Our friends over at IT Governance have a good intro to the basics. Worth a look...: The data protection landscape was dramatically reshaped with the introduction of the EU GDPR (General Data Protection Regulation) on 25 May 2018, but it wasn't the only law that took effect that day. The UK DPA (Data Protection Act) 2018 also came into force, and although it arrived with much less fanfare than the EU GDPR, it's just as important. In this blog, we explain why the DPA 201
Red Top reporting on this years' ironic hack...: EXTORTIONISTS are feared to have stolen the personal details of 120,000 cops in a malware attack on a computer system. The Police Federation staff association was targeted earlier this month. The crooks deleted databases with members’ names and ranks, email addresses and national insurance numbers. Bank details were also hit, along with confidential information on officers involved in complaints. Credit card details o...
My observation is that, currently, there's always a human behind the attack and humans tend to act the same way even when using new capabilities. Cyber defence is more about psychology than clever tech. Once the AI takes over, that's another matter...: [...] We’ve come a long way since the Love Bug when it comes to improving overall security efforts and addressing cyberthreats. Attackers have also come a long way over the past two decades as their tactics become more sophist
Norsk Hydro seem to be handling this attack is a calm, professional manner...: Aluminium manufacturer Norsk Hydro claims to have found the “root cause” of the global IT outage due to a cyberattack believed to have been caused by LockerGoga, a strain of ransomware that displays some very unusual behaviours, according to Cisco’s Talos Intelligence researchers. Hydro’s worldwide IT network was paralyzed on Tuesday by the attack that started in one of its US operations and fo
Payroll accounts for the largest chunk of money that moves out of most businesses. Unfortunately, the protections rely on vigilant managers rather than security controls...: The human resources manager tried to be calm and reassuring, but there still was a brief moment of panic: someone, somewhere, had tried to steal Robert’s salary. As anybody with a mortgage knows, missing pay day by just one or two days could cause a lot trouble. The manager had received an email that ...
Notice how the language has changed. It's now about losses, not whether you've been attacked (we all have, even if you don't know it)...: [...] One in five IT decision-makers claimed cyber attackers left no clue to their identity, while 54% said they had faced at least one attack in the past two years that resulted in some sort of disruption, a survey has revealed. This disruption was in the form of service disruption (31%), data integrity issues (18%) and data loss (15%)
This was all over my twitter feed yesterday. I'm looking for a detailed explanation of how the attack managed to spread but in the meantime I was intrigued by the statement (below) from the CFO. I really hope he didn't mean "It's ok, we have insurance"...: [...] On a conference call with reporters, chief financial officer Eivind Kallevik said the company didn't know the identity of the hackers and that it has cyber insurance. The shares slid 1.1pc to NKK35.44 (€3.66) by earl
"If all you have is a hammer, everything looks like a nail" could be applied to most cybersecurity vendors. I don't think that cybersecurity is any different from managing any other risk. Yes, the threats are ever changing, but the risk profile is constant. Rather than confuse the market with newer, shinier silver bullets maybe vendors should explain how their 'solution' helps manage risk. That way, cybersecurity becomes embedded in strategic business risk management...: [..
RSAC has been about a lot more than the conference itself for as long as I can remember. It’s almost a badge of honour to never go to any of the ‘official’ talks or events but instead use it as a good place to network, find new customers, maybe find a new job. It’s a good sign that the organisers are thinking about the core conference and how to change...: The 2019 RSA Conference took place earlier this month in San Francisco. The event draws hundreds of vendors from the cyb