Moving to a more mature security posture?
Intended to be topical and informative, my blog contains lightweight discussions around various Cyber Security issues.
The recent catastrophic BA outage, allegedly caused by an electrical contractor resulting in the total and immediate shutdown of the entire data centre highlighted an interdependency of systems that wasn’t previously known. It was stated that there are around 200 systems used by BA in its operations that are required to work together. This is a surprising number when you think that as a consumer…
Listed as dedicated critical area of Cyber Security in the UK governments “10 Steps to Cyber Security”, Incident Management should be given some attention in your organisation if hasn’t already been. I mentioned recently that the Ipsos Mori Cyber Security Breaches Survey 2017 reported that overall only 11% of all UK business have any formal Incident Management plan in place. According the 10 Steps guidance,…
Because they cannot be 100% accurate the real issue here with biometric systems is something called Type 1 and Type 2 Errors and the so-called Crossover Error Rate. Voice recognition systems themselves are not necessarily “weak” – so the distinction must be made as to how the particular system that HSBC went live with was compromised. Biometrics systems will ultimately fall foul of either not…
As we move forward with our digital lives, complying with the need to “log into” just about anything we touch these days it becomes increasingly difficult to maintain a high degree of password hygiene. There are those incredibly disciplined people amongst us that can perform effective Password Management in their head, and then there are the rest of us that well, can’t. I have previously recommended…
Already being hailed as the largest ransomware outbreak in history, it has been reported by the BBC that over 150 countries have already been infected by the WannaCry ransomware. Allegedly stolen from US intelligence as part of a large collection of leaks, a so-called zero-day vulnerability was weaponised into a strain of ransomware – with the capability to spread without human interaction, a so-called worm….
Last week I gave some tips on methods to create a strong password, however these may not be suitable if you have a large number of passwords to manage. In this scenario making use of a Password Manager may be appropriate. Best practice would be to have a different and complex password for everything (such as a website) that you would log into. However, very…
Follows are some tips on how you can create a a strong password. Some might be obvious, other not so… Your passwords belong to you, no-one else – don’t share your passwords! Regardless of complexity, don’t write your passwords down. (To this day I still see passwords on Post-IT notes and whiteboards!) The longer the password, the harder it is to crack, 8 characters should…
The Cyber Security Breaches Survey 2017 brings us up-to-speed with the latest findings across UK businesses. Recently published by Ipsos MORI, it is an in-depth survey across 1,500 Micro to Large-sized businesses. Offering great insight into how other businesses have fared with Incident Management and their impressions of Cyber Security over the past year, it is recommended reading to provide some context to your own…
Wonga, the pay-day loan company has become the latest high-profile company to become the victim of a data breach, affecting over 250,000 of their customers. Whilst the specifics of the hack are still unknown Wonga have said that personal data accessed “may have included one or more of the following: name, e-mail address, home address, phone number, the last four digits of your card number…
In my experience this is an area around which the Channel Islands have been generally slow to adopt a stronger security posture, and whilst the threats surrounding Data Leakage were as valid then as they are today, it is surprising that only 21% of UK businesses have a formal policy around what can be stored on removable/USB devices, a figure published in the Cyber Security…
