Opinions & Analysis

With 2014 creating so many security headlines, the prospect of a breach is now a ‘when’ not an ‘if’.   The problem remains that risk is usually only managed at board level once a major attack has taken place, which besides being by far the most expensive way to resolve such problems, is neither logical nor sustainable. When the US retailer Target was hit by a data breach in September 2013, its profits fell by...

With virtualisation now becoming an increasingly core part of mission-critical IT infrastructure, it is growing as a platform for managing customer data, financial transactions and the applications businesses use every minute of every day.   This reliance on the virtualised environment has moved the issue of how to secure it higher up the business agenda, with Kaspersky Lab research suggesting that for 21 per cent of enterprise-level IT managers, it is one of their top three...

This week the social media has been alerted to the new kid on the block, the stripped down and “simple, beautiful and ad-free” Ello.   Do you have an invitation to join? If you have, are you missing out on much? I’ve been using it for a few days and the feedback seems to be pretty unified in the “not much going on” field.   The website’s own manifesto is around user privacy and its...

2014 has been a pretty brutal year for data breaches and hack attacks.   From eBay to Spotify and back again, it feels like there has been a total avalanche of data being pinched from under the noses of the companies that we have trusted to keep our information safe.   What astounds me, even more than the fact that companies don’t seem to be learning any lessons, is that the default response when an...

As summer comes to a close, there will undoubtedly have been an increase in the number of people taking time off to holiday. This would have led to the familiar rush to complete work, an increase in the number of staff working remotely, and, for an unlucky few, even taking the laptop on holiday with them. For many organisations this will have increased the risks typically associated with corporate data and sensitive information on the...

Today sees the second solo album released by Radiohead frontman Thom Yorke, but questions have been asked of the security of using Bittorrent.   Rather than putting his new solo album out on CD and vinyl, through retailers or MP3 download via recognised or band sites, Yorke made his music available through the peer-to-peer service, reported the Sydney Morning Herald.   Following on from Radiohead’s release of its 2007 album “In Rainbows” on a pay what...

When Gartner coined the phrase "Next Generation Firewall (NGFW)” in 2003, it captured a then-nascent approach to traffic classification and control.   Combining traditional packet filtering, with some application control and IPS layered on top, today’s “legacy” NGFWs do pretty much what they say on the tin.   However, whilst NGFWs continue to be a vital part of an organisation’s protection, they were designed for a time before advanced targeted threats started attacking our enterprises...

More than six months after Heartbleed captured the internet security industry's attention, another major bug is making the headlines.   Affecting UNIX and Linux servers, Bash is a serious issue and one that will not be easy to fix. Although some are calling it the next Heartbleed, here is what some of the industry's finest minds are saying.     Ben Johnson Chief Security Researcher for Bit9 + Carbon Black   “The tricky aspect of this vulnerability...

The national news will be dominated by a four letter word for the next few days and, until yesterday, it is not one we would usually use.   Call it Shellshock or Bash, the flaw has been described as being as bad as Heartbleed, or even not as bad, depending on who you listen to. Essentially, the flaw affects UNIX and Linux users and, therefore, the underlying internet infrastructure. If you can get administrator control of...

This week we have seen two breaches of payment card data reported in 24 hours.   The first regarded Texan clothing retailer Sheplers, who suffered a breach of names, credit and debit card account numbers and expiration dates after payment systems were affected between June 11th and September 4th.   The second revealed that Viator, a partner of travel website TripAdvisor, had customer credit cards used for fraudulent purposes. It warned users who had created a Viator account...