This Week's Gurus

Canary in the ransomware mine Gunter Ollmann, CSO, Vectra Networks Ransomware is clearly the scourge of 2016. Every week there is a new and notable enterprise-level outbreak of this insidious class of malware – crippling and extorting an ever widening array of organisations. For a threat that is overwhelmingly not targeted, it seems to be hitting large and small businesses with great success. The malware infection can come through the front door of a failed...

GDPR: What are we going to do with your data? Christine Andrews, managing director, DQM GRC  “Keep Calm and Carry On” seems a fitting theme for the finally-published General Data Protection Regulation (GDPR) - a new European wide legislation which is designed to give individuals greater control over their personal information. However, this is only the case if you’re one of the organisations already valuing customers’ data. Unfortunately, for too long, some organisations have “presumed”...

Everyone is talking about the Internet of Things. Connected devices are gaining momentum in homes, businesses and public service infrastructure. These devices are not only creating new possibilities for how we work and communicate but fundamentally transforming every aspect of life, from automated drug administration devices to traffic lights and air sensors in buildings. Yet in a bid to manage the sheer scale of IoT devices, organisations are failing to consider not just the security...

Ask any top-level security bod and they'll tell you that they're sick and tired of their part of the company appearing at odds with the rest of it - despite their shared goals and incentives! So we took a seat with David Cramer, Vice President at BMC Software to get his take on why this seems a natural part of doing business today and what differences we can make in how we work and communicate to...

In the Spring of 2001 I attended a week long 'ethical hacking' course run by Internet Security Systems, a company that is now a security research team at IBM. The training was excellent, both explaining how to explore and break into systems then allowing students to exploit servers, steal information, crack passwords and deface websites. This was, naturally, conducted within a carefully controlled lab environment. The course was based largely on a new series of...

As companies introduce more advanced back-up measures, employees appear to be becoming increasingly casual about saving documents, confident they can call on IT to help them retrieve missing data.  They rarely realise how vulnerable that backed-up data can remain when not stored correctly, according to information management company, Iron Mountain. With many companies now relying on sophisticated, hybrid back-up procedures that include tape, disc and the cloud, employees assume that the information they need will...

Breaking the Barriers to SIP Security As the benefits of VoIP become ever clearer to businesses of every size, sales of the underpinning SIP Trunking technology continue to grow, providing a great revenue stream for vendors and resellers alike. But how many organisations are fundamentally compromising customer relationships by ignoring the need to add security to the SIP Trunking solution? In an era of near continuous security breaches, SIP trunking is inherently vulnerable. Unsecured environments...

Bank heists for the digital age Kirill Slavin, Managing Director at Kaspersky Lab  As the line between the virtual and real criminal world grows ever murkier, it’s not surprising online bank robbers are using the anonymity afforded by cyberspace to infiltrate the real world and get their hands on physical cash. At the same time, within the online world, criminals are diversifying, borrowing each other’s methods and innovating on a new level to fulfil their...

Types of Fraud in E-Commerce by Karsten Witke, Head of Payment Services Risk, PPRO Group E-commerce revenue is constantly increasing, but the number of fraud cases, as well as the percentage of fraud in online transactions, is increasing faster still. But what types of fraud exist and—more importantly—how can we protect ourselves against them? The Nilsen Report (1) uses the example of card-based payments to illustrate the point: Internet payment fraud is constantly increasing, and...

A blockchain is a data structure, originally used by bitcoin, that maintains a growing list of transaction records in a way that is extremely resistant to tampering.  This technology is seen by many as the basis for creating distributed ledgers for a wide range of applications.  But what are the risks associated with the use of this technology? Distributed ledgers offer a range of potential benefits to both private sector organizations as well as government...