Some departing employees have no loyalties to their previous employer, so it is imperative that deprovisioning employees' corporate access on their last day is an absolute priority.
Organisations should create an environment where people feel comfortable discussing data security. If you can create a culture that values the importance of IT security, it can help minimise internal threats.
Employees have to choose between leaving data unprotected, disrupting their work to use the company encryption tool, or protecting data on their own; once an employee encrypts a file on their own, the company has no control.
It is vital to ensure that employees are aware of and educated about a company's implemented security policy, know the best practice means of transmission and storage of corporate data, and have the tools they need to do their jobs.
Enterprises seem to be getting the message, at last, that security posture cannot be measured by pocket depth as budgets get cut by a third.
Nicolas Capitoni says anaged Endpoint Detection and Response (EDR) is so valuable because it empowers organisations to cost effectively find and isolate compromised endpoints before any real damage is done.
There is a disconnect between how much enterprises care about Internet security and what service providers think these customers value according to a new survey by the Internet Society (IS).
Departing employees is an issue not often considered as potentially affecting a company's cyber-security. However, an employee can potentially eave while maliciously keeping sensitive data including passwords, key codes, etc.
Oliver Fay examines the rise of Business Email Compromise (BEC) and describes a series of measures that even the smallest companies can put in place to help better protect themselves against BEC.
Before you start looking at GDPR you need to understand what PII data you have, where it is, who has access, who it is shared with, and ultimately, how you can best manage it according to GDPR requirements says Julian Cook.
As organisations continue to embrace the benefits offered by diverse multi-cloud environments, it's essential that they're aware of how best to achieve both compliance and control says Peter Galvin.
In the face of external and domestic cyber-security threats, Saudi Arabia is taking significant steps to achieve cyber-readiness, but is being restrained by shortages of appropriately skilled Saudi-labour says Potomac Institute.
Privileged access - not people - is the true insider threat says David Higgins. Securing privileged accounts should be on-going with continuous evaluation and adjustments to improve security as the threat landscape changes.
The US government's decision to ban Kaspersky Lab security software raised concerns from users over their own Kaspersky purchases and drew a sharp rebuke from the Kremlin about anti-competitive practices
Department for Transport launches new Cyber Security code of practice for ships as "Cyber-security ... threatens the reliability and performance of a shipping sector that carries 95 percent of our trade [so] has to be taken seriously."
Creating policies that prevent users from exposing the company to threats while maintaining business continuity takes the maximum amount of risk off the table says Sam Hutton.
Joe Siegrist shares ideas on how the government could help SMEs train their staff to protect their assets.
Paul Bischoff explains that companies should educate their employees on the importance of Facebook privacy and other data-gathering apps that can potentially compromise both personal and company security.
Russian government moves to implement partial ban on foreign technology which is seen as a threat to national security.
IT security policies must evolve to embrace sensible policies for bring-your-own-device (BYOD), says Chris Mayers.
Alex Vovk explains how to leverage security policy and ensure it's performing correctly to prevent a data breach.
The return of a decade-old attack vector, the malicious macro, requires a granular, policy-based approach to managing email at the gateway, says Greg Sim.
A well-defined security programme focused around the company's most critical data, combining technology and education powered by metrics, will help businesses reduce insider risk levels says Neil Thacker.
Russia says it is revising its policies to help prevent information warfare, identity-theft and cyber-fraud.
News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.
Having comprehensive cyber risk policies that are not followed can be as detrimental as not having a policy at all says Peter Given.Good who advises that good risk-insurance will demand appropriate procedures are both in place and implemented.