Social media platforms are a social engineering resource for hackers. Andrew Tang, service director, security, MTI Technology outlines the problem and what is required to guard against it
Companies operating in Europe have until 2018 to comply with compulsory breach notification under the EU GDPR or face heavy fines, but Gant Redmon says this could be a good thing for the industry and provide a global legislative model
Understanding how a breach impacts your business is crucial to deciding how to respond explains Andrew Nanson, CTO cyber at CORVID
Using individual user's behaviour patterns can identify both the individual and Bot activity to thwart RATs says Uri Rivner
Utilities face thousands of cyber-attacks every day, but we are not prepared for a successful take-down despite the very real threat says Oliver Eckel
Jen Andre and Cameron Camp debate online financial security
MS Windows 2003 servers (WS2003) reach end of life on 15th July 2015 - but don't panic! They'll still operate in the same way, but could become more susceptible to cyber-attack warns Kevin Linsell
IT security issues continue to hit critical services, but do we, the public, ever know for sure if they are due to error, system failure, or an attack?
Time to take stock, audit your assets and their security - including both response plans and staff, and address any outstanding issues says Nick Pollard
Doug Drinkwater takes a two minute look at cybercrime-as-a-service, the new business model for hackers
Despite the value of critical enterprise data, many organisations are not aware of what their 'crown jewels' information is, says Carmina Lees, director of security services in UK & Ireland, IBM
Moves to increase SME participation in government IT tendering drew criticism, but Peter Groucutt explains how G-Cloud has helped reduce security concerns as one of the objections
Mentoring and promotion of success can increase the presence and profile of women in security, but mostly, women must seize their own opportunities says Barbara Nelson.
In the current print issue, SC Magazine UK talks to women in the industry about their experience, asks if data is secure when held by a cloud provider and assesses how ready we are for the new EU Data Protection Regulation.
Companies will have to get used to third-party assessments of their information security risk, says Simon Saunders
Concerted cooperative effort by defenders should at least match that of attackers, suggests Daniel Shugrue
CeBIT further sharpened its profile as one of the world's leading IT events for decision-makers, reports Roland Ackermann
Security and the Internet of Things (IoT) were the top themes of "Embedded World 2014" in Nuremberg, Germany, earlier this year, reports Roland Ackerman
The evolving threat of cyber-espionage and how to address it, the onslaught of BYOD in the office and cyber insurance are all on this summer's horizon.
Cyber security can't remain an IT issue. It needs to be addressed and filtered from the C-suite throughout the business, explains Rangu Salgame, CEO of growth ventures at Tata Communications.
Being alert to the danger of outside attacks is one thing, but like charity, security begins at home. Expect the unexpected, warns Geoff Sweeney, CTO of Tier-3.
Precautions must be taken to protect your Bitcoin horde, says LogRhythm's Mark Vankempen
Encryption integrity is called into question following NSA leaks, says Alan Kessler, CEO of Vormetric
Context-aware security can make intelligent decisions while allowing mobile users to get the job done.
Businesses can accept employee device promiscuity without causing difficulties for IT management, says Centrify's Darren Gross.
Blaming cloud providers for giving in to the demands of US intelligence is a naive approach to a complex issue.
The government has done its bit for cyber security - now it's up to businesses to take action, and quickly.
Having a hard time getting security budget approval? Start by being relevant and communicating.
Understanding cloud computing's impact on all aspects of IT is vital, and this requires a broader set of skills and knowledge that meet the rapid evolution of the industry head on.
Using the incident pit technique in the wake of an attack is the best way to see off future threats to your organisation.
Believe an anti-virus vendor's marketing spiel and you might end up with a naff product - so do your homework.
We are always spoilt in April with not only Infosec, but 44Cafe and BSides London too - and this year was another corker.
Professional monitor in association with (ISC)2: Infosec professionals need to work with law enforcementApril 22, 2013
Collaboration between infosec professionals and law enforcement agencies is vital, says Victoria Baines, the European Cybercrime Centre's strategy and prevention chief.
Pay attention to the Macs in your office, especially if they are used by people unaware of the risks they present.
Neither automated analysis, nor the manual reading of Twitter posts, is a useful practice for HR to engage in.
Women in Security, recently launched by (ISC)2's London chapter, is actively encouraging women to join the profession and take on those roles for which they are often overlooked.
Password re-use, not to mention default and blank passwords, can bring your whole network to its knees.
We shouldn't let the potential misuse of a product in the wrong hands blind us to its benefits in the right ones.
The convergence of physical and IT security calls for infosec practitioners to adopt 'a design principle', says Eduard Emde, president of professional body ASIS International.
Sensitive data can be tunnelled out of your network in many ways. Fortunately, there are just as many ways to stop it.
The vulnerability of BMWs to 'no key' theft is a case study in what happens if the lessons of IT security are ignored.
Richard Nealon, information security assurance manager and co-chairman of the (ISC)2 EMEA Advisory Board, explains why the organisation's Workforce Study is so important.
Wireless sniffing tools can tell you - and potential wrongdoers - a lot about users of mobile devices.
This year's 44Con did the industry proud, from the new attack on Enigma to the caffeine-infused BlackBerry Lounge.
Effective security requires winning hearts and minds, says Colette Hanley, head of information security compliance at online communications brand Skype.
Sending hackers on a wild goose chase, and 'playing dead' in front of thieves, are brilliant ploys - but they're not enough.
Stuxnet-fuelled talk of the dawn of cyber warfare is, alas, misguided. Sadly, keyboards will never replace guns.
The new EU regulation regarding data protection has highlighted the dire need for security skills development among small and medium-sized businesses.
Mobile device management might have progressed - but so too have the attack vectors and vulnerabilities.
The Curious Case of the Worm-Infected Photo Booth lays bare the perils of shunning security in favour of usability.
SC Webcasts UK
Covert Technical Operations Specialists
MI5 - London (Central), London (Greater)
Covert Technical Operations Specialists
MI5 - London (Central), London (Greater)
Senior Accreditor, Security Risk and Assurance Manager
Disclosure & Barring Service - Liverpool, Merseyside
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Sign up to our newsletters
SC Magazine UK Articles
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit
- Mirai botnets linked to massive DDoS attacks on Dyn DNS, Flashpoint says
- PSN hacked! Server outage on launch day of Battlefield 1
- ICYMI: US to retaliate; 6,000 stores hacked; Euro CyberSec exercise; GDPR preparation
- Huge DDoS attack hits Twitter, Github, Spotify and others
- Hackers sow Discord among gamers