Losing sight of the biggest cause of security breaches isn’t surprising when there are often more column inches in theRead more
Cybersecurity is all about protecting digital assets from unauthorized access and attacks. In today’s digital age, safeguarding sensitive information isRead more
ESG (Environmental, Social, and Governance) policies tend to be viewed as being predominantly concerned with climate change and the socialRead more
In this podcast episode, Philippa Jefferies is joined by Alex Leadbeater, Chair of ETSI TC Cyber, David Boswarthick, Director ofRead more
Bias in artificial intelligence (AI) is one of the technology’s most prominent issues. Stories of AI repeating and even exaggeratingRead more
Supply chain attacks are on the increase. The SANS Institutes supply chain security webcast states that as of today there is aRead more
Introduction There is ever increase in security breaches resulting in serious business implications despite the proliferation and sophistication of securityRead more
In the last few years, many large businesses have overhauled their approach to cyber security. The rise of remote working forced them to bring forward long-planned upgrades to both security technology and processes, resulting in far better data security across the board.
On paper it seems like very good news, but it isn’t necessarily for everyone. Why? Because the majority of cyber criminals are opportunists looking for the quickest and easiest way to make the maximum amount of money possible from victims. Consequently, they tend to target larger businesses that have more assets for exploitation. However, as these large businesses continue to shore up their cyber defences, cyber criminals have started looking elsewhere for easier targets, and many of them are turning their attention to lesser protected mid-market enterprises instead.
Shadow APIs (Application Programming Interfaces) are now the biggest threat facing API security today. Analysis of more than 20 billion transactions from the first half of 2022 found 16.7 billion of these were malicious in nature and the majority (5 billion) were against unknown, unmanaged and unprotected APIs, more commonly referred to as Shadow APIs.Read more
Security is a real concern among consumers when it comes to the Internet of Things (IoT) which have time and again succumbed to a litany of attacks due to poor protection mechanisms and vulnerabilities. Yet vendors remain slow to implement the 13 guidelines contained in the UK DCMS Secure by Design Code of Conduct published way back in 2018 and which aligns with the international standard ETSI EN 303-645.
To help boost uptake, the UK Department for Culture, Media and Sport put out a tender to the industry to devise a scheme that would incentivise manufacturers to demonstrate proactive security compliance to customers. The result was the IASME scheme which offers three levels of compliance – Basic, Silver and Gold – in a bid to encourage the industry to take action. Those meeting the criteria can then display the associated badge on their products, reassuring customers. It’s the carrot, if you will, ahead of the legislation expected to be brought in next year under the Product Security and Telecommunications Infrastructure (PSTI) Bill.