Archive for Author: Phillip Robinson

“The fact that a company hasn’t noticed a breach doesn’t mean that it hasn’t been breached” – itgovernance.co.uk An APT is a type of malware which uses social engineering or various phishing techniques to gain access to a network. Once the malware has gained access, it will conceal itself by hiding in unsuspected files, where it can remain undetected for weeks, months, or even years. In which time, it is … Read more

Since 1998, we have relied on the Data Protection Act (DPA) to provide us with a regulatory framework for protecting personal data. It has been effective to some extent, however, I think it is fair to say that an upgrade is long overdue. After all, so much has changed in the last 20 years. There are many more businesses processing personal data, technology has evolved beyond recognition, and cyber-attacks are … Read more

As you probably know by now, the GDPR is coming into full effect on May 25, 2018, and constitutes the most significant change to European Union (EU) privacy law in two decades. It is designed to replace the Data Protection Directive (DPD) that came into force in 1995 when web technology was nowhere near as advanced as it is today. The GDPR applies to all organisations handling the data of … Read more

If you’re reading this, you’ve either already become the victim of a ransomware attack or you’re interested in finding out what your options are should it happen to you. So, in this article we’re going to discuss what a ransomware attack does and how best to react to one. What does a ransomware attack look like? Ransomware attacks come in many shapes and sizes, but the ultimate goal is to … Read more

It seems that almost every month we are told of yet another high-profile security breach in which sensitive data is leaked, either for profit or accidentally. In almost every case, the end result of these data leaks is damage to the reputation and/or bottom line of the organisations involved. Whilst there is no way to completely remove the risks of a data breach occurring in your organisation, there are certain … Read more

The danger posed by insider threats Many organisations with budgets allocated towards security choose to spend them on defending against external attacks and ignore the far more prevalent insider threat. This tends to be due to the fact that, in the past, external hacks were heavily publicised in the media and resulted in expensive damages to company reputations and bottom lines. However, despite recent major ransomware attacks throwing the spotlight … Read more

The world woke up on the 28th June to the news of a second global ransomware attack following the WannaCry attack that took place less than six weeks ago, and affected over 230,000 computers in 150 countries; including the UK’s National Health Service. We will refer to this attack as the ‘Petya’ ransomware attack as very little is known about it at this point besides its slight resemblance to an … Read more

As IT environments become increasingly more complex and interconnected, and the number of reported cyber-attacks continue to rise, organisations must have some form of data breach prevention strategy in place. According to a recent report by the Ponemon Institute, the average cost of a data breach is estimated to be $4 million, with each compromised record costing around $158. How Does a Data Breach Happen? A recent report published by … Read more

People generally think that auditing and monitoring are the same thing and, in some ways, they are. The differences between them are subtle, but important none-the-less. In short, auditing is done by auditors, and it is the auditors responsibility to make use of the available technology to aggregate and present the log data in a way that that can be understood and “monitored” by administrators and managers. While most modern … Read more

SIEM stands for Security Information and Event Management, and plays an important role in data security. SIEM applications and services are typically capable of aggregating data from various sources, searching through logs, spotting anomalies and patterns, and providing long-term data retention, which can be used to assist with forensic investigations. Additionally, SIEM solutions provide automated alerts and reports, which are presented via an intuitive dashboard etc. As IT systems become … Read more

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.