Opinions & Analysis

In a recent article, I detailed how businesses should consider a “security evangelist” to enable the IT team to have someone on company floors “preaching” about IT security and gathering feedback on what does not work.   Peter Wood, CEO of First Base Technologies, who first planted the seed with me about this, said that he was keen to create a talking point about this point and during the a week after I posted this...

Read more

It seems that security was not to blame when it came to the glitch that hit NatWest yesterday.   According to BBC News, RBS has said that it is does not know the cause of a major glitch, which apparently saw long lines at cashpoints, but it “was working through a detailed analysis”, and called it “completely unacceptable”. It reported that as well as the queues, many of which were not working, customers were unable to...

Read more

Following the major Adobe breach in October, both Facebook and Evernote have sent notices to users warning about passwords.   In the case of Facebook, it asked those it identified to answer some security questions before granting them access, according to BBC News. Security blogger Brian Krebs reported that a Facebook spokesman said that it “actively look for situations where the accounts of people who use Facebook could be at risk—even if the threat is external...

Read more

When Time magazine announces its “person of the year” for 2013, it could do worse than to follow its two “objects” of 1982’s computer and 1988’s planet earth with the BitCoin.   With stories of hyperinflation to Silk Road, the internet-based currency, the humble BitCoin has had plenty of headlines in 2013 and in the past few days, this has not abated. For example, the Register reported that the soaring price of BitCoin has prompted...

Read more

The term “Computer Emergency Response Team”, or CERT as it is better known, has been bandied around recently. Not only with the announcement of Chris Gibson as the head of the UK-CERT, which is expected to be fully functional in the New Year, but also after ENISA called on CERTs to work together and called them the “fire brigade” of security. Earlier this year, a BBC story said that each country would have to appoint...

Read more

All the talk of collaboration has led to some questioning whether the UK has the talent, skills and most importantly people who will be tasked with protecting our national assets. To quote my Dad: “If a job is worth doing, it is worth doing properly”, and to prove that point, CESG this week announcedthat those responsible for responding to and cleaning up some of the UK's most serious cyber attacks will be five private firms -...

Read more

After their companies dropped secure email products in the face of government intervention, security vendors Lavabit and Silent Circle have launched the Dark Mail Alliance. The companies said that the concept is to launch a secure back-end that will allow secure emails to be sent and received. The collective behind Dark Mail Alliance, said that its concept is not a “business venture, but a moral and technological journey”. Speaking to IT Security Guru, Mike Janke,...

Read more

The certificate authority (CA) industry may have had a bad year back in 2011 but, according to one of its survivors, 2013 finds it in a better place. Speaking to IT Security Guru, Henry Krumins, a senior director at GlobalSign, said that 2011 was a bad year for the industry, but said that “it defines who you are”. “It was a bad year for the certificate authority industry, but SSL is far from broken and...

Read more

The anticipated changes to the payment card industry data security standard (PCI DSS) was published today. Overall there is better clarification of the 12 steps of the standard as well as to remain current with attack vectors and to address the need for physical security of payment terminals and address requests for more stringent scoping and testing. Altogether there are 11 main changes to requirements 5 (use and regularly update anti-virus software on all systems commonly affected...

Read more

Pre-requisite requirements for hiring by Human Resources may cause the best people not being considered for jobs in security. Speaking to IT Security Guru, Cyber Security Challenge CEO Stephanie Daman said that there is often an issue where a company will have a hiring policy and if a person doesn’t fit with a qualifications minimum but has the right skill set, they may not be seen. “The problem is two-fold: there are people with the...

Read more
Page 36 of 39 1 35 36 37 39