Insight

DevOps is fast becoming a central part of enterprise IT. For entirely understandable reasons, too. As organisations mature and grow, unintended IT silos often prevent the innovation of new products and services from taking flight. DevOps represents the unification of Development and Operations teams and, within that, huge gains for productivity, efficiency and innovation in the world of software development. DevOps automates much of the labour and time intensive processes that historically burdened software development...

When you look at the root causes of a breach – the most prevalent cause is human error.  But dig a little deeper and that human error is often failure to patch known security vulnerabilities – many of which have gone unnoticed for not just a few days, but often months and years. This past years’ bout of VPN related breaches is a great example, especially as patches were available over a year ago. Yet,...

The online gaming industry has exploded in recent years and is expected to generate close to $200 billion in revenue by 2022. Popular games are reporting revenues in the range of hundreds of millions of dollars per month.   This booming industry is seeing significant growth, largely due to the pandemic, with many turning to online gaming to escape some of  the realities that consumed many of us over the past year. Coupled with the...

Our latest research into consumer behaviour has unearthed a conundrum: people knowingly take risks online even though they understand the dangers. On the one hand, we’ve got two out of three saying life is riskier now than it was five years ago, with serious concerns about losing data or being hacked. But on the other hand, one third of people are still neglecting basic cybersecurity hygiene. Consumers seem somehow unable or unwilling to protect themselves....

A report released this week by Outpost24, that examined the security posture of web applications amongst the Top 10 US Credit Unions, has revealed that they all have security issues. Using Outpost24’s attack surface discovery tool called Scout, Outpost24 was able to analyse each Credit Union’s public-facing web security environments against the seven most common attack vectors used by hackers during reconnaissance, to ascertain a risk score that is measured 1-100. The attack vectors are labelled as...

Q1/21 a symposium was hosted in the US under the title ‘Thinking Outside the SCIF’ (Sensitive Compartmented Information Facility) to put forward the case for the utilisation of OSINT (Open Source) within the US Military and Intelligence Communities. John McLaughlin (CIA) kicked off day one by correctly pointing out that there was nothing new about open-source (OSINT), and paid tribute to how, in the conditions of the Pandemic, the utilisation of OSINT methodologies within the...

Many organisations that are turning to DevOps are struggling with various security challenges along the way. In “The Ultimate Guide of Orchestrating Security and DevOps,” tracing those obstacles to a lingering “cultural conflict” between the developers and security teams. Security teams are struggling to keep up with the pace that DevOps teams are used to, for instance, while DevOps teams are culturally resistant to anything like security and testing that could potentially disrupt their work...

When we read about cyberattacks in the news, they typically involve a well-known brand or large enterprise. The perception is the bigger the organization, the greater the impact. However, the recent attack on Microsoft Exchange Servers is expected to impact over 60,000 organisations. Indeed, this is likely to be higher given that recent research has found more than 10 different advanced persistent threat (APT) groups are exploiting the Microsoft Exchange vulnerabilities. The worst part, however,...

By Chris Sedgwick, director of security operations at Talion Cryptocurrencies are a topic that touches many areas; not only finance and investing but technology and even political arenas. Although apolitical in itself, it is the structure behind these cryptocurrencies that make them a much talked about subject amongst political purists from across the political spectrum. This structure can be boiled down to the following; think of cryptocurrencies as a ‘big spreadsheet’, and when you ‘mine’...

Between August 2020 and February 2021, “the agencies”, National Institute of Standards and Technology (NIST), National Security Agency (NSA) and National Cyber Security Centre (NCSC) had all published final or preliminary (beta) guidance for Zero Trust (ZT) that is applicable to all sizes of organisations. I would suggest to you that the agencies are experts in the field of cybersecurity. So why are these being ignored by vendors, analysts and consultancies to promote products and...