expert. opinion

General

Security experts reveal their predictions for 2022

It is hard to believe that another year is about to pass, and while not quite as unpredictable as last year, 2021 held a lot of its own trials and tribulations – especially for the tech sector. Ransomware has hugely increased this year – in fact, the UK has been ranked number 10 on the list of countries worst affected by ransomware in a new report commissioned by Google – and we are in the eye of the storm of the ‘Great Resignation’, which is hitting the cybersecurity industry hard.
Despite this however, the year has also had its wins. This year the UN declared 2021 the International Year of Peace and Trust, Kamala Harris became the first female and black Vice-President of the United States, and more than 7.5 billion Covid vaccinations (so far) had been administered.
o as we celebrate the winds, wind down, and bring the year to a close, what can we expect from 2022? Cybersecurity Magazine spoke with eight technology experts to find out what they predict for the next 12 months. Here is what they had to say

Read More
General

The Problem with Statistics of Compromised Credentials in the Dark Web

These reports do often include a “shopping list” of Dark Web prices for various types of credentials and many do delve deeper into the details of these findings, often speculating as to why certain things cost as much as they do. However, the reality of the Dark Web is usually much more complex, to the point that quoting credentials volume and price is usually meaningless. Some reports do a better job than others touching on these complexities, but the fact remains that normally only the numbers in the reports – the volumes and prices – are the focus and what only gets quoted, with the full intent of those who wrote the report. But as noted, these numbers are usually meaningless. Here is why, and why you should always take them with a pinch of salt.

Read More
General

International Computer Security Day 2021: A Day to Strengthen Our Cyber Defences

Something that most businesses are beginning to understand is that, in today’s hyper connected age, robust cybersecurity is no longer an option, it’s a necessity.  In the UK alone, 39% of all businesses have suffered a data breach within the past 12 months, and this figure increases substantially for medium (65%) and large enterprises (64%). So, this Computer Security Day, what should organisations be doing to better protect their most valuable assets from cyber threats?

Read More
General

DDoS Attacks on the Educational Sector are Threatening Online Learning

With the onset of Covid, online classes are starting to become a staple of modern learning. Many schools, colleges, and universities remain closed for months due to social distancing. Over 1.2 billion children are out of school globally.
Instead of whiteboards, we’re starting to use digital boards and software such as Miro. Instead of classrooms, we’re using Zoom and Skype calls. And for many, the only way to find out when the next lesson is starting is to look up a digital timetable on a school’s website.
At the same time, online learning infrastructure is largely unprotected. Many local schools or university websites operate under the pretense that they won’t become a DDoS target. And it’s easy to think that way. These platforms are small, they don’t generate a lot of income, if any, and they contribute to a good cause. So who would DDoS them?
and launch a powerful network flood for just a few dollars.

Read More
General

Identity Is the New Black

Identity is a concept that has existed since the dawn of the computer, but identity and its protection is becoming ever more important. Historically the identities we use have been stored and managed in on-premises environments. With cloud computing and the new normal of working from home, identity is now the only parameter that companies and organizations can use to exert control over systems and accesses.
The cloud has made the security of identities an on-going issue for the past 10 years, but increased working from home has made this issue a business critical one.

Read More
General

The Thriving Underground Economy and How It’s Increasing Hacker Capabilities

The spread of ransomware has reached unprecedented levels; every few days, there are headlines about new attacks crippling major companies or organizations. Some of these attacks have resulted in 8 figure ransoms, but the damage caused by downtime and data leaks is much larger than losses to ransoms.
A lot of the profits hackers are raking in get reinvested in enhancing their capability. All of this cash is driving the growth of an increasingly advanced and sophisticated underground economy, and with it, an expansion in hacker capabilities.

Read More
General

Prevention is Better Than Cure: The Ransomware Evolution

With the number and frequency of ransomware attacks increasing, not to mention the innovation in distribution methods, this should be a wake up call for organisations to strengthen their defences. By taking a preventative approach, businesses can take the necessary steps to strengthen their cybersecurity posture. This includes a combination of education, processes, hardware and software to detect, combat and recover from such attacks if they were to arise.

Read More
covid-19General

4 Steps to Creating Effective Post-Pandemic Data Security

Even before the COVID-19 pandemic, enterprise organisations faced seismic shifts in how they meet data privacy and security requirements. Whether due to mandated regulatory controls, ever-evolving digital transformation projects, or changing market conditions, keeping up with data security was like hitting a fast-moving target.
Despite their adaptability to staffers working remotely, however, many organisations remain wedded to outdated security protocols that don’t reflect this new work-from-home reality. If your organisation hasn’t changed data security priorities to keep up with the rapid shift to remote work environments, you may struggle to ensure that remote-work employees are secured and empowered to work from anywhere.

Read More
General

CSA – Cloud Security Framework

A few weeks ago, an article on the new CIS 18 framework was published on this site. CIS is one of the go to frameworks for security assessments, but the cloud has its own set of controls and a framework developed by the Cloud Security Alliance (CSA). They have recently released a new version of their framework as well. This article will introduce the CSA and its security framework.

Read More