The California Consumer Privacy Act, or CCPA, seemed to take an age between being signed into law in 2018 and coming into effect in January of this year. Even after this long lead-up time, businesses were given an additional six months of grace. That six month has just come to an end on 1st July.
So now that CCPA has properly come into effect, what’s your business doing about it?
You ...
Read More →
My friends who are lucky enough to still be employed throughout the pandemic appear to be split into two camps. Half seem to be spending much of the day staring out of the window, largely unproductive, the bosses’ gaze concentrating on other areas like the distracted Eye of Sauron. The other half are working three times as hard to make up for the colleagues who are furloughed or are unlucky enough to have been cut.
One set ...
Read More →
Last time I discussed the ‘Did they really do that?!’ kind of data breach, the one where you can’t quite see how an organization could manage to have that much data exposed that openly for that long. We all laugh, but as the news clearly demonstrates, it could happen to any company of any size with seemingly any budget.
Malicious actors, however, aren’t just sitting around waiting for the latest instance of an accidental data splurge. They’re ...
Read More →
There has been quite a trend in recent years of companies going from zeroes to heroes to villains in a short space of time: think Uber and WeWork.
Unsustained growth can pose problems, particularly if you do not take cybersecurity seriously.
Enter Zoom. Its fast growth caught the attention of bad actors and security researchers alike. Here are just a few of the recent security issues that have been raised.
Whether you run your infrastructure in house or in the cloud, you’ve probably heard of serverless computing, and how it can make running applications easier and cheaper. But is it all it’s cracked up to be, and is it more secure than running ‘always on’ servers?
Let’s start with the obvious advantages:
No infrastructure to maintain, not even virtual
With serverless computing, you don’t have to worry about provisioning servers, not even virtual ones. Your code runs ...
Read More →
Many years ago I went to the doctor with a weird arm. If I held my elbow and wrist just-so, it seemed to stop the blood supply going to my fingers. Nothing too dramatic, but worth getting checked out. I was referred to the local hospital where the specialist remarked that he had never seen anything like it and he was keen to investigate further.
“I should add that you’ve been referred to the wrong department. This ...
Read More →
A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.
The survey stresses the importance of addressing this vulnerability:
Read More →
12
MAY
2019
Posted by:
We’ve pulled together an FAQ on DevSecOps, so you can give some thought on whether this approach might be beneficial in your organization. We hope it’s useful.
The concept evolved from its predecessor DevOps, a portmanteau for Development and IT Operations (Dev + Ops). I have also heard it referred to as “Agile on steroids”. The idea is simple: it bridges the gap between development and IT teams through collaboration to reduce project ...
Read More →
The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.
Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.
Read More →
26
FEB
2019
Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches. With that in mind there are a number of IT security topics that should be top of mind for 2019.
Take a look at a few we’ve identified…
Security by Design
We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...
Read More →
