Risk News, Articles and Updates

Cyber-due diligence demanded for mergers, acquisitions, & cyber readiness

Given the potential the impact a significant data leak could have on the valuation of a target company, M&A practitioners must appreciate that organisations should do whatever is necessary to preserve the value of their deals.

IP Expo: GDPR - "All of us will carry a quantum of illegality"

GDPR is built on the assumption that people are better prepared than they are, so we will fail to comply, therefore take a risk-based approach and focus on the things that matter.

Risk management to strategic resilience: The evolution of cyber-security

CISOs do indeed need to articulate cyber risk to the board in a business context, but equally, the board need to get a better grasp of cyber and prioritise criticality of security integrity vs continuity of service vs profitability.

Is the ubiquity of technology putting corporate security at risk?

With growing demand from employees for their workplace to be flexible and allow them to work remotely, this is expected to coincide with a rise in cloud-based SaaS apps, so security teams are set to be struggling with maintaining a watchful eye over where company information has gone to.

Microservices - specific security issues and how to address them

Owen Garrett discusses microservices and how it poses its own security risks then delves into options as to how we can mitigate them.

John Negron and Jennifer Johnson join Tenable Network Security team

John Negron and Jennifer Johnson have joined Tenable Network Security as chief revenue officer and chief marketing officer, respectively.

Company boards and management becoming more engaged with cyber-risks

Survey from consulting firm shows there is still much work to do to identify and protect the 'crown jewels' of mission critical data.

How to reduce the complexity in cyber-security - focus on priorities

Garry Sidaway advises businesses on how to reduce security complexity and the need to focus on what's important such as making cyber-security a business issue and assessing risk exposure.

Never stop learning - the need for a risk-based approach to cyber-security

Kristine Olson-Chapman advises senior executives and IT security professionals on how to manage the challenges of cyber-security by using a risk-based approach

New study reveals that numerous UK businesses are unprepared for a cyber-attack

Andrew Dalglish explains the potential risk for UK businesses as a result of so many not being prepared for an attack, plus looks at common weaknesses in current cyber-security and how they might be overcome.

Millions of nodes detected that shouldn't be exposed to public network

Major risk of hack attacks against databases are possible due to millions of systems on the internet that offer services which should not be exposed to the public.

75% of UK consumers won't do biz with a company that has been hacked

Three quarters of UK consumers would stop doing business or cancel memberships with an organisation if it was hacked.

80% of retailers take payment card details by phone in unsecure ways

Over a third of people have heard friends, colleagues and even strangers sharing their full credit and debit card details in public while on the phone.

Number one risk to the broader economy is cyber-risk

Cyber-risk remains the number one overall concern of the financial industry to the broader economy.

Short term gain, long term pain: Avoiding IoT security shortcuts

In the rush to be first to market many organisations overlook basic IoT security principles, putting users at risk. Thomas Fischer urges, take time to build robust security protocols into products, rather than trying to retroft them.

Cyber-attack among World Economic Forum's top global risks

The World Economic Forum's annual Global Risk report lists cyber-attacks as one of the biggest dangers in an ever more connected world.

Industry Innovators: Risk and policy management

Collecting data needs to be diverse allowing data collection directly off of network devices and from questionnaires and other "soft" sources.

NIST publishes guide to whitelisting

The US National Institute of Standards and Technology (NIST) has published a guide to whitelisting, aimed at helping organisations implement an important defensive security technology - application whitelisting.

SCNY Congress panel: Mind the gap! IT security

The SC Congress NY conference took place yesterday, 20 October.

Should you use cyber insurance to mitigate risk?

While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure.

How secure is cloud - really?

Revelations of government surveillance are fuelling a paranoia that isn't going to subside. So should firms be afraid of adopting cloud?