Cyber Security Blog

A Wisdom of Crowds Presentation

To the general cyber threat, threat Intelligence is a widely used term now. If you are a cyber security professional, you must be at least familiar with the term even if you do not know about its modus operandi. Threat intelligence is expected to be correctly understood by professionals working in the security operations center, dealing with SIEM or the incident response team.

4 July 2018

Cyber Management Alliances preferred IT security solutions and consultancy provider, Advanced Cyber Solutions, have been awarded the Ipswitch Partner of the Year for Northern Europe, in recognition of their unrivalled service in the region.

12 May 2018

IT solutions provider Systematic have chosen Ipswitch MOVEit Transfer as their MFT (Managed File Transfer) solution, describing the offering as "ticking all the boxes" after evaluating other competing solutions.

10 May 2018

Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge.

1 May 2018

FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes.

30 April 2018

Cyber criminals are always trying to find different ways to hack devices to make money.

Now they have another way.  Called ‘jackpotting’, hacks attacks ATM machines; but to do this, physical access to the dispensing device is needed in order to empty it of all its cash.

27 April 2018

Another day,  another data breach. This time with MyFitnessPal, a nutrition tracking app that was acquired for US$475million by Under Armour Inc. 

Facts (may change) As result of a cybersecurity breach,  close to 150 million accounts (yes, it's a massive data breach) have been compromised. Attribution of the malicious actors behind this incident is unknown.

At best, Under Armour has been sloppy and lazy in responding to this breach.  I talk about the following in my opinion piece. 

31 March 2018

Is the board listening? We all know that GDPR will be enforced from 25th May 2018, but is your board aware of their new privacy obligations? While there is substantial GDPR coverage in the technical press, has the message got through to senior management?  Are their preparations adequate?

28 February 2018

The FBI estimates that between the years of 2013 and 2017, US businesses were victim to loses of over 5bn USD from phishing attacks alone. It is no surprise then that phishing simulation tools and anti-phishing solutions are popular for businesses and organisations who wish to get ahead of the problem.

27 February 2018

After facing major and publicly embarrassing data breach in 2017, Doncaster & Bassetlaw Hospitals NHS Foundation Trust has chosen wisely in Shieldox as their GDPR readiness solution in document security. Providing both document encryption, access control and tracking in both the cloud and on the desktop, Shieldox has given much needed peace-of-mind to Robin Smith, the IT security manager for Doncaster & Bassetlaw Hospitals NHS Foundation Trust.

20 February 2018

There is no shortage of information about the GDPR out there, from the six core principles to data subjects rights to the lawful basis for processing, there is a dizzy number of changes an organisation may need to implement. Solution selling on the back of the GDPR message is a sore subject for many and for good reason. The gold mine that is the GDPR is a marketers dream gone wrong.

15 February 2018

The GDPR (General Data Protection Regulation) is a complex beast at best, with some estimates as low as 15% of organisations being ready for May 25th. Questions and challenges are swirling around various board and meeting rooms regarding how to respond to subject access requests, how long do we retain personal data and what legal basis they have for processing...and that is just the tip of the iceberg.

12 February 2018

Where are our sensitive documents? How many copies of them have been created? And who has access to them? Simple questions all information security professionals must ask of themselves in any organisational network.

9 February 2018

If there is one thing that has come to define the very nature of the porous network boundary, it is the use of cloud storage to provide always-on availability to documents. With convenience abound, the only person shaking their head is the IT security practitioner who winces at the idea of sensitive content being released into an uncontrollable ether.

7 February 2018

FREE 11 Step Guide to Cyber Security for SME’s

Simply fill in your details in the form below to download the 11 week action plan to increase your business Cyber Resiliency: