Improving Information Risk Management

by
Improving Information Risk Management

Almost every organisation in the modern day relies on technology, systems and information in some way to support their business. It is vital that a business applies the same level of scrutiny when assessing risks to their systems and information assets as they would when assessing risks with a material impact such as regulatory, financial …

Read More

Ten Internet Privacy Tips

by
Ten Internet Privacy Tips

With internet privacy becoming a hot topic in 2018 more people than ever are concerned about protecting themselves online.ere are ten tips to help you keep yourself safe on the internet. 1) Don’t forget to log out Logging out of your accounts such as social media and online banking after using them is a quick …

Read More

Do I Need a Web Application Firewall

by
Do I Need a Web Application Firewall

It’s likely that your company has a web presence which gives your customers the ability to interact with your web sites through web applications that service their requests. Whilst this is great for them, it also gives potential attackers an opportunity to interact with you as well. In 2017 around 40% of all data breaches …

Read More

UPnP – Please Just Turn it Off

by
UPnP Please Just Turn it Off

Universal Plug ‘n’ Play, a KRYPSYS favourite hot button, has recently been identified as facilitating larger denial-of-serviceattacks. Industry researchers observed suspect traffic from UPnP implementations, while analysing a Simple Service Discovery Protocol (SSDP) amplification attack during April 2018. They spotted that while some of the attack packets were coming from familiar UDP ports, others were …

Read More

What to Look for in a Pen Testing Company

by
What to Look for in a Pen Testing Company

Cybercriminals and penetration testing companies have a lot in common. Both search for vulnerabilities in your infrastructure; however, whilst the former may be looking to exploit these vulnerabilities in a way that would be detrimental to your business, the aim of the latter is to support you to better protect your company and its customers. …

Read More

Anonymisation vs Pseudonymisation

by
Anonymisation vs Pseudonymisation

The privacy enhancing techniques of ‘anonymisation’ or ‘pseudonymisation’ of data are recognised by the GDPR and candiminish some of the more onerous provisions of the regulations.  Preventing or reducing the likelihood that personal data can be tracked back to the original owner can allow companies to use such information freely, or at least under different …

Read More

Cyber Security and GDPR

by
Cyber Security and GDPR

A saying, especially appropriate for GDPR, states that “there is no privacy without security” (not necessarily vice versa). Technical security measures are mentioned several times throughout the GDPR text. The GDPR does not, however, specify any particular security technology as mandatory although a some methods are suggested as optional solutions in some cases. The choice of …

Read More

Cloud Security Checklist

by
Cloud Security Checklist

Cloud computing is well on track to increase from $67B in 2015 to $162B in 2020 which is a compound annual growth rate of 19%. Cloud platforms are enabling new, complex global business models and are giving small & medium businesses access to best of breed, scalable business solutions and infrastructure. Moving to cloud presents …

Read More

Cyber Security Management Trends for 2018

by
Cyber Security Management Trends for 2018

According to our customers and security commentators here are some major trends that will be a feature of Cyber SecurityManagement in 2018. Cyber Security Resource Shortage The shortage of cybersecurity-skilled individuals will continue to be problem during 2018. Globally, many thousands of cybersecurity roles remained unfilled during 2017. Based on the numbers of qualified and …

Read More

Is Encryption Mandatory for GDPR Compliance?

by
Is Encryption Mandatory for GDPR Compliance

Most people in the Information Security/Data Governance world at the moment are consumed with thenew General Data ProtectionRegulations (GDPR) which come into force on May 25th, 2018. The changes it brings are significant and will have an impact on every UK citizen. This article is not going to explain the multitude of changes or cringe …

Read More

Do You Need Penetration Test for the GDPR?

by
Do You Need Penetration Test for the GDPR

Do you need penetration test to comply with GDPR? The GDPR requires that you assess applications and criticalinfrastructurefor security vulnerabilities and that the effectiveness of your security controls are tested regularly.  Services such as penetration testing and regular vulnerability assessments will help meet this requirement. The GDPR brings a number of changes including breach reports being legally required within …

Read More

Security Requirements of the GDPR

by
Security Requirements of the GDPR

The GDPR requires that “Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures …

Read More

The Latest Trends in BYOD

by
The Latest Trends in BYOD

BYOD policies have become a common fixture, particularly in larger organisations, and seem set to stay. Despite concerns about security breaches, governance issues, device management and a range of other possible complications, businesses’ perception seems to be that the benefits outweigh the potential issues. Indeed, a recent survey of BYOD trends revealed that adoption rates …

Read More