Sharing our GDPR Journey: CFO

Sharing our GDPR Journey: CFO

A dual task but also an opportunity to better ourselves When our CEO, Ed, wrote the first blog post in this series he detailed the all consuming nature of the upcoming General Data Protection Regulation. Since then, some time has passed and the hysteria surrounding that May deadline has heightened even further. After all, we’re now well into the final full quarter of preparation time before GDPR, ...
Sharing our GDPR journey - CTO  Changing the definition of personal data

Sharing our GDPR journey - CTO Changing the definition of personal data

2018 is here and, as we leave the Christmas festivities behind us, a regulation six years in the making is about to become a reality… The year of GDPR is finally upon us. By now, we’re all well aware of its aim; to transform the way that European businesses view data in terms of both protection and privacy. And, let’s face it, given that 2017 was a year in which cybercrime thrived - with attacks s...
CensorNet named in the 2017 Gartner Magic Quadrant for Cloud Access Security Brokers

CensorNet named in the 2017 Gartner Magic Quadrant for Cloud Access Security Brokers

There’s no doubt about it, the global cloud market is increasing exponentially… and, as it does, so too do the cyber threats within the cloud landscape. Today, cloud security is more important than ever before. In a world full of IT vendors offering a stream of IT solutions, we believe that Gartner helps business leaders make informed decisions. Its Magic Quadrant is a culmination of research in a...
NIST Digital Identity Guidelines Clarify Importance of SMS in Authentication Strategies

NIST Digital Identity Guidelines Clarify Importance of SMS in Authentication Strategies

As we anticipated when we first wrote about the Digital Identity Guidelines published by the National Institute of Standards and Technology (NIST), the new recommendations have ignited a fierce debate in the cybersecurity community. What is the best authentication method to protect access to data and systems? Is two-factor enough or does multifactor provide the best defense? What delivery methods ...
Are humans still the weak link in the Cyber Security chain?

Are humans still the weak link in the Cyber Security chain?

I think the answer has got to be a resounding yes. There will always be black swans and sheep that roll across the cattle grid to freedom and suicidal kangaroos that continue to be killed on the roads in Australia. In any type of environment users will be ingenious and sidestep governance and red-tape to get the job done, and there will always be users that despite how much you tell them not to, w...
Sharing Our GDPR Journey

Sharing Our GDPR Journey

The 25th of May 2018. For many, that date will have registered little interest when the first official draft of the EU General Data Protection Regulation was published back in 2012.  The date, and what it would bring, was something to be aware of but too far away to interfere with other, more pressing concerns. Fast-forward to 2016, when the final draft was approved by the EU Parliament, and the s...
Infosec Report Card: Must concentrate better, but don't stop talking

Infosec Report Card: Must concentrate better, but don't stop talking

Infosec Europe is undoubtedly one of the biggest trade shows in the calendar, and again it demonstrated its gravitational force this week with what I’m told are record numbers getting sucked into its orbit to discover how to better protect organisations from tougher and more complex cyber threats.This morning, beyond the crusty walls of Olympia - back in the real world - a new UK government prepar...
Cyclonic information overload... Or clarity at last?

Cyclonic information overload... Or clarity at last?

After my rant about the general lack of coherence in the info security industry, I thought I’d accept my own challenge and see what I could make of the first day’s action here at Infosec 2017.  A scan through the scheduled keynotes and presentations pretty much confirmed what I predicted to be true. Reading the conference agenda is analogous to reading the menu from one of those ‘every internation...
Coherence is the order of the day...

Coherence is the order of the day...

I’ve got a challenge for anyone visiting this week’s Infosec Show: Spend two hours here, and then try and sum it up in 20 seconds. I’m offering a prize for anyone that does a good job - just drop by our stand, give me your thoughts in 20 seconds and I’ll see what we’ve got in the goody bag. At the very least, I’ll buy you a coffee - I’d be interested to hear what you’re thinking. Sounds trite, rig...
The Heads Up: Shadow IT - Light Up The Dark Side

The Heads Up: Shadow IT - Light Up The Dark Side

Digital infrastructures can be both a curse and a blessing. They allow us to progress technically and positively influence the way in which we work, but can inevitably make organizations more vulnerable to cyber attacks and also make it increasingly difficult for IT teams to control. In the ‘digital jungle’, computers, laptops and private mobile devices (BYOD – bring your own device) are used to a...
Top Tips for Users to Keep Company Networks Safe

Top Tips for Users to Keep Company Networks Safe

As I’m sure you already know, Friday, 15 May, saw the beginning of a global ransomware attack, hitting hundreds of thousands of businesses around the world. Like most companies, we have taken stock of the situation and sent some simple instructions to our staff so that we can avoid becoming infected. We would like to share these with you, but before we do that, we cannot stress highly enough the i...
The Heads Up: Solving Ransomware with AV...the definition of insanity?

The Heads Up: Solving Ransomware with AV...the definition of insanity?

In the light of the recent global ransomware cyber attack, we felt it appropriate to repost this blog for your information. The original post was dated 18 April, 2017. The speed at which ransomware is proliferating is mind blowing. In 2015, SonicWall’s Global Response Intelligence Grid recorded around 3.8 million attacks. By last year, that had grown to 638 million. Yes, you read it right – 638 mi...
Cloud Security - how is 2017 shaping up?

Cloud Security - how is 2017 shaping up?

With January rapidly becoming a distant memory, and as all those New Year good intentions get left by the wayside, I am pleased to report the race to the cloud continues apace. But as enterprises embrace the cloud to help their businesses become more agile and responsive, they invariably encounter more security threats and become more susceptible to breaches from multiple channels. Legacy security...
Cloud Security issues aren’t unknown

Cloud Security issues aren’t unknown

When Cloud was the new kid on the block, the risk of adoption was simply too variable and therefore untenable but that didn’t really matter. It was gathering such momentum the security market simply couldn’t keep up. So in line with tradition, the easiest option was to get the big red stamp out and mark it ‘unsafe’ and hope it would go away. The problem was that it didn’t, it just got bigger. The ...
Why it’s time to ditch the password…

Why it’s time to ditch the password…

Given that passwords are on the front line of defence in the security of corporates and individuals, it’s mind boggling how elementary some people’s passwords are. Some recent research by LeakedSource, delved into the frequency of use of LinkedIn’s 10 most pathetic passwords. Topping the list is “123456” with an incredible 753,305 LinkedIn users, using this most perfunctory of passwords. Trailing ...
Two’s company but it’s no longer enough

Two’s company but it’s no longer enough

Cyber Security is now well and truly on the map. Politicians wax lyrical about how they’re fighting it, entire supplements of every major Sunday newspaper are dedicated to it and in general, the world is that little bit more savvy, I’m delighted to say.   The by-product of the popularity and trend has also meant the industry has given birth to a whole slew of new vendors, all brandishing themselve...
“e-Safety Legal Obligations – The Fall of the Supremacy of Pedagogy”

“e-Safety Legal Obligations – The Fall of the Supremacy of Pedagogy”

I have a proposition to make. My proposition is that it is notpossible to train or educate pupils into not cyberbullying, not viewing pornography, not sexting and that the stance of many educators and education experts[1] that pedagogy is the best, the ‘supreme’ route to satisfy e-Safety legal obligations is, quite simply, wrong. I further propose that we know it’s wrong because empirical evidence...
Targeting hospitals? The lows that hackers stoop to…

Targeting hospitals? The lows that hackers stoop to…

The morals of hackers sank to new lows last week, when three hospitals across the UK were targeted with ransomware in malicious cyber attacks. The upshot was that all operations, procedures and appointments were cancelled, affecting over 1000 patients. The hospitals’ computer systems control all aspects of operations, so the virus affected everything from the ventilation of patients and administer...
CensorNet and the statutory duty on radicalisation

CensorNet and the statutory duty on radicalisation

The Department for Education’s statutory guidelines (“Keeping Children Safe in Education”) are now in force. For the first time the guidelines include the subject of the legal obligations on the school arising under the Counter Terrorism and Security Act 2015. On this subject the statutory guidelines are explicit: “Protecting children from the risk of radicalization should be seen as part of schoo...
A CIO and an Entrepreneur walk into a bar…

A CIO and an Entrepreneur walk into a bar…

One arbitrary Google search of ‘Shadow IT’ will instantly present a buffet of opinion; not to mention some of the most spurious marketing images in the history of the internet. That’s the trouble with the tech sector, a genuine issue arises and before you can say the words ‘Please. Just. Stop’; everyone (and I mean everyone) has a ‘solution’ and a ‘marketing strapline’ for it. You only have to loo...