Security Roundup November 2019
Know when to hold, know when to fold When it comes to ransomware, security consultants and law enforcement have always advised victims not to pay up. That’s understandable, since paying effectively rewards criminals for committing crime. But just as hard cases make for bad law, there are times when organisations have no choice but to […]
Best practice cybersecurity – BSides Belfast keynote 2019
I had the privilege of delivering the opening keynote address at BSides Belfast 2019. My main goal was to ensure the audience understood the importance of best practice cybersecurity. And the stars all seemed to line up in my favour. The conference was on the last day of October – or cybersecurity awareness month, as […]
Good cybersecurity – top tips and advice
For European Cybersecurity Month, we have been posting daily tips on our LinkedIn and Twitter feeds. This post rounds up the advice from our October blogs into one post for ease of reference. We hope you find the advice useful. Our first week of tips focused mainly around good cyber hygiene. To clarify, that is […]
How to build a positive cybersecurity culture – Part 2
In part one of this blog, I looked at why positive cybersecurity culture can be more effective and lasting than programmes or time-limited initiatives. At a practical level, I looked at the first three steps to putting that culture in place. It starts with the importance of leading by example and the often unspoken signals […]
How to build a positive cybersecurity culture – Part 1
Cybersecurity culture in a workplace is positively promoting and embedding safe cybersecurity practices. It’s proactively educating employees on potential cybersecurity threats and on the right behaviour to mitigate such threats going forward. There are lots of good reasons for having a cybersecurity culture within your organisation, here’s two: The risks and threats are now so […]
Security Roundup October 2019
Software bugs: a lot done, more to do The newly published Common Weakness Enumeration CWE Top 25 lists frequent and critical weaknesses that can lead to serious software vulnerabilities. MITRE, the non-profit group that publishes the list, noted that these weaknesses are often easy to find and exploit. “They are dangerous because they will frequently […]
ISO 27001 extends privacy controls – what this means in practice
The International Organisation for Standardization (ISO) recently published an extension to ISO/IEC 27001 and 27002 for privacy information management. In this post, we’re going to take a closer look at this development. As regular readers of this blog will know, we at BH Consulting are big supporters of the ISO 27001 information security standard (note: […]
Sales & Marketing Administrator
BH Consulting is a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity. We are currently looking for a Sales and Marketing Administrator, to work mainly with our Head of Sales and Business Development Manager, in supporting them in sales and marketing activities. Commencing Date: […]
Six steps to better mobile device security
When I conduct security awareness sessions with companies, many people are surprised to discover mobile apps can potentially be malicious. To make matters worse, it’s getting harder to spot risky apps. You might expect obvious red flags, but a recent incident shows how hard mobile device security is for security professionals and regular users alike. […]
Cybersecurity threats and solutions: 13 steps to better protection
Once the realm of IT security professionals, cybersecurity is now an issue and concern for all business people. The scale and volume of cybersecurity threats to business has been steadily increasing. There are many examples of high-profile security breaches such as those at BA and the Marriott hotel Group which exposed millions of people’s personal details. […]