Three things to consider when securing multi-cloud environments in the public sector

Public sector organisations are all at different points on the cloud transformation and digitalisation journey. Many already recognise the benefits of moving to the cloud and have advanced multi-cloud strategies and stacks, whereas others may just be making the first forays into building a cloud infrastructure. But, in both cases, the digital transformation has led to traditional network perimeters eroding and the cyber risk coming to the fore. In fact, almost […]

James Eaton-Lee, Head of Information Security / Data Protection Officer, Oxfam

Ahead of this week’s Data Protection World Forum webinar, Building Security’s Influence in the C Suite, PrivSec catches up with Oxfam’s James Eaton-Lee. Eaton-Lee worked in various IT and consultancy roles, before moving into security consultancy, across security testing and assurance. After a spell as Information Security Manager at Travelodge, he came to Oxfam, where […]

Security: more than just “tech”

Ahead of this week’s Data Protection World Forum webinar, Building Security’s Influence in the C Suite, independent cyber security consultant Dr Emma Osborn highlights the importance of owning cyber risk at board level. Unlike the practitioners with their years of knowledge unpicking problems from the inside of large multinationals, I typically work with much smaller […]

Don’t Lift and Shift: Evolve

At July’s Last Thursday in Privacy event, Sian John MBE, Microsoft’s EMEA / APJ director of cybersecurity strategy, gave companies transitioning to a cloud service model some food for thought. PrivSec’s Catherine Wycherley caught up with her to get some further insight. It might be oft-repeated, but that doesn’t make it any less true: modern […]

China announces global security standards initiative amid tensions with the US over data security

China announced on Tuesday that it will launch an initiative to promote global data security in this area, Global Times reported. Eight proposals were outlined in a statement given by Chinese State Councillor and Foreign Minister Wang Yi, calling for a multilateral approach to mitigate data risks. China’s proposals call upon to handle data security in a […]

Hackers turn hunted in new AI-based cyber security deception tool

The University of Strathclyde has announced that researchers at its Centre for Intelligent and Dynamic Communications are working on a cyber security solution that uses AI and deception to protect network systems. Upon identifying a breach, “Lupovis” – a name derived from “lupus” (Latin for wolf) and “ovis” (sheep) – aims to convince a cyber […]

A new role for the cybersecurity industry: the Business Information Security Officer (BISO)

Traditionally, those working in the cybersecurity industry have been technically savvy and laser-focused on tools and solutions. At a time when the whole enterprise – all its data and all its people – were safely housed in a corporate office and on the corporate network, this worked fine. However, that paradigm was starting to shift […]

The Risks of Checkbox Compliance

A key principle of the GDPR is that personal data must be processed securely, using “appropriate technical and organisational measures” – the “security principle”. To meet this principle, organisations implement a variety of IT security technologies, all aimed at protecting information where it is stored and processed. By deploying technologies like these, organisations can “check […]