Are humans still the weak link in the Cyber Security chain?

Posted by: Alex Kurz  /  09 August 2017 09:45:00 BST

I think the answer has got to be a resounding yes.

There will always be black swans and sheep that roll across the cattle grid to freedom and suicidal kangaroos that continue to be killed on the roads in Australia. In any type of environment users will be ingenious and sidestep governance and red-tape to get the job done, and there will always be users that despite how much you tell them not to, will commit suicide by uploading the secret sauce to the Web.

Read More

Topics: CensorNet, Unified Security Service, Cyber Security

Sharing Our GDPR Journey

Posted by: Ed Macnair  /  17 July 2017 09:51:57 BST

The 25th of May 2018. For many, that date will have registered little interest when the first official draft of the EU General Data Protection Regulation was published back in 2012. 


The date, and what it would bring, was something to be aware of but too far away to interfere with other, more pressing concerns. Fast-forward to 2016, when the final draft was approved by the EU Parliament, and the speck on the horizon had grown to a more sizeable blob. There was a sudden shift in attitude and the date became a concern for all businesses in all sectors and of all sizes.

Read More

Topics: Compliance, GDPR

Infosec Report Card: Must concentrate better, but don't stop talking

Posted by: Ed Macnair  /  09 June 2017 10:00:00 BST

 

Infosec Europe is undoubtedly one of the biggest trade shows in the calendar, and again it demonstrated its gravitational force this week with what I’m told are record numbers getting sucked into its orbit to discover how to better protect organisations from tougher and more complex cyber threats.

This morning, beyond the crusty walls of Olympia - back in the real world - a new UK government prepares to assemble, and the importance of cyber-related security to its policy program has never been so crucial. Spare a thought for the challenges they face.

Read More

Cyclonic information overload... Or clarity at last?

Posted by: Ed Macnair  /  07 June 2017 09:58:00 BST

After my rant about the general lack of coherence in the info security industry, I thought I’d accept my own challenge and see what I could make of the first day’s action here at Infosec 2017.

Read More

Topics: Multi-factor Authentication, CASB, Email security, web filtering

Coherence is the order of the day...

Posted by: Ed Macnair  /  06 June 2017 09:58:00 BST

I’ve got a challenge for anyone visiting this week’s Infosec Show: Spend two hours here, and then try and sum it up in 20 seconds. I’m offering a prize for anyone that does a good job - just drop by our stand, give me your thoughts in 20 seconds and I’ll see what we’ve got in the goody bag. At the very least, I’ll buy you a coffee - I’d be interested to hear what you’re thinking.

Read More

Topics: Multi-factor Authentication

Achtung! Schatten-IT - so bringen Sie Licht ins Dunkel

Posted by: Alex Kurz  /  02 June 2017 09:30:00 BST

Das Vertrauen der deutschen Wirtschaft in digitale Infrastrukturen ist Fluch und Segen zugleich. Auch wenn dieser Ansatz uns an die Spitze des technischen Fortschritts bringt und die Art und Weise, wie wir unsere Arbeit tun, in positiver Weise beeinflusst, ergibt sich daraus auch zwangsläufig eine größere Angriffsfläche für Cyberattacken. Für IT-Abteilungen wird es dadurch immer schwieriger den Überblick zu behalten. Im „digitalen Dschungel“ tummeln sich jede Menge Computer, Laptops und auch private Mobilgeräte, die Mitarbeiter am Arbeitsplatz nutzen (BYOD, Bring Your Own Device), um sowohl auf interne Daten als auch auf externe Cloud-Anwendungen zuzugreifen. Speziell die Zugriffe auf externe Dienste sind für den IT-Verantwortlichen aber nicht immer bekannt.

Read More

Topics: Cloud Application Control, Schatten-IT

The Heads Up: Shadow IT - Light Up The Dark Side

Posted by: Alex Kurz  /  02 June 2017 09:00:00 BST

 

Digital infrastructures can be both a curse and a blessing. They allow us to progress technically and positively influence the way in which we work, but can inevitably make organizations more vulnerable to cyber attacks and also make it increasingly difficult for IT teams to control. In the ‘digital jungle’, computers, laptops and private mobile devices (BYOD – bring your own device) are used to access both internal data and external cloud applications. However, which external services are being accessed? This is not always obvious to the IT team.

Read More

Topics: Cloud Application Control, Shadow IT

Antiviren-Software zum Schutz vor Ransomware … die Definition von Wahnsinn?

Posted by: Alex Kurz  /  16 May 2017 13:54:44 BST

In Bezug auf den kürzlich erfolgten globalen Ransomware-Angriff hielten wir es für eine gute Idee, diesen Blog vom 18. April aus dem Englischen zu übersetzen und auch hier zu posten.

Die Geschwindigkeit, mit der sich Ransomware verbreitet, ist überwältigend. Das SonicWall Global Response Intelligence Defense (GRID) Network hat 2015 etwa 3,8 Millionen Angriffe verzeichnet. Im vergangenen Jahr stieg diese Zahl auf 638 Millionen Attacken an. Sie haben richtig gelesen – 638 Millionen! Das sind gut 167 Mal so viele Angriffe wie 2015. Wow! Dabei liegen die Gründe für diese Entwicklung auf der Hand. Es ist ein sehr profitables Geschäft! Ransomware ist eine Klasse von Schadprogrammen, die Ihre Daten verschlüsseln und „Lösegeld“ für die Entschlüsselung verlangen. Die moderne Version von „Geld oder Leben!“ sozusagen.

Was ist also die Antwort? Antiviren-Software, Antiviren-Software und noch mehr Antiviren-Software?

Read More

Topics: Cloud Application Control, Email security, Ransomware, Unified Security Service, Secure Web Gateway

Top Tips for Users to Keep Company Networks Safe

Posted by: Jakob Østergaard  /  15 May 2017 17:01:30 BST

As I’m sure you already know, Friday, 15 May, saw the beginning of a global ransomware attack, hitting hundreds of thousands of businesses around the world. Like most companies, we have taken stock of the situation and sent some simple instructions to our staff so that we can avoid becoming infected.


We would like to share these with you, but before we do that, we cannot stress highly enough the importance of having a good email scanning system in place to avoid malicious content ending up mailboxes and web filters to block dangerous sites in your browsers.

Read More

Topics: Web Security, Email security, Ransomware, anti-virus, anti-malware, malware

The Heads Up: Solving Ransomware with AV...the definition of insanity?

Posted by: Alex Kurz  /  18 April 2017 10:00:00 BST

 

In the light of the recent global ransomware cyber attack, we felt it appropriate to repost this blog for your information. The original post was dated 18 April, 2017.

The speed at which ransomware is proliferating is mind blowing. In 2015, SonicWall’s Global Response Intelligence Grid recorded around 3.8 million attacks. By last year, that had grown to 638 million. Yes, you read it right – 638 million! That’s a staggering 167 times the number of attacks in 2015. Wow! And it’s easy to see why. Ransomware is particularly profitable for hackers. It’s a nasty type of malware that holds your data hostage by encrypting it and then asking you to pay for a decryption key. Stand and deliver on steroids.

So, what’s the answer? AV, AV and more AV?

Read More

Topics: Cloud Application Control, Email security, Ransomware, Unified Security Service, Secure Web Gateway