Security newsround: November 2018
We round up interesting research and reporting about security developments from around the web. This month: blaming the user (or not), passwords, protecting data and privacy, and security leadership (or the lack of it). The blame game Who’s to blame when poor passwords lead to breaches? That was a matter for debate among the respected […]
Beyond governance, risk and compliance: privacy, ethics and trust
We are currently experiencing the fourth industrial revolution (FIR), characterised by a blurred fusion of all things physical, digital and genomic. Each revolution has been accompanied by a privacy legislation wave, linking its governance to the accelerating pace of change. So we find ourselves in the fourth privacy wave, where technological changes outpace regulation – […]
The value in vulnerability assessments: closing gaps to improve security
Vulnerability assessments usually involve using automated tools such as Nessus or Qualys to carry out a passive scan of an organisation’s systems. The process produces a list of security gaps and ranks them in order of risk. It gives an organisation clear data to guide the process of deciding which issues to prioritise first based […]
UK NCSC chief highlights resilience as key to better security
Here’s a question for security professionals to ponder: why are we only ever a few clicks away from disaster? It’s inspired by a recent presentation in Dublin by Ciaran Martin, CEO of the UK National Cyber Security Centre. On a visit to Dublin earlier this month, the UK’s cybersecurity chief stressed the importance of building […]
Conference trick: how to choose worthwhile security and privacy events – and which to avoid
When I started out in my career, I always believed that speakers at conferences were ‘selected’ on the basis of their contribution to the profession. I believed that if someone was on a stage speaking to an audience, they had something important to say – and it was important for me to hear it. I […]
EU Cyber Security Month roundup – advice on staying secure
During October, BH Consulting has been sharing daily advice about digital security and privacy on its social media channels as part of EU Cyber Security Month. This blog gathers together all of these tips into a single place. As each week goes by, we will keep adding to the content, in descending order. By the […]
Security newsround: October 2018
We round up interesting research and reporting about security developments from around the web. This month: data breaches are up (again), help with hacks, incident response, attacks on trust providers and a numbers game. Breach over troubled water More than 4.5 billion data records were compromised in the first half of 2018. That’s a 133 […]
Ireland needs a coherent national approach to cybersecurity
I was interviewed by the Irish Times on why “Ireland (is) Vulnerable to Cybersecurity Attack” During my chat with Charlie Taylor I mentioned a number of concerns I have regarding how Ireland is dealing with cybersecurity at a national level and that in many areas it is disjointed with no one department or function taking […]
Dublin Information Sec 2018: take note of this advice to embed lessons from a data breach
When assembling an incident response team, it’s worth including someone whose job is to take notes. It might seem like a small point, but it’s a big help for communicating during a breach, and learning lessons afterwards. Maybe it’s because I write things down for a living, but for me, that was one of the […]
Plan for potential incidents and breach scenarios, cybersecurity conference hears
Businesses should prepare an incident plan for security breaches in advance to know what resources they’ll need to deal with it. Speaking at the Technology Ireland ICT Skillnet Cybercrime Conference earlier today, Brian Honan said that running different scenarios can help businesses identify whether they’ll need assistance from IT, legal, HR or public relations. Research […]