With so many potential demands on a limited Information Security budget, is Security Awareness training a good investment? It’s something that has been debated in companies for years and will be for years to come. […]
The UK Government have announced a new scheme to protect small businesses from cyber attacks. Yesterday, Digital Economy Minister Ed Vaizey outlined a new voucher scheme designed specifically to help small and medium-sized businesses (SMEs) as part of a package of measures to improve the UK’s cyber security resilience. The package also includes a new online learning and careers hub to help ensure the UK has the cyber skills talent pool to protect both the public and private sectors as we face the reality of increasing cyber threats. […]
Just four days after Adobe Systems patched a vulnerability in Flash Player, a malware researchers spotted a drive-by download attack that was exploiting it to install CryptoWall ransomware on the victim’s computer. Further research showed that the exploit was added to the commercial exploit kit called Magnitude and that this has clearly now been adopted by cybercriminals across the world for use in large-scale attacks. […]
Mandiant have recently published their 2015 M-Trends report which highlights the new attack trends they have identified through their role as security incident first responders over the last year. It is an interesting and informative report which is worth a read, and can be found here (registration is required, I’m afraid!). A couple of key points from the report caught my attention, most notably how attackers are exploiting remote access facilities such as VPNs. […]
Data breaches are proliferating, and the associated costs are exploding. According to the Ponemon Institutes’s “2014 Cost of Data Breach Study: United Kingdom” study, the average cost of a data breach has reached in the UK increased from £2.04 to £2.21 million.
Businesses’ general liability policies don’t cover those costly data breaches, which points to cyber insurance being a wise choice. In fact, AON PLC, the world’s largest reinsurance broker, claimed in October 2014 that the cyber insurance market was at the time growing at 38% annually.
However, as a case in the US a bit earlier this year has shown, cyber insurance should not be relied upon as your first line of cyber defence. […]
The National Institute of Standards and Technology (NIST) has released an updated version of its “Guide to Industrial Control Systems (ICS) Security.” The 247-page document provides ICS operators guidance on securing supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). […]
UK newspaper, The Guardian, reports that the UK government is not going to renew support for their aging and now unsupported Windows XP desktop infrastructure. Microsoft withdrew its extended support programme for Windows XP, its 14-year-old operating system, in April 2014. Given the number of Windows XP PCs still being used in government and businesses Read more about UK Government chooses not to renew XP support[…]
Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project. While SSH has been a popular tool for remote login and command execution on many Unix and linux systems for years, Windows has not supported SSH by default, for a variety of reasons. Microsoft has Read more about Microsoft to support SSH in Windows #InfoSec # Crypto[…]