This Week's Gurus

Ransomware – a blessing or a curse? “We’ll see,” said the Zen master. I’m no Zen master, but history may thank the authors of Ransomware someday. Consider it a noisy wake-up call. People notice it because ransomware isn’t subtle at all – you get a very clear pop-up on your screen: We’ve encrypted your files! Three bitcoins please. If you’re unable to detect attacks carried out by Captain Obvious, guess what else you won’t detect?...

How any organisation can use big data to catch cybercriminals By Stuart Clarke, CTO Cyber Solutions at Nuix Recent reports show cyberattacks are becoming more and more frequent and costly, especially among smaller businesses. Criminals have become more organised in gaining access to sensitive information by using techniques including phishing emails, man-in-the-middle attacks and malware. The recently approved European Union General Data Protection Regulation (GDPR) will make it mandatory to report data breaches that involve...

Deep in the dark web, shadowy figures lurk behind cobwebbed walls… Eyes shifting from side to side as hackers roam, scanning the darkness for their next big mark… The dark web is the playground of the technological crime bosses and of them all, none are quite so bad as ransomware. Ransomware might have been around for a while, but the gangland wars have started and there’s a new kid on the block: Locky. Read on...

I’ve never actually seen lemmings jumping off a cliff but I have observed companies blindly following others into bad decisions regarding their security. It seems CEOs and CIOs are unwilling to spend the time analysing their requirements and undertaking a robust selection process to ensure those requirements are met. They prefer to “follow the crowd”. One area in which I’ve seen bad decisions being made is in the selection of mobile device management solutions. Many...

Smartphones? Credit Cards Are the Most Mobile Payment Method! Philipp Nieland, Co-Founder and CTO, PPRO Group The world has been talking about “mobile payments” for years, but the phrase means different things to different people. So what exactly are mobile payments? And how much more mobile than cash or cards can payments actually get? Some people believe that mobile payments are those made using mobile phones. Others, myself included, understand the phrase to mean the...

The SIP Security Fallacy There is no such thing as static security – all security products become vulnerable over time as the threat landscape evolves. Any ‘deploy once, update infrequently or never’ security solution is inherently flawed. Which is why every switched on organisation routinely updates its anti-virus and anti-malware solutions, hardens its infrastructure and updates its policies. So why is SIP security still based upon a one off implementation of a Session Border Controller...

Iain Chidgey, vice president and general manager for EMEA at Delphix, explores the importance of building security into the DevOps movement. Achieving speed, agility and continuous delivery are big priorities within the enterprise world right now and DevOps is being hailed as the answer. By enabling development and infrastructure to work more closely together (rather than against each other) organisations have a path towards faster and more frequent releases. However, increasingly those responsible for driving...

A criminal with a file – the threat to their data that law firms are overlooking   by Greg Sim, Chief Executive Officer, Glasswall Solutions Data protection is a big issue for the UK’s law firms who are guardians of some of the country’s most sensitive and sought-after commercial information. Last year they were warned by the Information Commissioner’s Office (ICO) about the need to improve security, following a series of breaches. Although these for the...

Why relying on standards is best for secure Cloud Computing  Who will have access to what? In a complex world where soon everyone and everything – people, things and services - will be connected everywhere and anytime through a global cloud, IAM is one of the best means to protect enterprise security, especially when firewalls are not sufficient any more. However, to guard cloud computing, the IAM technology must be further developed. For this, standards...

Rarely a day goes by as an IT Security professional that one will not hear a security vendor or consulting firm using the Edward Snowden affair as proof that their security product is necessary for data loss prevention (DLP) protection. Insider threats must be mitigated, and whistleblowers such as Snowden are lumped together with rogue or disgruntled employees as an example of common insider threat actors. The reality is that whistleblowers are a unique type...