So, it hasn’t been long since the introduction of GPDR, and we’ve already seen the first high profile breach of the new data protection laws with Dixons Carphone. The multi-billion-dollar organization revealed that they suffered a cyber-security breach that involved the personal data of over a million customer records. The data included personally identifiable information (PII), including names, addresses and email addresses. The breach also related to PCI compliance as … Read more
Dixons Carphone: Lessons from the First High Profile GDPR Data Breach
06.19.2018, Compliance, by
Philip Robinson.
Let’s face it, CISOs have a lot of weight on their shoulders. They are required to design, implement and enforce security policies with little praise for their efforts. Should something go wrong, and the entire system falls to its knees, they are generally expected to accept full responsibly for the incident. The truth is, however, that data security is everybody’s responsibility. Employees must be made aware of this and be … Read more
Having a strong password policy is your first line of defence. Many users are aware of the security risks associated with having an easy-to-guess passwords, yet often they choose one anyway. We understand that it can be frustrating to be asked to memorize complex passwords, only to be asked to change them every 90 days. It is therefore necessary for sysadmins to reason with staff members and make sure that … Read more
We’ve all heard by now that the GDPR will bring in a revised set of data protection legislation that aims to modernize the way organizations store and process the data of EU citizens. Countless articles will tell you that non-compliance with the GDPR will likely result in crippling fines. However, much of this is fear-mongering, as the vast majority of people (even experts) simply cannot predict what will happen. They … Read more
Data drives almost every critical business function, from decision making to analytics. That’s why maintaining both data security and data integrity are an important part of keeping your business running smoothly. Data security is the hotter topic in the IT world at the moment, and as a result data integrity is in danger of being just an afterthought. However, it’s just as important to maintain good data integrity if you … Read more
Improve File Server Security by Delegating Outside of the IT Department
05.02.2018, Auditing, by Philip Robinson.
It’s probably safe for me to assume that your Windows File Servers store critical, sensitive information at this very moment in time. In the modern world, data is more valuable than oil, and is now considered to be the most valuable resource in the world. Ensuring that File Server is secure should be high on the list of priorities for any organization that stores sensitive data. Unfortunately, many of the … Read more
How to Manage Privileged Users for Better Security and Compliance
04.19.2018, IT Security, by Philip Robinson.
Over the last few years we have seen a shift in the requirements set out in compliance mandates in an attempt to combat the increasing frequency and severity of data breaches. For example, in February of this year, PCI DSS (the compliance standard aimed at protecting payment card information) best practices were made mandatory. This was in an attempt to ensure that merchants and service providers took action to ensure … Read more
On March 22nd, the city of Atlanta was hit by a very sophisticated “SamSam” ransomware attack that effectively crippled the government and much of the public services in the state. Citizens in the capital are unable to pay their parking fines or for essential services like water. The police are having to switch to paper reports as digital services have been compromised. These effects lasted for at least 6 days … Read more
How CISOs are Adapting to Meet the Rising Threat of a Cyber-Attack
04.02.2018, IT Security, by Philip Robinson.
CISOs are faced with a seemingly impossible task, as cyber-attacks are evolving faster than their ability to improve their defences. A recent survey, carried out by Ankura, shed some light on the way in which corporations are adapting to meet the demands of the evolving threat landscape. The survey involved 30 industry experts from a range of industries, including finance, healthcare, insurance, manufacturing, media, telecommunications and retail. Firstly, the report … Read more
In preparation for the upcoming GDPR regulation, the ICO have commissioned a media campaign to provide valuable information to consumers on what it means for them. Although the details of the campaign are still being ironed out, we know that it will be run in April under the banner “Your Data Matters,” will have a logo, strapline and aim to visually tell a story of data protection. The aim of … Read more