Security newsround: July 2018

We round up reporting and research from across the web about the latest security news and developments. This month: stress test for infosec leaders, cybercrime by the numbers, financial fine for enabling cyber fraud, third party risk leads to Ticketmaster breach, Privacy Shield in jeopardy, and a win for Wi-Fi as security improves. Under pressure: […]

Security awareness: it’s all just child’s play

Security awareness is not so different from parenting. Our aim is to change behaviour for the better. As dad to three children, I’m used to communicating with the different personality types of each of my kids. In an office environment, it’s just bigger kids in a bigger playground. Whether it’s a team, a department, or […]

How branding gives your security awareness messages extra strength

Many security professionals probably give little thought to branding; they prefer to leave that fluffy stuff to the marketing team. But when it comes to security awareness, branding can add a touch of goodness to your efforts. (And if you want to know what this has to do with creamy pints of the black stuff, […]

Security newsround: June 2018

We round up reporting and research from across the web about the latest security news and developments. This month: help at hand for GDPR laggards, try and efail, biometrics blues, and calls for a router reboot as VPNFilter strikes. Good data protection resources (see what we did there?) Despite a very well flagged two-year countdown […]

The building blocks to a career in cybersecurity

Forging a career in cybersecurity is like building a house. Starting with a solid foundation makes it easier to build the layers on top. Now that I am a client-facing consultant performing ISO 27001 gap analysis and internal audits, it’s clear to me how my previous role in application support gave me a grounding in […]

Here’s how to boost web security after Google HTTPS move

Security professionals will doubtless welcome Google’s decision to mark all HTTP pages as ‘not secure’ from next September onwards. Marketing executives who haven’t kept up to date with this web security issue might not feel so accommodating. But the announcement is a good opportunity for both groups to start a conversation. Otherwise, here’s what will […]

The answer’s in the question: risk assurance that’s ready-made for a regulator

Regulators and auditors expect us to have all kinds of controls in place to manage information security. Standards like ISO 27001 or frameworks like the CIS Controls are helpful guides for applying these controls, but they don’t ask questions in the same way a regulator or auditor would. Many organisations don’t catalogue the software and […]

Charities guide to better cybersecurity in 10 steps

Charities in Ireland face an increase in cybersecurity threats. Cybercrime incidents are increasing, and no-one is immune. Criminals have the means and the opportunity to target organisations for extortion, financial gain, or to steal valuable data. As the rate of attacks rises, so too are the costs to recover. As well as financial losses, a […]

Using ISO 27001 to guide your GDPR breach response plan

Among the many changes GDPR will usher in, one of the biggest for many organisations will be mandatory breach reporting. From May 25, all organisations holding personal data about European Union residents must disclose a breach if it is “likely to result in risk to personal data”. What’s more, organisations must report such breaches within […]

Security newsround: May 2018

We round up reporting and research from across the web about the latest security news and developments. This month: police success against cyber villains, the value of personal data, IoT security, a new ransomware strain, a new security framework and Gmail goes for 2FA. Law’s long arm collars cyber crooks Police forces scored three big […]