Features

As workplaces are becoming more remote, with almost half of the workforce working from home, and an introduction of bring your own device policies in many organisations, endpoints have become more distributed and cyberattacks even more prevalent. Remote workforces are creating more vulnerabilities for endpoints as they are no longer located in secure networks, making endpoints an increasingly critical vector for advance threats in dire need of protection. Secureonix has recently announced an integration with...

Three women at BAE Systems Applied Intelligence, exemplify some of the various opportunities for women in cyber, with diverse backgrounds, skillsets and routes into the sector ranging from programmer to comms, or transitioning from social science to threat intel. Using their own experiences of progressing in a male-dominated sector, they explain their role, the challenges and consider what changes could redress the underrepresentation of women in cyber. Mivy James, Head of Consulting at BAE Systems...

People come into cyber security from a wide range of backgrounds, but the usual image is of a core cadre of techies depicted as having progressed from being boys in bedrooms hacking into games –  but that’s not true, rather, it was only ever part of the picture, with women also involved in every step of the nascent cyber security industry. Joan D Pepin, Chief Security Officer at AuthO is a great example. She explains...

In the latest IT Security Guru Tweet chat, we were joined by PerimeterX, a leading voice in the world of application security, and a host of other voices from across the Infosec spectrum: Analysts, technical experts, members of the C-suite and professional bodies came together to discuss the emergence of shadow code, a new term to describe the use of third-party scripts in applications, without authorisation or safety validation. Our assembled influencers came ready to...

According to Synopsys' BSIMM11 Study, there are some key trends to take note of when it comes to software security practices. Firstly, it shows that CI/CD instrumentation and operations orchestration have become standard components of many businesses’ software security initiatives, influencing how they are organised, designed and executed. For example, software security teams are beginning to report into a technology team or CTO instead of reporting to an IT security team or CISO. Additionally, they...

Lindy Cameron, the first woman CEO of the National Cyber Security Centre – a public facing division of GCHQ and primary technical authority on cybersecurity - is replacing its first CEO, Ciaran Martin, when he steps down on 31 August. Cameron will then formally become CEO in October following a handover period. Cameron has excellent credentials for the role with more than twenty years’ experience in national security policy and crisis management. These include responsibility...

Individuals and  entities from North Korea, China and Russia, responsible for or involved in 'WannaCry', 'NotPetya', 'Operation Cloud Hopper' and the OPCW (Organisation for the Prohibition of Chemical Weapons) cyber attacks have been identified and received travel bans and an asset freeze in the first ever imposition of restrictive sanctions by the EU Council.  People and entities in the EU are also forbidden from making funds available to those listed. In a public statement the EU says: “In order to...

IT Security Guru interviewed Nick Bell, detective superintendent and national policing director for Cyber Resilience Centres with the NPCC National Cybercrime Programme. Q1: This is the first role of its kind within policing  - why was it important to establish the role? Ans: “Policing needs to reach out across partnerships and the Cyber Resilience Centre (CRC) network brings together so much knowledge and experience across business, academia and the police to combat cybercrime and protect...