Whether you are a CISO, want to become one, or employ/ought to employ one, reading this book will repay the time spent, providing both practical advice and wider social/commercial context of the role.
30 years ago, in 1989, the Berlin Wall came down, SC made its debut in the UK, and Sir Tim Berners-Lee was inventing the World Wide Web while at CERN, the European Particle Physics Laboratory.
"Microsegmentation is the means to a zero-trust security network because it is identity-driven and able to isolate threat actors on a network at a granular level. It protects an organisation's critical assets and minimises the impact of cyber-attacks."
"We are not just in the security business because its a vibrant market and a great opportunity to grow BT's business, we are in the security business because we have to be in the security business," says Kevin Brown, recently-appointed managing director of BT Security.
(Sponsored by CrowdStrike) Why do cybersecurity breaches continue to dominate the news headlines? Is the security industry losing the battle?
"Every customer that we see is going through some form of digital transformation (so we are talking about) ... how security plays into that, and what some of the challenges are in managing digital risk."
GDPR has opened up corporate and public minds to the importance of data privacy, but even with punitive fines looming, many organisations failed to prepare, and as infractions work their way through the system, there are more serious consequences to come.
More extensive that ever: AI-driven chat-bots to Zero-day mining as a service, Fuzzing; 5G, successes & failures of GDPR, loss of faith in the public internet, the IOT, breaches, Sim-jacking, skills shortage, ROI, death of privacy, failure to evolve and a host of novel new threats and solutions.
Increasing the number of women in cyber-security would raise the industry's IQ. So SC Media UK editor Tony Morbin asks Jane Frankland and Amanda Finch - why aren't more women working in cyber-security?
From high level hard tech to senior leadership & management, our 50 women list exemplifies women contributing to the cyber-security sector at every level, despite representing just 10 percent of the workforce.
"I don't ever want to get a position because I am a woman, I want to get it because I am the right person for the job." - Sian John MBE, chief security advisor, cyber-security solutions group Microsoft
SC Interview: Sian John, Microsoft - the push for security-by-design and IIOT/desktop network separation
Sian John, chief security advisor, Microsoft, took time out from Microsoft Future Decoded 2018 to explain the organisation's drive for security-by-design, and support for separating industrial and desktop networks.
Ranking countries whose data is availabe on the dark web, the UK came out third - ie third worst - for having its data exposed - after the US and Canada - albeit using TDLs as a proxy for source.
The Internet celebrates its 50th birthday - an awesome system that's insecure with new insecure access devices being added exponentially. If we do want change, we have to do it now says Berners Lee.
Google knows lots about us, but it has to tread a balance between using that data to enhance services, while respecting our privacy and keeping our details secure.
SC's UK cyber-security salary explains attributes for different roles, shows high demand & huge variation: junior analysts, £25K in manufacturing; public sector CISOs on £95k, colleagues at large banks - £500k.
The persistence of open buckets is greater than reported. "The problem is systemic, not for just large organisations. If the big guys do it, what's happening with smaller organisations? The exact same thing!"
Scores out of 100 are given to a range of threats covering devastation, likelihood, nuisance factor, financial impact and defendability, presented in an accessible format - a pack of Trumps playing cards.
What can we learn from reading about the exploits of a successful Russian cyber-criminal, and are there lessons we can implement?
New forms of algorithm can rewrite bits of their own code, making their inner workings unknowable to their human creators, hence new controls need to be created now, before mass-deployment of 'genetic AI.'
National professional body for cyber sec established - combines 17 orgs - just as gov criticised for inaction
National professional body for cyber security established as DCMS consults and Joint Committee on the National Security Strategy critical of government over cyber skills gap impact on CNI.
With up to US $143 billion annual expenditure to stem losses of US $6 trillion by 2021, SC Media UK's quick reference guide looks at the cyber-security market's direction and its main players.
Artificial Intelligence is the biggest issue for cyber-security, High-Tech Bridge founder and CEO Ilia Kolochenko told SC Media during Geneva Information Security Days 2018 earlier this year.
Reset 2018, held in central London yesterday, is a cyber-security conference with a difference, comprising insights from 15 female experts in cyber-security explaining the evolving cyber-threat landscape.
It is 100 years since women got the vote in the UK and more women are now speaking at Cyber-Sec conferences, alongside a renewed focus on recruitment and education. But momentum needs to increase. Kate O'Flaherty reports.
GDPR enforcement comes into effect today and the person responsible for overseeing and enforcing its implementation in the UK is Information Commissioner Elizabeth Denham - so its time to learn more about her.
As the threat from Putin's Russia escalates, the West is bracing itself for further cyber-attacks and disinformation campaigns. How sophisticated are its cyber-offensive capabilities and how might they be used?
At a cursory glance, the cryptocurrency landscape looks an awful lot like the old Wild West - lawless, volatile, open; no viable law enforcement in sight. But is there also a more positive side to blockchain technology?
Competition clash: Cyber 9/12, the UK's first cyber-policy & strategy competition, & Cyberthreat 2018 where competitors gain elite technical skills, showcase breadth of talent and expertise needed to cope with the threats faced.
The internet is more than an infrastructure - it mediates human behaviour so it can have unprecedented impact - threatening our survival. It can be manipulated to constitute an insider threat on an unprecedented scale.
The talent shortage is widening. But, Kate O'Flaherty asks, what specific skills is the industry lacking and how can it fill the gap?
Expert members of the European Cyber-security Forum - CYBERSEC community representing the public and private sectors plus academia share their opinions on the top challenges we are going to face this year.
Late last year SC Media UK finally met someone confident that their organisation is GDPR compliant, ready for the new regulations coming into force in May: Stephen Schmidt, CISO, Amazon Web Services (AWS).
Happy New Year! SC Media UK resumes news reporting on 2 Jan 2018. During the break, catch up on our experts' predictions for a range of positive and negative futures, from the impacts of AI to likely new Zero days.
Patrick Sullivan, director, security technology and strategy at Akamai Technologies explains the concept of Zero Trust perimeters and cloud perimeters in an interview with SC Media UK's editor-in-chief, Tony Morbin.
In a wide ranging interview, Lloyd Rush, UK Cyber Defence Centre manager, Airbus Defence and Space provides SC with insight into the latest attack trends, including fileless, plus the threat of criminal AI use and SOC responses.
Attacks on critical national infrastructure are growing in number and sophistication. So how big is the UK's risk?
Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.
News Feature: Interview with ex-GCHQ director Robert Hannigan CMG; tech leaders on the board; terrorists to achieve ability to wreak cyber-chaos in 5 years; DDoS as smokescreen/DDoS Awareness Day; active cyber-defence.
Google has launched of a range of personal and corporate security enhancements (below) this month. Google security expert Allison Miller, spoke to SC about the organisation's approach to security and privacy concerns.
In the face of external and domestic cyber-security threats, Saudi Arabia is taking significant steps to achieve cyber-readiness, but is being restrained by shortages of appropriately skilled Saudi-labour says Potomac Institute.
Continuous learner, persistence, curious and perceptive are among the top traits sought by employers when appointing a cyber-security professional as Doug Olenick reports.
SC Media UK has come up with our list of 20 SC Women of Influence in UK Cyber-Security 2017, selecting from an abundance of talent to promote female cyber-security role models
Clearer definitions between privacy, security, and trust - a mix of these areas can be a great place for innovations. Identification and authentication are two particular areas that lots of innovation can happen says Dr Fatemi Ardakani
Abeer Khedr has been the Information Security Director at National Bank of Egypt (NBE) since 2010. Since its birth in 1898 with a capital of £1 million, NBE is regarded as one of the oldest and most respected commercial banks in Egypt. SC's Ali Taherian caught up with Khedr to talk about some of the specific problems and solutions she deals with day to day.
Charities are being targeted by cyber-criminals but many are still unaware of the main threats facing them. Martyn and Valerie Croft undress some of the challenges facing charities today....
In Case You Missed It: The risk of cloud, WordPress vulnerability again, AA breaks down on cyber-security, why don't you patch and why don't more women do cyber?
A massive ransomware campaign attacked countless endpoints for the second time in just over a month, exploiting a vulnerability that had been patched months earlier. SC asks, why does this keep happening?
Rather than battening down your network in response to the insider threat, you could combat the danger through trust and engagement, as we learned at the SC Media UK Roundtable in Edinburgh - sponsored by Zonefox.
The latest figures show the number of female cyber security professionals is reducing compared with previous years. What, SC's Kate O'Flaherty asks, is the industry doing wrong?
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout
Why do cyber security breaches continue to dominate the news headlines?
Brought to you in partnership with CrowdStrike