When the suite is not so sweet

When the suite is not so sweet

In a world where the majority of data breaches start with weak or stolen credentials, many businesses have added an extra layer of protection to employee accounts with Multi-Factor Authentication (MFA). MFA, in a nutshell, requires users to go through multiple steps to ‘prove’ they are who they say they are. While there are multiple ways this can be done, it involves something the user knows (like...
Coffee breaks for all as Office365 goes down

Coffee breaks for all as Office365 goes down

Office 365 has gone down, again. Being a Microsoft customer must sometimes be like Groundhog Day. This time, the suite went down across Europe, with users reporting issues accessing cloud-based email servers at around 9.30am on 24th January 2019. According to Microsoft, the outage was caused because “a subset of Domain Controller infrastructure is unresponsive, resulting in user connection time ou...
Why cloud visibility and discovery are no longer enough

Why cloud visibility and discovery are no longer enough

According to the Ponemon Institute, cloud applications are a significant security concern for organisations, with 71% of global IT professionals believing the challenge is harder to face using existing, conventional security tools. Disregarding those who still don’t even know that they need to be aware of the risks, the majority have since cottoned-on to the necessity of having comprehensive visib...
How Business Email Compromise continues to wreak havoc in the boardroom

How Business Email Compromise continues to wreak havoc in the boardroom

So, let’s kick off with the blindingly obvious, Business Email Compromise or CEO Fraud isn’t new. I didn’t wake up this morning and discover a fresh threat that’s going to make headline news. Here’s the thing though, if it’s not a ‘new threat’, if the market is well acclimatised to scary stories and the security industry so advanced, why-oh-why does it continue to be successful? I’m willing to bet...
Don't get held to ransom

Don't get held to ransom

How to stop your business from being held to ransom Ransomware is a threat that comes in many shapes and sizes. It encompasses all malware that holds data hostage, usually in exchange for payment. This can mean encrypting an organisation’s data to stall operations until it is released, or taking the data and threatening to release it publicly if payment is not made. It can target one particular us...
Why is Office 365 email a security risk?

Why is Office 365 email a security risk?

When it comes to digital transformation, moving to the cloud is key. According to Forbes, 83% of enterprise workloads will be in the cloud by 2020 and two thirds of IT professionals responsible for managing the change say that security is their greatest concern. Office 365 is integral to a seemingly ever-increasing number of enterprises. Microsoft's Office 365 commercial monthly active users reach...
Ten top tips for improving your company’s email security

Ten top tips for improving your company’s email security

Chances are your business relies heavily on email on a day to day basis to communicate internally, externally and just to make things happen. Email is one of the most enduring enterprise applications, something often taken for granted – but despite its longevity, it’s an application that continues to cause headaches for the IT department when it comes to security. Perhaps because of emails’ long-t...
Enjoy the footie, just don’t let your (work) team down…

Enjoy the footie, just don’t let your (work) team down…

It seems the World Cup has just ended, but football fans haven’t had long to wait for their next fix of the game, with the Premier League starting last weekend. The Premier League is the most-watched sports league across the globe, with a worldwide potential audience of 4.7 billion people. It’s undeniable that the UK is football mad, and- especially in the comedown after the excitement of England’...
It’s no holiday for Butlin’s

It’s no holiday for Butlin’s

Last week, the UK holiday camp company, Butlin’s announced that it was the latest in a growing list of businesses to have suffered a data breach. In this case, the company lost 34,000 visitor records (including names, postal address, email addresses and telephone numbers) when a member of staff responded to a phishing email. This yet again validates the need for an ultra-modern multi-layered email...
ONS report: internet use is increasing, security isn’t

ONS report: internet use is increasing, security isn’t

Last week the Office for National Statistics (ONS) has released figures that show that despite 89 percent of UK adults now using the internet at least weekly, there is a significant lack of corresponding internet security awareness. In its annual survey of UK internet access, the ONS found that internet use has increased across all areas, including email (used by 84 percent of UK adults this year)...
Teensafe: a lesson in securing your cloud servers

Teensafe: a lesson in securing your cloud servers

Last month, ZDNet reported that Teensafe – which markets itself as a secure app to let parents monitor their children's phone activity – had left two of its Amazon cloud servers public. This meant that data such as plaintext passwords, parent email addresses, and device names were exposed for more than 10,000 children and viewable by anyone, without even requiring a password. Time and time again w...
A Deep Dive on How to Catch Phish

A Deep Dive on How to Catch Phish

The modern email threat. The simple plain text email appearing to come from the CEO asking the junior finance or accounts payable team member to immediately settle the overdue invoice from an irate supplier, that has just called them personally to complain. Call it Business Email Compromise (BEC) or CEO Fraud, it’s still a targeted phishing attack, and the number of incidents has been rising stead...
Facing facts: your employees are visiting sites they shouldn’t at work

Facing facts: your employees are visiting sites they shouldn’t at work

One of the most difficult jobs for a security team is to limit the harm employees can put themselves and the organization at risk of, while giving them scope to operate online. A recent survey we conducted of 1000 UK adults confirmed all of a security team’s worst fears about what employees are getting up to at work. One in ten respondents admitted to visiting adult websites on a work device or wh...
WhatsApp with people? Don’t expose your company’s confidential data, please

WhatsApp with people? Don’t expose your company’s confidential data, please

Last week we released the results of an interesting piece of research we carried out which tried to understand the kind of flawed and malicious things people do which put the data of the companies they work for at risk.  Some of the results raise eyebrows and others are downright staggering.  For example, one in ten people questioned admit to visiting adult websites whilst on a work laptop or conn...
Getting used to more clouds of pollution – the scourge of cloud-only malware

Getting used to more clouds of pollution – the scourge of cloud-only malware

Thank goodness for cloud applications. Compared to the old ways of sharing information across organisations and between virtual teams, cloud apps have undoubtedly liberated extra productivity and fostered greater innovation. To gain maximum benefit, however, keeping on top of cloud application security is a key consideration and one that demands both visibility and control of usage, right down to ...
Sharing our GDPR Journey: CFO

Sharing our GDPR Journey: CFO

A dual task but also an opportunity to better ourselves When our CEO, Ed, wrote the first blog post in this series he detailed the all consuming nature of the upcoming General Data Protection Regulation. Since then, some time has passed and the hysteria surrounding that May deadline has heightened even further. After all, we’re now well into the final full quarter of preparation time before GDPR, ...
Sharing our GDPR journey - CTO  Changing the definition of personal data

Sharing our GDPR journey - CTO Changing the definition of personal data

2018 is here and, as we leave the Christmas festivities behind us, a regulation six years in the making is about to become a reality… The year of GDPR is finally upon us. By now, we’re all well aware of its aim; to transform the way that European businesses view data in terms of both protection and privacy. And, let’s face it, given that 2017 was a year in which cybercrime thrived - with attacks s...
CensorNet named in the 2017 Gartner Magic Quadrant for Cloud Access Security Brokers

CensorNet named in the 2017 Gartner Magic Quadrant for Cloud Access Security Brokers

There’s no doubt about it, the global cloud market is increasing exponentially… and, as it does, so too do the cyber threats within the cloud landscape. Today, cloud security is more important than ever before. In a world full of IT vendors offering a stream of IT solutions, we believe that Gartner helps business leaders make informed decisions. Its Magic Quadrant is a culmination of research in a...
NIST Digital Identity Guidelines Clarify Importance of SMS in Authentication Strategies

NIST Digital Identity Guidelines Clarify Importance of SMS in Authentication Strategies

As we anticipated when we first wrote about the Digital Identity Guidelines published by the National Institute of Standards and Technology (NIST), the new recommendations have ignited a fierce debate in the cybersecurity community. What is the best authentication method to protect access to data and systems? Is two-factor enough or does multifactor provide the best defense? What delivery methods ...
Are humans still the weak link in the Cyber Security chain?

Are humans still the weak link in the Cyber Security chain?

I think the answer has got to be a resounding yes. There will always be black swans and sheep that roll across the cattle grid to freedom and suicidal kangaroos that continue to be killed on the roads in Australia. In any type of environment users will be ingenious and sidestep governance and red-tape to get the job done, and there will always be users that despite how much you tell them not to, w...