Information security is often an afterthought in an organisation’s planning and spending. And as a subset of that, Governance, Risk and Compliance (GRC) struggles to get the high-level attention it needs. In part this stems from the fact that GRC activities have traditionally been spread around various departments and functions within the organisation, with no overall control or strategy. There… Read more »
Healthcare organisations globally are facing the same issues. Data breaches are increasing whether through the accidental loss of data or as a result of cyber-attacks. Health organisations are responsible for the care of large amounts of personally identifiable information (PII), and data doesn’t get much more personal that when it involves medical records. To complicate matters, medical practices of all… Read more »
If your image of blockchain technology is entirely linked to crypto-currencies like Bitcoin, think again. Patrick Hubbard of SolarWinds explains that the distributed ledger approach of blockchain has applications far beyond payments and financial services. The assurance provided by a shared record, cryptographically certified, is that it offers a high level of trust and authentication without requiring a central authority…. Read more »
Do you worry that there are bad people accessing your networks? If you think your systems have already been compromised you’re going to want to know how and by how much. In this interview, Peter Cohen at MWR Countercept explains the art of threat hunting – a proactive rather than reactive approach that doesn’t rely on the attacker tripping alarms…. Read more »
Do too many small and medium-size enterprises (SMEs) believe that security is something only big firms need to worry about? In this interview, Colin Tankard, managing director of Digital Pathways, explains that, indeed, many firms believe themselves to be too small and uninteresting to attract the attention of hackers. This is in spite of endless headlines about breaches and warning… Read more »
Privacy in the digital realm has become a hot topic. There has always been a debate about the degree to which law enforcement and intelligence agencies should be allowed to snoop on what many of us would consider private communications. But that discussion became supercharged following the leaks by Edward Snowden and now seem to be coming to a head, not… Read more »
Organisations have lots of security these days – but do they have the right security? Is the technology being deployed in the most effective way? Traditionally, the approach has always been one of defence in depth. This has led to organisations investing in a long list of point solutions. There’s always a concern that it’s the wrong technology, or that… Read more »
Open source code – in the form of libraries and frameworks – plays an important role in much of today’s software development. But it’s not without its risks. Many people assume that the open nature of the code means that it is heavily scrutinised and that , according to Linus’ Law, “given enough eyeballs, all bugs are shallow”. But open source… Read more »
» Listen or download now on the podcasts page » Many organisations are centralising and concentrating their cyber-security efforts in Security Operation Centres (SOCs). The aim is to provide a more coherent and comprehensive view of the organisation’s neyworks, and enable a focused and timely response in the event of an attack. But are they doing it right? And will these… Read more »
» Listen or download now on the podcasts page » Mobile apps are increasingly being used by the healthcare industry to provide customers with access to data and services. Your smartphone might even be monitoring the state of your health and sending that information to remote servers for analysis by your healthcare provider. As Stephen McCarney of Arxan Technologies explains in… Read more »