Opinions & Analysis

Several statistics gathering engines on the web reveal an interesting picture. Content management systems (CMS) have become far more popular in the last couple of years. A trend graph over at builtwith.com shows that over 20% of the top 10,000 websites rely on CMS. And it’s fair to assume that the number is higher for companies that use a CMS as a middleware between their content and their front end website. But like all software,...

Here we are on day two of RSA and the news has been rolling in. We have rounded up a selection of announcements for the IT Security Guru. Check Point has introduced Software-defined Protection (SDP), a three-layer security architecture that protects against new and emerging threats through a design that is modular, agile and secure. SDP converts threat intelligence into immediate protections and is managed by a modular and open management structure. There are a...

After US retailer Target was the victim of a massive breach at the start of this year, UK retailers would not have been breathing a sigh of relief at the news in case the same thing befalls them.   As it turns out, one of the UK’s premier retailers has suffered a data breach with 2,239 loyalty card holders’ details published. Being in the headlines of the security press is nothing new for Tesco, after...

Water Water Everywhere, and not a Byte to Eat Professor John Walker, BCS Some years ago, we as a young family were unfortunate enough to suffer flooding on no less than two occasions, and until it has happened to you, you really can’t appreciate the suffering, devastation, and mental anguish caused by seeing your home, belongings, and lifestyle trashed by the uninvited incursion of water. However, that is just the start of it, with the...

Last week saw Vince Cable deliver a speech where he highlighted the risks against critical national infrastructure (CNI) by cyber attacks. To those of us in the industry, this was not news. The Stuxnet virus of 2010 demonstrated to a high level how an online attack can destroy a physical being, in that case an Iranian nuclear centrifuge which was designed to be overworked to a point that it was useless. Now that was a...

Since the news of the Target breach broke and it was revealed that there was malware on the point of sale (PoS) system, I have been increasingly interested not only in how the malware got there in the first place, but the story as it has rolled on. According to research from McAfee, Target was compromised via undisclosed methods in November and the attackers planted point-of-sale malware and intercepted approximately tens of millions of records...

There were no Friday night beers for Google last week as it battled with major outage of its Gmail email service.   According to Techcrunch, the outage affected users in Europe, the US, Canada and India, for around 50 minutes. It said that the error being seen by most users was a (500) code problem, indicating that it was a temporary problem.   Google called it a “disruption” in its Gmail service, according to the...

In a recent conversation, I asked a company spokesperson if open source could ever be secure as so many people are able to change the code.   This led me to ask those companies both involved in open source development and the wider industry, is there such a thing as secure open source? Mike Janke, CEO of Silent Circle said that the most important tool is to have your stuff reviewed around the world.  ...

Friday afternoon was, for many, the statement the world had been waiting six months for.   In a full speech, President Obama affirmed that “mass surveillance has a future” claiming that the NSA is “not abusing authorities in order to listen to your private phone calls, or read your emails.” The full transcript of the speech is available here via the Guardian; in it, Obama claimed that the creation of the NSA by President Truman...

The rising figures in the Target data breach have proved that it is important to know what has happened, how it happened and what was taken in such an event.   The breach, which was reported in December and suspected to have compromised up to 40 million payment cards, was later suspected to have affected up to 70 million users. A statement from Target, hosted by Brian Krebs, said that this was “uncovered as part...