This Week's Gurus

After recent data breaches, Jo Gibson, Operations Director at leading cloud-based payments bureau First Capital Cashflow, explains the security benefits of using cloud services. After a number of high profile security breaches, both in the UK and overseas, the use of cloud-based systems has recently come under the microscope. Many people are becoming increasingly concerned with the reliability of the cloud and whether or not customer’s data, in particular financial data, is in fact secure....

Year on year the information security industry is experiencing a myriad of new challenges and considerations to keep organisations safe. Over the last two years I’ve noticed a significant uptake in discussions about cyber insurance. This comes as no surprise, as risks to organisations have risen well beyond manageable levels, with a single cyber attack bringing down several major sites including Spotify and Twitter last year. The costs associated with such breaches can greatly impact...

For the past few years a regulation has been plaguing the minds of businesses everywhere - EU GDPR. Now almost 3 years later we know what the regulation will be and when it will come into effect (25th may 2018). But still many business heads are left wondering what it really means and how will it affect them and their business. Let’s take a look at GDPR and some of the myths that surround it...

Data security is a big deal. You know it, I know it, and it is hard to argue at this point in time, that unless you’re living off the grid, data security is a universal value. On an almost daily basis, data breaches and their severe, far-reaching consequences are reported in the news, leaving organisations on a multinational scale in no doubt that this is an issue of the very highest significance. Further, regulations such...

When one compares cyber security today to what it was ten years ago, the two are almost unidentifiable as the same industry. The iPhone had only just launched; Facebook was still in it’s infancy; the Internet of Things (IoT) was still a dream. The routes a hacker could use to access a system were limited, and because of this, cyber security was built around walls. One was encouraged to block attacks with firewalls and other...

The Budget Ninja When thinking of the security team, a common misconception is that it is made up of a group of ninjas who can defend the enterprise with the click of a button, before anyone has even noticed anything is wrong. In reality, the IT team works in a similar way to others in the enterprise – nothing happens if budgets and corporate strategic goals aren’t met. For example, the role of the ‘budget...

  In recent times there have not been many things that are of the same magnitude as the Internet of Things (IoT), according to estimates there are billions of connected devices around the world. IoT is in essence the digital equivalent of holding hands, and in 2016 the grand total of connected things on planet Earth rose to 6.4 billion. With the volume of connected things rapidly increasing, scores of IoT enablers such as sensors...

Every year seems to be “the year of” something in cybersecurity. For example, in 2013, it was “the year of the financial breach.” In 2014, the “year of the retail hack.” In 2015, we saw at shift to healthcare and, in 2016, ransomware reigned and even democracy came under fire. 2017 is already shaping its own theme. Research from prominent third parties, as well Carbon Black’s own research, indicates that 2017 may become “the year of non-malware attacks.” Non-malware attacks have been...

By Ian Newns, Senior Business Solutions Architect EMEA, RSA and Nathan Close, Head of Solutions Engineering EMEA, RSA. The European Banking Authority recently drafted the latest technical standards for the Payment Services Directive II (PSD2), which serves as the legal foundation for a new cross-EU payments market. In 2016, European e-commerce sales are expected to increase 17% to €183 billion and the use of payment service providers (PSPs) is increasing significantly. Couple this with the changing...

With each day that passes, threat intelligence platforms automatically absorb hundreds, thousands, potentially millions of indicators, forcing teams, and vendors, to quickly define a threat data lifecycle or expiration strategy. This has been a controversial discussion for most of my career. Much like attribution, expiration efforts are very subjective and depend entirely on tools, adversaries, feeds, and the teams’ sanity point between chasing false positives and precautionary due diligence alerts. So what do we mean...