Companies face Cybersecurity double whammy in Brexit and GDPR
There are two seemingly separate major events happening in the coming years that will impact on how companies process and store personal data of people living in the European Union. The first is the European General Data Protection Regulation (GDPR) which comes into effect in May 2018. The other is Brexit, where the United Kingdom […]
AWS Cloud: Proactive Security & Forensic Readiness five-part best practice
In a time where cyber-attacks are on the rise in magnitude and frequency, being prepared during a security incident is paramount. This is especially crucial for organisations adopting the cloud for storing confidential or sensitive information. This blog is an introduction to a five-part blog series that provides a checklist for proactive security and forensic readiness in […]
Ransomware investigation: notes from the digital forensics front line
I have always had a big interest in digital forensics; it’s why I chose to pursue this career path. This post documents my first official forensics case involving ransomware: in other words, I got paid to root through someone else’s computer. Although my role is not limited to digital forensics, I enjoy when these cases […]
Pay me my money down: fake invoice email scams highlight business process problems
The effectiveness of an email scam like CEO fraud relies on one person in the target organisation having the means and the opportunity to make payments. It’s not a security problem that technology alone can fix. This type of scam came to mind as news emerged of yet another victim. The Irish Independent reported that criminals […]
Non-fake emails show how far we still need to go to fight phishing scams
If you received an email from a sender called BrokPro2 and the subject line was eight seemingly random digits, would you click to read it or consign it to the spam folder? (Asking for a friend.) To anyone who guessed answer number two, congratulations on your high levels of vigilance. Obviously you were paying attention […]
Password Advice Turns Out to be Less Than Secure
I was interviewed by the News at One on RTE Radio to comment on the man who has disowned his advice about making passwords safer. Now retired, Bill Burr admitted his proposals have been a waste of time. “Much of what I did I now regret,” he told the Wall Street Journal. Back in 2003, […]
Doing privacy ‘rights’ vs doing privacy ‘right’
When privacy is compromised, it can impact an organisation’s reputation, damaging corporate credibility and consumer trust, and increasingly results in rising financial penalties. Many organisations worldwide have suffered privacy breaches, largely caused by a lack of senior management understanding and often resulting from poor governance. Information privacy protection is an important information management issue that […]
Many businesses yet to get in gear over GDPR
GDPR’s widespread effect came home to me – literally – after I got a letter by post from a car dealership recently. My one and only transaction with this company was back in 2000. The car I bought from them hasn’t been mine for more than nine years. Yet still, this company had my name […]
Make it public or private…how secure is your profile online?
Part 1 Did you ever ask yourself if you care what personal information you give out online or in exchange for a “free” service? Do you really want to mix your colleagues with a friends or family on social media? Do you really want to leak some information about your life and interests to strangers? […]
It Could Happen to Anyone – A CEO Fraud Primer
There has been a lot of media coverage lately over various organisations falling victim to CEO fraud. Basically a scam whereby criminals using email fool a target within an organisation into redirecting funds into bank accounts under their control. We have worked with some companies who have fallen victim to this and we also wrote […]