To the general cyber threat, threat Intelligence is a widely used term now. If you are a cyber security professional, you must be at least familiar with the term even if you do not know about its modus operandi. Threat intelligence is expected to be correctly understood by professionals working in the security operations center, dealing with SIEM or the incident response team.
Cyber Management Alliances preferred IT security solutions and consultancy provider, Advanced Cyber Solutions, have been awarded the Ipswitch Partner of the Year for Northern Europe, in recognition of their unrivalled service in the region.
IT solutions provider Systematic have chosen Ipswitch MOVEit Transfer as their MFT (Managed File Transfer) solution, describing the offering as "ticking all the boxes" after evaluating other competing solutions.
Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge.
FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes.
Cyber criminals are always trying to find different ways to hack devices to make money.
Now they have another way. Called ‘jackpotting’, hacks attacks ATM machines; but to do this, physical access to the dispensing device is needed in order to empty it of all its cash.
Another day, another data breach. This time with MyFitnessPal, a nutrition tracking app that was acquired for US$475million by Under Armour Inc.
Facts (may change) As result of a cybersecurity breach, close to 150 million accounts (yes, it's a massive data breach) have been compromised. Attribution of the malicious actors behind this incident is unknown.
At best, Under Armour has been sloppy and lazy in responding to this breach. I talk about the following in my opinion piece.
Is the board listening? We all know that GDPR will be enforced from 25th May 2018, but is your board aware of their new privacy obligations? While there is substantial GDPR coverage in the technical press, has the message got through to senior management? Are their preparations adequate?
The FBI estimates that between the years of 2013 and 2017, US businesses were victim to loses of over 5bn USD from phishing attacks alone. It is no surprise then that phishing simulation tools and anti-phishing solutions are popular for businesses and organisations who wish to get ahead of the problem.
After facing major and publicly embarrassing data breach in 2017, Doncaster & Bassetlaw Hospitals NHS Foundation Trust has chosen wisely in Shieldox as their GDPR readiness solution in document security. Providing both document encryption, access control and tracking in both the cloud and on the desktop, Shieldox has given much needed peace-of-mind to Robin Smith, the IT security manager for Doncaster & Bassetlaw Hospitals NHS Foundation Trust.
There is no shortage of information about the GDPR out there, from the six core principles to data subjects rights to the lawful basis for processing, there is a dizzy number of changes an organisation may need to implement. Solution selling on the back of the GDPR message is a sore subject for many and for good reason. The gold mine that is the GDPR is a marketers dream gone wrong.
The GDPR (General Data Protection Regulation) is a complex beast at best, with some estimates as low as 15% of organisations being ready for May 25th. Questions and challenges are swirling around various board and meeting rooms regarding how to respond to subject access requests, how long do we retain personal data and what legal basis they have for processing...and that is just the tip of the iceberg.
Where are our sensitive documents? How many copies of them have been created? And who has access to them? Simple questions all information security professionals must ask of themselves in any organisational network.
If there is one thing that has come to define the very nature of the porous network boundary, it is the use of cloud storage to provide always-on availability to documents. With convenience abound, the only person shaking their head is the IT security practitioner who winces at the idea of sensitive content being released into an uncontrollable ether.
