GDPR – What Happened

gdpr what happened

GDPR (General Data Protection Regulation) officially came into force across the European Union on 25th May2018, with the aim of updating laws and obligations around personal data and ensuring they are fit for the digital age. Organisations had plenty of warning and years to prepare for GDPR. However, many appeared to end up in a …

Read More

Mozilla to Take Action on Web Trackers

Mozilla to Take Action on Web Trackers

KRYPSYS has long been a supporter of Mozilla Foundation and the Firefox Browser, so we were pleasedto hear that Mozilla has announced its intention to reduce the ability of websites to track the browsing habits of users of the Firefox browser. Backing up its decision at the back end of 2018, Mozilla is taking initial …

Read More

Cyber Security View 2018

Cyber Security 2018

Cyber security is becoming a top priority for UK businesses as the attack landscape continues to grow.Cyber-attacks are constantly improving and diversifying, putting UK businesses at increasing risk. Ransomware and Crypto-Mining During the previous 12 months ransomware attacks such as WannaCry have been a persistent threat to organisations and it’s becoming more common for businesses …

Read More

Why do I Need Threat Intelligence?

Why do I Need Threat Intelligence

What is Threat Intelligence? As you may imagine, there are a number of popular definitions.According to Gartner – Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace …

Read More

Will BA be the GDPR’s First High-Profile Victim

Will BA be the GDPR’s First High-Profile Victim

The latest changes to General Data Protection Regulation, or GDPR, states that organisations must report any breach withinthree days of its occurrence. In the case of British Airways, it took them just 24 hours to report that they had been victims of a cyber-security breach between the 21st of August and the 5th of September. …

Read More

Improving Information Risk Management

Improving Information Risk Management

Almost every organisation in the modern day relies on technology, systems and information in some way to support their business. It is vital that a business applies the same level of scrutiny when assessing risks to their systems and information assets as they would when assessing risks with a material impact such as regulatory, financial …

Read More

Ten Internet Privacy Tips

Ten Internet Privacy Tips

With internet privacy becoming a hot topic in 2018 more people than ever are concerned about protecting themselves online.ere are ten tips to help you keep yourself safe on the internet. 1) Don’t forget to log out Logging out of your accounts such as social media and online banking after using them is a quick …

Read More

Do I Need a Web Application Firewall

Do I Need a Web Application Firewall

It’s likely that your company has a web presence which gives your customers the ability to interact with your web sites through web applications that service their requests. Whilst this is great for them, it also gives potential attackers an opportunity to interact with you as well. In 2017 around 40% of all data breaches …

Read More

UPnP – Please Just Turn it Off

UPnP Please Just Turn it Off

Universal Plug ‘n’ Play, a KRYPSYS favourite hot button, has recently been identified as facilitating larger denial-of-serviceattacks. Industry researchers observed suspect traffic from UPnP implementations, while analysing a Simple Service Discovery Protocol (SSDP) amplification attack during April 2018. They spotted that while some of the attack packets were coming from familiar UDP ports, others were …

Read More

What to Look for in a Pen Testing Company

What to Look for in a Pen Testing Company

Cybercriminals and penetration testing companies have a lot in common. Both search for vulnerabilities in your infrastructure; however, whilst the former may be looking to exploit these vulnerabilities in a way that would be detrimental to your business, the aim of the latter is to support you to better protect your company and its customers. …

Read More

Anonymisation vs Pseudonymisation

Anonymisation vs Pseudonymisation

The privacy enhancing techniques of ‘anonymisation’ or ‘pseudonymisation’ of data are recognised by the GDPR and candiminish some of the more onerous provisions of the regulations.  Preventing or reducing the likelihood that personal data can be tracked back to the original owner can allow companies to use such information freely, or at least under different …

Read More

Cyber Security and GDPR

Cyber Security and GDPR

A saying, especially appropriate for GDPR, states that “there is no privacy without security” (not necessarily vice versa). Technical security measures are mentioned several times throughout the GDPR text. The GDPR does not, however, specify any particular security technology as mandatory although a some methods are suggested as optional solutions in some cases. The choice of …

Read More

Cloud Security Checklist

Cloud Security Checklist

Cloud computing is well on track to increase from $67B in 2015 to $162B in 2020 which is a compound annual growth rate of 19%. Cloud platforms are enabling new, complex global business models and are giving small & medium businesses access to best of breed, scalable business solutions and infrastructure. Moving to cloud presents …

Read More

Cyber Security Management Trends for 2018

Cyber Security Management Trends for 2018

According to our customers and security commentators here are some major trends that will be a feature of Cyber SecurityManagement in 2018. Cyber Security Resource Shortage The shortage of cybersecurity-skilled individuals will continue to be problem during 2018. Globally, many thousands of cybersecurity roles remained unfilled during 2017. Based on the numbers of qualified and …

Read More

Is Encryption Mandatory for GDPR Compliance?

Is Encryption Mandatory for GDPR Compliance

Most people in the Information Security/Data Governance world at the moment are consumed with thenew General Data ProtectionRegulations (GDPR) which come into force on May 25th, 2018. The changes it brings are significant and will have an impact on every UK citizen. This article is not going to explain the multitude of changes or cringe …

Read More