CensorNet named a Niche Player in 2017 Gartner Magic Quadrant for Cloud Access Security Brokers

Posted by: Ed Macnair  /  06 December 2017 13:10:28 GMT

There’s no doubt about it, the global cloud market is increasing exponentially… and, as it does, so too do the cyber threats within the cloud landscape. Today, cloud security is more important than ever before.

Read More

Topics: Cloud Application Security

NIST Digital Identity Guidelines Clarify Importance of SMS in Authentication Strategies

Posted by: Claus Rosendal  /  16 November 2017 16:30:00 GMT

As we anticipated when we first wrote about the Digital Identity Guidelines published by the National Institute of Standards and Technology (NIST), the new recommendations have ignited a fierce debate in the cybersecurity community. What is the best authentication method to protect access to data and systems? Is two-factor enough or does multifactor provide the best defense? What delivery methods are the most secure? Which backend infrastructures ensure the right people access the right data?

Read More

Topics: Security, NIST, User Authentication, SMS

Are humans still the weak link in the Cyber Security chain?

Posted by: Alex Kurz  /  09 August 2017 09:45:00 BST

I think the answer has got to be a resounding yes.

There will always be black swans and sheep that roll across the cattle grid to freedom and suicidal kangaroos that continue to be killed on the roads in Australia. In any type of environment users will be ingenious and sidestep governance and red-tape to get the job done, and there will always be users that despite how much you tell them not to, will commit suicide by uploading the secret sauce to the Web.

Read More

Topics: CensorNet, Unified Security Service, Cyber Security

Sharing Our GDPR Journey

Posted by: Ed Macnair  /  17 July 2017 09:51:57 BST

The 25th of May 2018. For many, that date will have registered little interest when the first official draft of the EU General Data Protection Regulation was published back in 2012. 

The date, and what it would bring, was something to be aware of but too far away to interfere with other, more pressing concerns. Fast-forward to 2016, when the final draft was approved by the EU Parliament, and the speck on the horizon had grown to a more sizeable blob. There was a sudden shift in attitude and the date became a concern for all businesses in all sectors and of all sizes.

Read More

Topics: Compliance, GDPR

Infosec Report Card: Must concentrate better, but don't stop talking

Posted by: Ed Macnair  /  09 June 2017 10:00:00 BST


Infosec Europe is undoubtedly one of the biggest trade shows in the calendar, and again it demonstrated its gravitational force this week with what I’m told are record numbers getting sucked into its orbit to discover how to better protect organisations from tougher and more complex cyber threats.

This morning, beyond the crusty walls of Olympia - back in the real world - a new UK government prepares to assemble, and the importance of cyber-related security to its policy program has never been so crucial. Spare a thought for the challenges they face.

Read More

Cyclonic information overload... Or clarity at last?

Posted by: Ed Macnair  /  07 June 2017 09:58:00 BST

After my rant about the general lack of coherence in the info security industry, I thought I’d accept my own challenge and see what I could make of the first day’s action here at Infosec 2017.

Read More

Topics: Multi-factor Authentication, CASB, Email security, web filtering

Coherence is the order of the day...

Posted by: Ed Macnair  /  06 June 2017 09:58:00 BST

I’ve got a challenge for anyone visiting this week’s Infosec Show: Spend two hours here, and then try and sum it up in 20 seconds. I’m offering a prize for anyone that does a good job - just drop by our stand, give me your thoughts in 20 seconds and I’ll see what we’ve got in the goody bag. At the very least, I’ll buy you a coffee - I’d be interested to hear what you’re thinking.

Read More

Topics: Multi-factor Authentication

Achtung! Schatten-IT - so bringen Sie Licht ins Dunkel

Posted by: Alex Kurz  /  02 June 2017 09:30:00 BST

Das Vertrauen der deutschen Wirtschaft in digitale Infrastrukturen ist Fluch und Segen zugleich. Auch wenn dieser Ansatz uns an die Spitze des technischen Fortschritts bringt und die Art und Weise, wie wir unsere Arbeit tun, in positiver Weise beeinflusst, ergibt sich daraus auch zwangsläufig eine größere Angriffsfläche für Cyberattacken. Für IT-Abteilungen wird es dadurch immer schwieriger den Überblick zu behalten. Im „digitalen Dschungel“ tummeln sich jede Menge Computer, Laptops und auch private Mobilgeräte, die Mitarbeiter am Arbeitsplatz nutzen (BYOD, Bring Your Own Device), um sowohl auf interne Daten als auch auf externe Cloud-Anwendungen zuzugreifen. Speziell die Zugriffe auf externe Dienste sind für den IT-Verantwortlichen aber nicht immer bekannt.

Read More

Topics: Cloud Application Control, Schatten-IT

The Heads Up: Shadow IT - Light Up The Dark Side

Posted by: Alex Kurz  /  02 June 2017 09:00:00 BST


Digital infrastructures can be both a curse and a blessing. They allow us to progress technically and positively influence the way in which we work, but can inevitably make organizations more vulnerable to cyber attacks and also make it increasingly difficult for IT teams to control. In the ‘digital jungle’, computers, laptops and private mobile devices (BYOD – bring your own device) are used to access both internal data and external cloud applications. However, which external services are being accessed? This is not always obvious to the IT team.

Read More

Topics: Cloud Application Control, Shadow IT

Antiviren-Software zum Schutz vor Ransomware … die Definition von Wahnsinn?

Posted by: Alex Kurz  /  16 May 2017 13:54:44 BST

In Bezug auf den kürzlich erfolgten globalen Ransomware-Angriff hielten wir es für eine gute Idee, diesen Blog vom 18. April aus dem Englischen zu übersetzen und auch hier zu posten.

Die Geschwindigkeit, mit der sich Ransomware verbreitet, ist überwältigend. Das SonicWall Global Response Intelligence Defense (GRID) Network hat 2015 etwa 3,8 Millionen Angriffe verzeichnet. Im vergangenen Jahr stieg diese Zahl auf 638 Millionen Attacken an. Sie haben richtig gelesen – 638 Millionen! Das sind gut 167 Mal so viele Angriffe wie 2015. Wow! Dabei liegen die Gründe für diese Entwicklung auf der Hand. Es ist ein sehr profitables Geschäft! Ransomware ist eine Klasse von Schadprogrammen, die Ihre Daten verschlüsseln und „Lösegeld“ für die Entschlüsselung verlangen. Die moderne Version von „Geld oder Leben!“ sozusagen.

Was ist also die Antwort? Antiviren-Software, Antiviren-Software und noch mehr Antiviren-Software?

Read More

Topics: Cloud Application Control, Email security, Ransomware, Unified Security Service, Secure Web Gateway