Web application security is, or should be, high on the agenda for any web-based business. The very nature of the Internet exposes web sites to attack from any location on the planet potentially leading to a data breach. A data breach is a general term referring to unauthorised access of sensitive or confidential information and …
The proportion of smartphone use, and time spent online using a phone or tablet compared to a laptop or desktop PC continues to increase. That being the case you would think that the kind of security-aware practices adopted by laptop and desktop users more than a decade ago would also now be standard practice for …
1. Don’t underestimate the risks The cybersecurity landscape is continually changing.What was low risk today could be high risk tomorrow. New malware may appear or a service that you use may get hacked or your password can be stolen. Update your risk security assessments frequently and stay abreast of emerging threats. 2. Don’t click on …
A bug bounty program is a managed administrative mechanism for reporting bugs to organisations involved in software development.Whilst any software bugs could be reported, in practice, bug bounty programs are normally focused on the discovery of security vulnerabilities and exploits. Many programs provide recognition and, sometimes significant, monetary compensation for security researchers who discover previously …
If you are an executive, manager or business owner, you will have heard of firewalls and you probably think you need one, but if you’re not particularly technical, do you actually know what a firewall does and how it protects your organisation’s computer systems? Firewalls have been our primary defence in computer security for more …
Recent announcements by both Mozilla Firefox and Google Chrome, have put DNS privacy into the spotlight.Changes in how DNS privacy is handled is a major change to the way the internet works but is little understood by the average user. So, what is DNS privacy and DNS over HTTPS and what effect will it have …
Ransomware is a rapidly increasing risk to businesses and organisations around the world.Although there are arguably now fewer ransomware attacks against consumers, attacks against organisations are clearly increasing. A report by Malwarebytes indicates that there has been a +300% increase in ransomware attacks on businesses in the first half 2019. There has also been a …
If you followed our previous article about whether ISO 27001 will benefit your organisation, you may, by now, have evaluated your strategic security goals and hopefully have a better idea of whether ISO 27001 might help you. For a little extra help with your decision about whether or not to get certified, let’s look at …
The ISO 27001 standard is now becoming the de facto standard for information security management.It offers a well-known framework to implement industry best practices in areas such as physical and technical security as well as security incident management. But is ISO 27001 certification worth the trouble? Will it make a difference for your organisation? ISO …
GDPR (General Data Protection Regulation) officially came into force across the European Union on 25th May2018, with the aim of updating laws and obligations around personal data and ensuring they are fit for the digital age. Organisations had plenty of warning and years to prepare for GDPR. However, many appeared to end up in a …
KRYPSYS has long been a supporter of Mozilla Foundation and the Firefox Browser, so we were pleasedto hear that Mozilla has announced its intention to reduce the ability of websites to track the browsing habits of users of the Firefox browser. Backing up its decision at the back end of 2018, Mozilla is taking initial …
Cyber security is becoming a top priority for UK businesses as the attack landscape continues to grow.Cyber-attacks are constantly improving and diversifying, putting UK businesses at increasing risk. Ransomware and Crypto-Mining During the previous 12 months ransomware attacks such as WannaCry have been a persistent threat to organisations and it’s becoming more common for businesses …
What is Threat Intelligence? As you may imagine, there are a number of popular definitions.According to Gartner – Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace …
The latest changes to General Data Protection Regulation, or GDPR, states that organisations must report any breach withinthree days of its occurrence. In the case of British Airways, it took them just 24 hours to report that they had been victims of a cyber-security breach between the 21st of August and the 5th of September. …
Almost every organisation in the modern day relies on technology, systems and information in some way to support their business. It is vital that a business applies the same level of scrutiny when assessing risks to their systems and information assets as they would when assessing risks with a material impact such as regulatory, financial …