Many years ago I went to the doctor with a weird arm. If I held my elbow and wrist just-so, it seemed to stop the blood supply going to my fingers. Nothing too dramatic, but worth getting checked out. I was referred to the local hospital where the specialist remarked that he had never seen anything like it and he was keen to investigate further.
“I should add that you’ve been referred to the wrong department. This ...
Read More →
A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.
The survey stresses the importance of addressing this vulnerability:
Read More →
12
MAY
2019
Posted by:
We’ve pulled together an FAQ on DevSecOps, so you can give some thought on whether this approach might be beneficial in your organization. We hope it’s useful.
The concept evolved from its predecessor DevOps, a portmanteau for Development and IT Operations (Dev + Ops). I have also heard it referred to as “Agile on steroids”. The idea is simple: it bridges the gap between development and IT teams through collaboration to reduce project ...
Read More →
The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.
Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.
Read More →
26
FEB
2019
Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches. With that in mind there are a number of IT security topics that should be top of mind for 2019.
Take a look at a few we’ve identified…
Security by Design
We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...
Read More →Posted by:
It seems that 2.6 billion records were exposed in the first half of 2018. Just to provide context, remember that there are less than 3 times that many people alive on the planet. Obviously, those records don’t represent unique users, but it goes to show the sheer scope of the problem.
And it is an expensive problem. In the U.S. the average price tag swells to $7.91 million per breach, with an average clean up time ...
Read More →Posted by:
Earlier this year, we wrote about supply chain risk, warning organizations to be more wary, especially since GDPR has come into full effect. That said, GDPR is by no means the only privacy regulation out there (consider Massachusetts’ CMR 17.00 or California’s 2018 Consumer Privacy Act. No longer can we assume little to no liability when it comes to third party processing or handling of sensitive data.
Read More →
25
JUL
2018
Image courtesy of the Los Angeles Daily News
The U.S. political landscape is shifting dramatically, and no one knows what this shake out will uncover. For better or worse, it is certainly rocking the boat for U.S. residents, but changes are afoot for other global entities as well.
One of these entities is China.
According to media reports as recent as yesterday, China says it is “fully prepared” for a trade war with the U.S.
This coming ...
Read More →
One of the recent additions to the cyber threat landscape plaguing many organizations is the introduction of Crypto Miners. Due to the rise in popularity of Cryptocurrency, attackers have been shifting their attention and focus on gaining access to as many resources as they can find. The end goal of these attacks is to utilize the victim’s CPU to mine Cryptocurrency. To gain access to these resources the attackers are cycling in and out the latest and most popular exploitable ...
Read More →
Ahhh the joys of supply chain risk management. It is a complex beast with many heads, each focusing on the problem from a different operational standpoint.
The goal is of course to build and maintain a resilient system of checks and balances so your organisation’s supply chain is healthy and operating at an acceptable level of risk.
If this sounds easy to you, I am willing to bet you’re a theoretical expert.
Read More →
13
MAR
2018
