Cybersecurity Threats Faced by Small Businesses Expanding Online

It is an exciting prospect to move your business to the online space, but while you will have the chance to reach more customers, you will also need to understand the very possible chance of a data breach or other cybercrime. It only takes one incident to cause your company a world of trouble, and you don’t want to start your expansion off on the wrong foot.

Read more

IoT Regulation: The Carrot and the Stick

Security is a real concern among consumers when it comes to the Internet of Things (IoT) which have time and again succumbed to a litany of attacks due to poor protection mechanisms and vulnerabilities. Yet vendors remain slow to implement the 13 guidelines contained in the UK DCMS Secure by Design Code of Conduct published way back in 2018 and which aligns with the international standard ETSI EN 303-645.
To help boost uptake, the UK Department for Culture, Media and Sport put out a tender to the industry to devise a scheme that would incentivise manufacturers to demonstrate proactive security compliance to customers. The result was the IASME scheme which offers three levels of compliance – Basic, Silver and Gold – in a bid to encourage the industry to take action. Those meeting the criteria can then display the associated badge on their products, reassuring customers. It’s the carrot, if you will, ahead of the legislation expected to be brought in next year under the Product Security and Telecommunications Infrastructure (PSTI) Bill.

Read more

Superintelligence Will Not Be Controlled

The invention of Artificial Intelligence will shift the trajectory of human civilization. But to reap the benefits of such powerful technology – and to avoid the dangers – we must be able to control it. Currently we have no idea whether such control is even possible. My view is that Artificial Intelligence  – and specifically its more advanced version, Artificial Super Intelligence– could never be fully controlled.  

Read more

Boosting Suricata with Next Gen Deep Packet Inspection

Intrusion Detection / Intrusion Prevention Systems (IDS/IPS) play an essential role in cybersecurity by detecting and blocking threats that have penetrated endpoint and perimeter defenses.
Open-source Suricata is one of the most widely deployed IDS/IPS, developed and maintained by the Open Information Security Foundation (OISF), a community-run non-profit foundation. It is used by enterprises and public organizations to protect networks, by consultants to provide cybersecurity services, and by vendors who build more comprehensive commercial cybersecurity solutions on top of Suricata.

Read more

Cybersecurity in Telehealth: Protecting Your Information as a Patient

The use of telehealth has grown by leaps and bounds since the arrival of COVID-19. The pandemic made many in the medical profession realize that not everyone has the ability to leave their home to get quality care. The good news is that the tech has evolved greatly during this time, and now you can do just about everything from discussing symptoms to getting a prescription filled over the computer.
However, as with anything digital, there is a risk of cybercrime. Hackers can breach telehealth platforms and listen in on your conversations or steal the information that you input during the consultation. As a patient, it is your right to be protected, so we have some advice about your rights and how to be smart when accessing telehealth platforms.

Read more

Security and Observability for Cloud Native Platforms Part 3

Monitoring and observability are essential for Kubernetes runtime security, i.e., protection of containers (or pods) against active threats once the containers are running.
Monitoring is a predefined set of measurements in a system that are employed to detect the deviations from a normal range. Kubernetes can monitor a variety of data types (Pod logs, Network flow logs, Application flow logs and Audit logs) and metrics (Connections per second, Packets per second, Application requests per second and CPU and memory utilization). These logs and metrics are utilized to identify known failures and provide detailed information to resolve the issue.

Read more

The Complete Guide to Data Security for Omnichannel Retailers

The retail sector is rapidly digitizing. As consumers push for seamless online experiences, many retailers have embraced an omnichannel approach to marketing and sales. Retailers are considered omnichannel when they incorporate several different methods of shopping such as an online shop, a physical store and excepting phone sales. While this shift has many business advantages, data security for omnichannel retailers often falls short — and retail cyber attacks grow.
Omnichannel strategies aim to provide a consistent experience across in-store, social media and online shop interactions on all devices. Businesses employing them retain 89% of their customers, so omnichannel is quickly becoming the norm. However, these strategies’ cybersecurity challenges become more concerning as retail data security issues rise.

Read more

Security and Observability for Cloud Native Platforms Part 2

There are several possible routes to attacking a containerized deployment, and one way to map them is to think of the potential attack vectors at each stage of a container’s life cycle.
The life cycle starts with the application code written by a developer. This code, as well as the third-party dependencies on which it relies, may contain flaws known as vulnerabilities. There are thousands of vulnerabilities that have been published, and if they exist in an application, an attacker may have the ability to exploit them. Examples of vulnerabilities are secret exposure and application (including CNF microservices) traffic in plane text, which can be intercepted and altered.

Read more

The CFO and Cybersecurity – An Essential Partnership

It’s time the CFO got involved in cybersecurity. Remote working has opened vast possibilities for cyber-attackers to access financial data and processes, spreading risk factors well beyond the borders of the IT department.
Everything can be done, and is, on the internet these days, thanks to the global pandemic.

Read more