An organisation can be at risk from many sources and it not just IT. The recent UK floodings, bombings and terrorist attacks have also had their impact and it is essential that organisations have plans in place to deal with the aftermath – should these disasters occur.
Fundamentally, you need to understand where your real risks lie and how you mitigate them. Consider your primary business assets, not forgetting your information assets. This is where ICT risk management is often misplaced; it is relatively easy to replace hardware, but the information stored thereon may have taken years to design or accumulate. Your main options are to: prevent the risk – stop it happening; reduce the risk – reduce the impact if it does happen; or transfer the risk – bluntly put – make it someone else's problem!
From ComputerWeekly.com Cyber theft from 20,000 compromised Tesco Bank current accounts shows traditional approaches to security are not working and that companies are not taking the threat seriously enough, according to experts. Tesco Bank halted online banking after 40,000 current accounts were compromised and half of those were hit by ... read more..
From SC Magazine A new online cyber risk tool has been produced to allow organisations to assess their cyber security strengths and weaknesses. The tool has been created in response to research from BAE Systems that reveals weaknesses in UK cyber security measures that are putting businesses at risk. It ... read more..
From CIO Ransomware quite often targets businesses (for example hospitals) rather than individuals. Corporations have more valuable data and more money for ransom (ransom increases from roughly $500 per computer to $15,000 for the entire enterprise). Cyphort has examined different variants of ransomware to help users get an idea of ... read more..
From SC Magazine Gartner analyst Dionsio Zumerle spoke at the Gartner Security Risk Management Summit about the state of mobile security, focusing on the idea that IT security needs to move to 'people-centric' security practices when it comes to managing mobile devices in the enterprise. Zumerle said: 'All too ... read more..
From ComputerWeekly.com Almost three-quarters (74%) of UK small and medium-sized enterprises (SMEs) think they are safe from cyber attack, despite half of them admitting having suffered a data breach, according to a report by Juniper Research. The research found that 50% of small businesses have suffered a data breach, two-thirds ... read more..
From SC Magazine Over half (52%) of IT practitioners believe that policies against the misuse or unauthorised access to company data are being enforced and followed, yet only 35% of end users say their organisations enforce those policies. A new study from the Ponemon Institute analysed responses from 1,371 end ... read more..
From TechRepublic Niantic Labs continues to improve on the security of Pokemon Go, but that doesn't mean the risks are gone. Server hacks, permissions being secretly granted and malware-infested clone apps are all out there. BYOD offices need to be prepared for all potential risks. Let's make one thing clear: ... read more..
From V3.co.uk Efforts to tackle the scourge of ransomware have been boosted by a new initiative designed to educate people about the threat and offer keys that can unlock devices without having to pay the fraudsters. The No More Ransom portal has been created by Intel Security, Kaspersky Lab, Europol ... read more..
From Computing.co.uk Security guru Bruce Schneier, the author of multiple encryption algorithms, founder of security company Counterpane and former chief technology officer of BT Managed Security Solutions, has warned that the 'craze' for connecting devices to the internet with little thought about security will result in a major disaster. Schneier ... read more..
From SC Magazine Nearly two-thirds (65%) of IT security pros would be grounded in some capacity for the messy state of their firewall rules. Of those, over half or one-third of the total said that if their firewall rules were a teenager's room, Mum would be so angry that they'd ... read more..
From V3.co.uk UK staff are putting their companies at risk of phishing attacks because they are too willing to accept friend requests from random people on LinkedIn. A survey of 2,000 workers by Intel Security found that around 24% admitted to accepting requests from people they don't know, opening company ... read more..
From SC Magazine An alarming 36% of businesses have yet to develop a cyber attack response plan, according to a new report by F5 Networks. F5 Networks conducted research at the InfoSec conference in London this week and discovered that some of the top concerns for IT security pros are ... read more..
From IT Pro Over a third of IT workers have admitted to accessing corporate systems after they have left a company, potentially breaching the Computer Misuse Act. According to a survey carried out by Vason Bourne on behalf of Protected Networks, 49% of those surveyed said they had retained access ... read more..
From ComputerWeekly.com Human error is the main cause of data breaches, according to statistics obtained from the UK's Information Commissioner's Office. Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO ... read more..
From InformationWeek Data breaches have become so common that it's easy to overlook them. There were 781 known data breaches in 2015, according to the Identity Theft Resource Centre, enough to read about mistakes being made twice a day if the media chose to write about every incident. Websites like ... read more..
From Computerworld.com Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers free website optimisation, management and security features. It was developed by Automattic, the company behind WordPress.com ... read more..
From CIO Employee-related security risks top the list of concerns for security professionals, but organisations aren't doing enough to prevent negligent employee behaviour, according to a new study. Last month, security research firm Ponemon Institute, sponsored by Experian Data Breach Resolution, surveyed 601 individuals at companies with a data protection ... read more..
From IT Pro A quarter of all Windows devices, including tablets, computers and smartphones, are open to 700 vulnerabilities because enterprises have failed to update Internet Explorer (IE) at a company-wide level. Duo Security revealed the statistic as part of its Trusted Access 2016 report, which also found 72% of ... read more..
From Computerworld.com The potential of connected devices to create damage, injury and mayhem is an ongoing security concern. But so far, the Internet of Things is not being linked, in a significant way, to security problems, says a new study. Verizon, in its just-released annual report of report of cyber ... read more..
From ComputerWeekly.com Businesses need to recognise that the process of digital transformation will affect all of their major areas, creating new security problems as once separate systems are connected in new ways, said Martin Kuppinger, principal analyst at KuppingerCole. 'Just about everything companies do in terms of digital transformation means ... read more..
From Computing.co.uk More than 3 million servers worldwide are at risk of ransomware due to out-of-date or insecure apps, and inadequate updating and patching practices. That is the warning from Cisco Systems' Talos security service, which warns that as many as 3.2 million servers could be compromised due to a ... read more..
From Information Age Two years after the EU's General Data Protection Regulation (GDPR) was first announced, 20% of IT decision makers in the UK are still unaware of its existence, accordingto research. The European Parliament formally adopted the GDPR last Thursday and when it comes into force in 2018 it ... read more..
From ComputerWeekly.com Six-in-ten UK employees are putting their businesses at risk of malware infection by using their personal devices to access corporate networks and illegal pirated content, a study has revealed. Although 80% of those accessing the content consider the personal security risks of doing so, only 60% consider the ... read more..
From SC Magazine Two recent reports highlight the security and privacy threats posed by third-party vendors. The reports examine companies' procedures for handling third-party vendor permissions and the ability of companies to track these vendors' activities. One of the reports, which surveyed IT and security professionals in the US, UK, ... read more..
From Computing.co.uk A staggering 97% of IT professionals surveyed by Computing are using standard anti-virus software to stop zero-day attacks. The research was presented during a web seminar, entitled Anti-virus software has had its day how can you protect against advanced threats? It was also revealed that while 57% ... read more..
From SC Magazine In 2015, the average company had roughly 9.9 million files accessible to every employee regardless of their roles. Varonis collected a year's worth of anonymous data from dozens of customer risk assessments conducted in mid-to-large companies in various sectors. The data was collected during risk assessments for ... read more..
From IT Pro UK workers take greater steps to protect personal files than work documents, a new study has revealed. The survey of 2,000 full-time UK workers around the country carried out by Censuswide last year on behalf of Citrix, found what the virtualisation and cloud services firm described as ... read more..
From SC Magazine Half of IT professionals are having a hard time keeping up with enterprise patching. Dimensional Research and Tripwire's Vulnerability and Exposure Research Team (VERT) studied 480 IT pros involved in patch management and assessed enterprise patch volume and installation trends. Patch management is critical for lowering security ... read more..
From ComputerWeekly.com Most IT leaders recognise the importance of data protection but more than a quarter of IT decision makers (ITDMs) at UK firms admit they could do more to protect corporate data. Almost 90% of CIOs/CISOs, 80% of ITDMs and 74% of knowledge workers said their ability to ... read more..
From ComputerWeekly.com A lack of cyber security awareness among employees is putting UK organisations at greater risk, a study has revealed. UK organisations are putting their reputation, customer trust and competitive advantage at greater risk by failing to provide staff with effective cyber security awareness and capability to defend against ... read more..