Don’t Lift and Shift: Evolve

At July’s Last Thursday in Privacy event, Sian John MBE, Microsoft’s EMEA / APJ director of cybersecurity strategy, gave companies transitioning to a cloud service model some food for thought. PrivSec’s Catherine Wycherley caught up with her to get some further insight. It might be oft-repeated, but that doesn’t make it any less true: modern […]

Hackers turn hunted in new AI-based cyber security deception tool

The University of Strathclyde has announced that researchers at its Centre for Intelligent and Dynamic Communications are working on a cyber security solution that uses AI and deception to protect network systems. Upon identifying a breach, “Lupovis” – a name derived from “lupus” (Latin for wolf) and “ovis” (sheep) – aims to convince a cyber […]

The Risks of Checkbox Compliance

A key principle of the GDPR is that personal data must be processed securely, using “appropriate technical and organisational measures” – the “security principle”. To meet this principle, organisations implement a variety of IT security technologies, all aimed at protecting information where it is stored and processed. By deploying technologies like these, organisations can “check […]

The Great Digital Disruption: Adjusting to a New Normal in Cybersecurity

COVID-19 has forced societies, governments, businesses and individuals to suddenly rethink long-held practices and processes. This includes fundamental aspects of our lives, such as how and where we work, teach, learn, live and interact. It is hard to think of any other single event that has caused as much disruption in such a short moment […]

Remote working ‘highlights data vulnerability amid shortage of cybersecurity talent’

Companies need to invest in IT security for remote working or risk data breaches and “PR disasters” according to a report by recruitment company Robert Walters and Vacancysoft. The report, Cybersecurity: Building Business Resilience, warned that businesses have been “able to get away with weak security” during the pandemic but this needs to change. It […]

Hackers linked to North Korea used fake Linked In posts in ongoing global plan to access data and steal cryptocurrency

Hackers linked to North Korea used a malicious post disguised as a fake LinkedIn job advert as part of an ongoing global plan to access data and steal cryptocurrency, new research by a cyber-security company has revealed. F-Secure found that the Lazarus Group, which was behind the 2014 cyber attacks on Sony, carried out an attack against a […]

TikTok fights US ban in federal court challenge

Tiktok has gone to court to challenge Donald Trump’s executive order banning US transactions with its owner. The US administration announced the order earlier this month amid White House allegations that the company is a threat to national security. US security officials have reportedly expressed concern that the app, owned by Chinese firm ByteDance, could […]

Uber former security chief charged in connection with attempted data breach cover-up

The US Department of Justice has charged Joseph Sullivan, former chief security officer at Uber, with obstruction of justice following a data breach. Mr Sullivan allegedly tried to cover up a 2016 hack that compromised data of millions of users and drivers, federal court papers filed last week in San Francisco said. Hackers exposed details […]

Making the most of return to work and infosec requirements

The three pillars of information security or infosec are confidentiality, integrity and availability, of which the first is the most accessible for most users. Trying to implement infosec controls alongside business as usual is challenging at the best of times. This article explores the challenges in implementing infosec controls. It looks at the potential opportunity […]