This Week's Gurus

Picture the scene: The office of a small but successful law firm is broken into. During the ensuing break-in, hundreds of documents relating to both employees’ and clients’ personal data are stolen and presumed available for sale online, including compromising personal information and financial data. Following an investigation, it becomes apparent that the law firm did not employ basic security controls when attempting to protect their physical premises. No security system, no CCTV, and no...

In the latest IT Security Guru Tweet chat, we were joined by PerimeterX, a leading voice in the world of application security, and a host of other voices from across the Infosec spectrum: Analysts, technical experts, members of the C-suite and professional bodies came together to discuss the emergence of shadow code, a new term to describe the use of third-party scripts in applications, without authorisation or safety validation. Our assembled influencers came ready to...

We are now more than halfway through the year, and what a crazy half it has been, both in terms of the global pandemic but also when you consider the volatile climate that the cybersecurity industry finds itself in. We wanted to find out what trends had been seen, how organisations should go about ensuring security is being kept as a priority, the impact Covid-19 will have and the importance of having a strong security...

In our first-ever IT Security Guru Tweet Chat, we were joined by Javvad Malik, Dr. Jessica Barker, Mo Amin, Ed Tucker and Lisa Forte as they debated the human factor in security. These leading figures from within the cybersecurity community, whom have a wealth of experience and are best placed to talk about the importance of the human element, are deeply passionate about this widely discussed topic. Too much technology? We began with a question...

From: Thomas, Kevin Sent: 24 August 2019 10:43 To: Malik, Javvad Subject: Encryption Jav I’m updating the presentation pack for this months management meeting. Can you send me a short description of encryption so the SLT can better understand the solution. Kev From: Malik, Javvad Sent: 24 August 2019 11:03 To: Thomas, Kevin Subject: Encryption Hi Kevin, Encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those...

Getting the working culture right for any business can be difficult but KnowBe4 seems to have found a winning formula to achieve this. We caught up with Erika Lance, SVP of People Operations at KnowBe4, who is seen as the brains behind much of this success, to hear how she was able to get such great results.

By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant.   The typical APT involves several phases:   Infiltration/Initial compromise:  This...

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, reviewed the results of tens of thousands of simulated phishing tests over the course of Q2 2019 and found that more than 50 percent of those related to social media had “LinkedIn” in the title. With this information, organisations need to train their users how to recognise and manage phishing emails that come into the corporate network. KnowBe4’s analysis shows that...

Securonix, Inc., the leader in next-gen SIEM, today announced that it has achieved SOC2 + HITRUST Type 2 certification for the Securonix SaaS environment. This is the latest advancement in Securonix’s ongoing commitment to provide a highly secure and industry compliant environment for protecting and safeguarding client information. The certification validates Securonix’s adherence to state and federal security, privacy, and regulatory standards for healthcare data. The Securonix SaaS platform operates on AWS, the most secure...

DomainTools, a leader in domain name and DNS-based cyber threat intelligence, today announced the results of the study “Staffing the IT Security Function in the Age of Automation”, conducted in conjunction with the Ponemon Institute. More than 1,400 security professionals based across the US, the UK and APAC provided answers on the impact that automation and artificial intelligence (AI) will have on the staffing of IT security functions. All respondents participate in attracting, hiring, promoting...