amigorena argues that multi-factor authentication impedes end users and slows them down in their jobs, and goes into detail about how context-aware security works in the background to secure users
Jeremy King discusses what businesses can do today to prioritise data security
YOUR business website has at least one severe vulnerability - giving hackers open access - what can you do?
Statistically your company website already has at least one severe flaw - and there could be many more, says Ian Muscat. Why are website vulnerabilities so frequent and on the rise? What should organisations be focusing on and how can they protect themselves in the future?
Michael Hack touches on what we need to know about the GDPR in regard to risk evaluation, personal information compliance, the right to be forgotten, disclosure days, training and technology, and the consequences
Andrew Sheldon discusses how there is considerable danger in allowing digital forensic triage to be carried out in haste or in ignorance
Dana Simberkoff discusses what organisations can learn from the Sage incident and how to stop insider threats in their tracks through policy creation and internal safeguards
With employees and endpoints the weak links in the cyber-security chain, David Angwin says organisations must break away from traditional protection and switch focus to preventing sophisticated attacks before it's too late.
Claire de Longeaux discusses how physical identities need to change, notably through a numerical evolution.
Ralph Echemendia discusses the best practices for ensuring security of customer data for a contact centre in the cloud
Kevin Bocek argues that by decrypting the kernel and inviting developers to root around in its OS, Apple will actually make users more secure as any vulnerabilities will instantly be brought to light.
Shai Morag discusses the importance of endpoint visibility for a large organisation, what stands in the way of organisations maturing their endpoint visibility and ways technology can help ascertain this essential missing piece of the incident response puzzle.
The theft of millions of password credentials can lead to automated attacks on other companies' sites. But Stephen Singam asks how can they be prepared to spot this risk?
Paul Donovan explains the security issues prevalent for today's multinationals, and how to instigate centralised policies to help manage security and compliance.
David Alexander discusses three ways in which the new EU e-Signature Regulation will affect wealth management companies.
Duncan Hughes explains how SSL decryption will increasingl be needed to ensure encrypted traffic does not become a facilitator for attackers.
Jason Hart says the best thing we can do to protect our business and personal lives from cyber-criminals looking to gain access to our information is to beat them to it with ethical hacking.
As data breaches become commonplace and organisations struggle to keep pace, Treavor Dearing explains why integration and collaboration among IT security vendors is emerging as the only viable solution to beat cyber-criminals once and for all.
Rui Biscaia discusses how companies can overcome the weaknesses in data loss programmes to make them relevant and effective again.
James Henry looks at the Yahoo! Incident within the context of other mega breaches to look at the trends and where security is failing.
Lawrence Jones explains how apprenticeships can help to develop the next generation of technical engineers and innovators.
Rob Sloan explains how the DNC hack was tied to Russian state hackers
Dr Joanna Świątkowska says that a comprehensive, multi-dimensional strategy in necessary for cyber-defence, and for Poland, the need for national defence is an opportunity to build an export business in cyber-security.
André Malinowski discusses his view on how Britain is too trusting of biometric security
Michael Marriott looks at how hackers are increasingly using tactics used by commercial organisations to raise their profile and publicise their 'business'.
Stephen Morrow discusses that automotive manufacturers have been focusing so much on adding functionality and usability to connected cars that they haven't properly considered the threats
While the result of the referendum in the UK to leave the EU was unexpected by commentators, Brexit isn't the disaster that some critics claim and for nimble companies, it provides some opportunities, says Jack Bedell-Pearce.
Andy Taylor discusses how CIOs can tackle the problems with IoT security and what precautions they could be taking.
Nic Scott discusses how the IP Bill will fundamentally change the relationship between UK citizens and the government.
Darran Rolls discusses proactive IAM techniques organisations can use to stay protected
Fortunato Guarino looks at the importance of having the necessary processes and technology in place for finding personally identifiable information (PII) anywhere on the company network
Travis McPeak lists the top five OpenStack questions often asked by users and technologists and provides responses to each
Steve Nice discusses where UK businesses are falling short on security, what's at stake for them, and what they need to do to protect themselves.
David Poole discusses how technology and the internet have transformed our payment process and the issues that come with these new developments.
Gavin Siggers explores six key steps to getting GDPR-ready to help businesses understand the impact of the GDPR on their information management processes.
Mark Kedgley looks at how cyber-security technology is marketed and the recurring disconnect between product investment and incremental improvements in information security effectiveness.
Andrew Dalglish explains the potential risk for UK businesses as a result of so many not being prepared for an attack, plus looks at common weaknesses in current cyber-security and how they might be overcome.
Lee Painter says a rise in security breaches due to abuse of access has put the spotlight on Identity and Access Management. So how might Artificial Intelligence shape its future?
Critical Infrastructure is now at risk. Transport, finance and utilities are all targets. Graham Mann looks at some key issues and how they can be tackled.
Protecting data is a significant task faced by security managers every day. Paul German discusses creating cyber-security strategies for government agencies.
Biometrics can actually weaken authentication security if not implemented correctly says Hitoshi Kokumai, who asks, what exactly does the NIST Authentication Guideline have to say on this issue?
Given the myriad of security solutions available today, Danny Ilic says the key challenge is to ensure customers accept new products and services and are comfortable using them.
Paul Cash discusses the use of automation technologies to improve security processes
David Mount discusses the need for access governance, the kind of return that can be expected on it, and delivering a return on governance
Kasey Cross explains the devastation an organisation undergoes when struck by ransomware and describes preventative measures that can be taken to avoid spread from a single machine to a network.
Alexandre Arbelet and Daniel Brown explain the role of artificial intelligence in enhancing cyber-security
Nik Whitfield says before you worry about whether you have enough people with the right skills, worry about how people who have the most skills are spending their time - and why.
Matt Little asks how do companies identify, react to and guard against thieves, snoops and idiots?
Brian Chappell is passionate about the importance of integration to the security industry and explains why it has the power to help companies make quicker and better decisions.
Brian Vecci discusses why ransomware is so dangerous and the three best ways that organisations can catch and stop it before its devastating effects take place.
Andrew Tang discusses the fact that the legislation won't technically apply to the UK once the GDPR is enforced in 2018 and what it will mean for UK security
Will Embrey argues that, to maximise its budget and resources, determining a company's network security strategy should fall on the shoulders of its CEO.
Andy Buchanan discusses why companies need to take practical steps to defend against the consistent threat of ransomware
Jonathan Sander discusses why compliance is always a race to the bottom and how security as regulation takes executives off the front lines
Andrew Rogoyski says new ideas are needed to further motivate the quest for cyber-skills
John Suffolk describes the challenge of combating supply chain risk in a globalised marketplace
Dave Larson offers advice for organisations wishing to protect themselves from the latest types of cyber-extortion
Lewis Henderson discusses the migration to Office 365 and how companies are holding off migrating due to risks highlighted in recent news
Tony Anscombe says biometric identification is becoming the security measure of choice for a growing number of companies.
Mike Pittenger discusses what he believes is the most dangerous code in your application, whether standalone or containerised
Nigel Hawthorn discusses the IT skills crisis and the five skills that will become vital to businesses operating in the cloud
Mark Nicholls delves into the world of red teaming and explains why more companies are adopting this no-holds-barred approach to testing network security
Finding the right partner is the key to making cloud use secure for your organisation says Kevin Patel.
Media and news websites represent some of the world's most trusted brands. Jason Steer explains why they can be security vulnerabilities for their readers — and what you can do to protect yourself.
Kevin Bocek looks at DevOps' rise in popularity and the frequently overlooked security headaches that accompany it, and considers with how these issues might be remedied by automation.
With the final Privacy Shield, the European Commission and US Government have concluded years of negotiation over transatlantic data flows. Cameron Kerry and Maarten Meulenbelt consider the implications.
Rick Orloff describes what the GDPR means for businesses including a range of statistics which uncovered the disparity between ITDMs and knowledge workers on security and policy issues
Toni Gidwani challenges Guccifer 2.0's claimed attribution for the Democratic National Committee (DNC) breach
Christian Matthies explores how agile security demands radical methods of trust and responsibility for all staff, emphasising the need for a holistic approach that makes security a consideration for everyone in the company.
Andy Taylor discusses the ways SMEs can better protect themselves by placing cyber-security as a top business priority
Tony Anscombe discusses the biggest mistakes companies make when moving to the cloud and tips to reap the benefits
Ken Munro discusses why Pokémon Go is symptomatic of a wider problem - permissions abuse by mobile apps - and the implications of this for the user and app developer
François Amigorena explains why compromised credentials are a major cyber-threat to organisations and how cumbersome security wastes time, whereas contextual awareness allows greater security automatically.
Dwayne Melancon discusses why he thinks China's quantum communication satellite is more of a novelty than a practical solution to the eavesdropping problem.
Mateo Meier discusses how Brexit is set to impact data privacy/security in the UK
Lewis Henderson explains how companies need to prepare to EU general data protection regulation in light of the post Brexit situation in relation to cyber-security.
Dr Jules Pagna Disso explains why phishing remains one of the most successful forms of attack, and why staff education is key to tackling the problem.
Ben Johnson discusses threat intelligence sharing and how current standards are without expert input.
James Henry explores the implications of Brexit on the adoption of the EU GDPR legislation
Stacy Leidwinger looks at the Hillary Clinton email scandal and how companies can avoid the potential security risk of staff using shaddow IT.
Laurance Dine discusses what you can do to mitigate the risk of being struck by ransomware
Ross Brewer discusses the impact of the Bangladesh bank cyber-attack and the growing problem of stolen credentials.
Mike Foreman says we're about to get some much-needed help ... smarter technology to save us from ourselves.
Norman Shaw looks at why encryption alone is not the answer to avoiding a data breach and outlines where he thinks companies should be focusing.
Social media platforms are a social engineering resource for hackers. Andrew Tang, service director, security, MTI Technology outlines the problem and what is required to guard against it
Bryan Lillie puts forward suggestions for what the UK's cyber-security strategy should contain in the next five years
Ron Arden takes a data-centric approach to security where the focus is on protecting the data within a system, and not just the system itself
Paul Donovan outlines the main questions to ask when choosing a NAC solution to work alongside a BYOD policy while protecting the network
email is one of the main routes for delivering malware into the enterprise, but despite frequent reports of its demise, it appears here to stay, so companies had better tailor their security posture accordingly says Carl Leonard.
Andrew Rogoyski says that companies need to identify what is truly their most sensitive, most valuable data - the thing that would most severely impact the company if stolen or compromised.
It's difficult to predict how the global and British economies will react to Brexit in the long run, however UK Cyber-security has every chance of staying in very good shape says Ilia Kolochenko.
Joanna Ward looks at the recent battles between tech providers and law enforcement agencies over encryption and considers how the escalation potentially be avoided.
Itay Glick says that new spear-phishing scams suggest that this method of spreading malware will surely continue to grow
Tony Anscombe asks, which is more secure, the password or biometrics?
The threat of a cyber-attack is a concern for us all, but nothing strikes more fear than ransomware says Mark Kedgley.
Paco Hope asks if black boxes can make our cars and lives less safe instead of safer
James Parry explores why the enterprise needs to move beyond threat intelligence to proactively seek out emerging threats on social media and the dark web
Oren Kedem asks if we're using the right methods to teach victims about scams or are some other forces preventing the warning messages from being effective?
Wes Mulligan says organisations are on high alert when it comes to network security, yet they are overlooking the potential risks posed by the many printing devices that are connected directly to their network
Russia is alterering the balance of power with superior human resources in the cyber-realm and a strategy and will to used them offensively, including via proxies - and lack of western response encourages escalation says Jarno Limnéll.
Stuart Aston offers suggestions that an everyday business can learn from the Government and should consider when creating their own cyber-security protection framework
SC Webcasts UK
Covert Technical Operations Specialists
MI5 - London (Central), London (Greater)
Covert Technical Operations Specialists
MI5 - London (Central), London (Greater)
Senior Accreditor, Security Risk and Assurance Manager
Disclosure & Barring Service - Liverpool, Merseyside
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Sign up to our newsletters
SC Magazine UK Articles
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit
- Mirai botnets linked to massive DDoS attacks on Dyn DNS, Flashpoint says
- PSN hacked! Server outage on launch day of Battlefield 1
- ICYMI: US to retaliate; 6,000 stores hacked; Euro CyberSec exercise; GDPR preparation
- Huge DDoS attack hits Twitter, Github, Spotify and others
- Hackers sow Discord among gamers