Buckle up: what the auto industry can teach us about IoT security
Help Net Security has published an op-ed from Brian Honan entitled ‘IoT security: lessons we can learn from the evolution of road safety’. The piece compares the lack of safety features in cars 50 years ago with today’s Internet of Things. Inspired by a conversation with his father about growing up in rural Ireland, when […]
Security newsround: August 2018
We round up research and reporting from across the web about security developments. This month in our security newsround: authentication acceptance, failing the text test, defining resilience for infosec, avoiding distraction, privacy made simpler and much more. More forceful arguments for multi-factor authentication The UK National Cyber Security Centre has published new guidance on multi-factor […]
Here’s the missing ingredient in a solid security and business continuity plan
Security incidents can cast an unforgiving light on many organisations’ readiness. They highlight the need for security programmes that go further than just fixing things when they break. Response has been security’s classic default reaction to an incident. Something is broken, so we need to fix it. But this misses a critical ingredient: resilience. If […]
I read the news today, oh boy: social sharing and the dangers of false information
We’ve all done it: shared a post on social media in the belief that it’s spreading an important message or helping someone in need. But how many of us check to see whether it’s genuine? Earlier today I appeared on East Coast FM Radio in Ireland to talk about this problem. The interview came after […]
Pen testing: why do you need it, and five steps to doing it right
Penetration testing can contribute a lot to an organisation’s security by helping to identify potential weaknesses. But for it to be truly valuable, it needs to happen in the context of the business. I asked Brian Honan, CEO of BH Consulting, to explain the value of pen testing and when it’s needed. “A pen test […]
Is banning USB drives the key to better security behaviour?
Convenience often beats security where users are concerned. Take USB keys, for example. They’re a very handy way to transfer files between computers, but they’re also a huge security risk. IBM recently attempted taking the drastic step of banning all removable portable storage devices (eg: USB, SD card, flash drive) completely. Should others follow suit? […]
Security newsround: July 2018
We round up reporting and research from across the web about the latest security news and developments. This month: stress test for infosec leaders, cybercrime by the numbers, financial fine for enabling cyber fraud, third party risk leads to Ticketmaster breach, Privacy Shield in jeopardy, and a win for Wi-Fi as security improves. Under pressure: […]
Security awareness: it’s all just child’s play
Security awareness is not so different from parenting. Our aim is to change behaviour for the better. As dad to three children, I’m used to communicating with the different personality types of each of my kids. In an office environment, it’s just bigger kids in a bigger playground. Whether it’s a team, a department, or […]
How branding gives your security awareness messages extra strength
Many security professionals probably give little thought to branding; they prefer to leave that fluffy stuff to the marketing team. But when it comes to security awareness, branding can add a touch of goodness to your efforts. (And if you want to know what this has to do with creamy pints of the black stuff, […]
Security newsround: June 2018
We round up reporting and research from across the web about the latest security news and developments. This month: help at hand for GDPR laggards, try and efail, biometrics blues, and calls for a router reboot as VPNFilter strikes. Good data protection resources (see what we did there?) Despite a very well flagged two-year countdown […]