The latest changes to General Data Protection Regulation, or GDPR, states that organisations must report any breach withinthree days of its occurrence. In the case of British Airways, it took them just 24 hours to report that they had been victims of a cyber-security breach between the 21st of August and the 5th of September. …
Almost every organisation in the modern day relies on technology, systems and information in some way to support their business. It is vital that a business applies the same level of scrutiny when assessing risks to their systems and information assets as they would when assessing risks with a material impact such as regulatory, financial …
With internet privacy becoming a hot topic in 2018 more people than ever are concerned about protecting themselves online.ere are ten tips to help you keep yourself safe on the internet. 1) Don’t forget to log out Logging out of your accounts such as social media and online banking after using them is a quick …
It’s likely that your company has a web presence which gives your customers the ability to interact with your web sites through web applications that service their requests. Whilst this is great for them, it also gives potential attackers an opportunity to interact with you as well. In 2017 around 40% of all data breaches …
Universal Plug ‘n’ Play, a KRYPSYS favourite hot button, has recently been identified as facilitating larger denial-of-serviceattacks. Industry researchers observed suspect traffic from UPnP implementations, while analysing a Simple Service Discovery Protocol (SSDP) amplification attack during April 2018. They spotted that while some of the attack packets were coming from familiar UDP ports, others were …
Cybercriminals and penetration testing companies have a lot in common. Both search for vulnerabilities in your infrastructure; however, whilst the former may be looking to exploit these vulnerabilities in a way that would be detrimental to your business, the aim of the latter is to support you to better protect your company and its customers. …
The privacy enhancing techniques of ‘anonymisation’ or ‘pseudonymisation’ of data are recognised by the GDPR and candiminish some of the more onerous provisions of the regulations. Preventing or reducing the likelihood that personal data can be tracked back to the original owner can allow companies to use such information freely, or at least under different …
A saying, especially appropriate for GDPR, states that “there is no privacy without security” (not necessarily vice versa). Technical security measures are mentioned several times throughout the GDPR text. The GDPR does not, however, specify any particular security technology as mandatory although a some methods are suggested as optional solutions in some cases. The choice of …
Cloud computing is well on track to increase from $67B in 2015 to $162B in 2020 which is a compound annual growth rate of 19%. Cloud platforms are enabling new, complex global business models and are giving small & medium businesses access to best of breed, scalable business solutions and infrastructure. Moving to cloud presents …
According to our customers and security commentators here are some major trends that will be a feature of Cyber SecurityManagement in 2018. Cyber Security Resource Shortage The shortage of cybersecurity-skilled individuals will continue to be problem during 2018. Globally, many thousands of cybersecurity roles remained unfilled during 2017. Based on the numbers of qualified and …
Most people in the Information Security/Data Governance world at the moment are consumed with thenew General Data ProtectionRegulations (GDPR) which come into force on May 25th, 2018. The changes it brings are significant and will have an impact on every UK citizen. This article is not going to explain the multitude of changes or cringe …
Do you need penetration test to comply with GDPR? The GDPR requires that you assess applications and criticalinfrastructurefor security vulnerabilities and that the effectiveness of your security controls are tested regularly. Services such as penetration testing and regular vulnerability assessments will help meet this requirement. The GDPR brings a number of changes including breach reports being legally required within …
The GDPR requires that “Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures …
BYOD policies have become a common fixture, particularly in larger organisations, and seem set to stay. Despite concerns about security breaches, governance issues, device management and a range of other possible complications, businesses’ perception seems to be that the benefits outweigh the potential issues. Indeed, a recent survey of BYOD trends revealed that adoption rates …
Next year (2018) on the May 25th, the General Data Protection Regulation (GDPR) will go into effect. Your company, and every other company around the world should, by now, have a good idea of how it will affect your business. If you don’t know or think that it doesn’t affect you because you’re not a …