Data Security & Compliance Blog

According to a Freedom of Information Request submitted by Redscan – a penetration testing firm, approximately 25% (24 out of 108) of NHS trusts who responded to the request have zero qualified security personnel. However, some trusts have stated that they are in the process of training security staff. According to Redscan, trusts have spent an average of £5,356 on security training in the past 12 months, while a large … Read more

As more companies embrace the growing BYOD trend, many have started issuing mobile devices to their employees to give them more flexibility over how, when and where they can carry out their duties. However, in doing so they are opening up a number of additional security risks. The first, and most obvious risk, relates to the way employees use their devices outside of the workplace. Should an employee, who has … Read more

An insider threat is any threat that is posed to your organization by your own users. They can take many forms and can be both malicious and accidental. However, in general, insider threats can go unnoticed for long periods of time and the resulting data breaches can cause untold damage to both the reputation and bottom line of a business. According to an Insider Threat Report produced by CA Technologies, … Read more

According to a recent survey by Mcafee, 82% of respondents reported a shortage of cyber-security skills, while 75% believe that it is making them a more desirable target to hackers. The shortage of cyber-security professionals is hardly surprising, given that they must fill a role that requires a lot knowledge, experience, patience, and offers little in the way of intrinsic rewards. You’re not going to get a pat on the … Read more

The market for cybersecurity solutions has exploded over the last few years, with exciting new developments into artificial intelligence and machine learning leading the way. There really is no shortage of solutions grouped into “handy” abbreviations, designed to address all manner of both external and internal threats; including malware, ransomware, hackers, insider threats, privilege escalation and more. However, despite the threat landscape evolving at a rapid pace, end users continue … Read more

In the aftermath of the Marriott breach, one of the biggest data breaches we’ve seen in 2018, it’s relevant to revisit some core security principles and how they can help you improve the security your data. One such principle is the National Institute of Standards and Technology Framework (or NIST Framework for short). NIST released the first version of their Framework back in February of 2014, and more recently released … Read more

It is crucial that companies across the globe understand the difference between structured and unstructured data, if they want to remain compliant with the many data protection laws and regulations that govern them. Structured data, as the term would suggest, is data that is structured in a deterministic fashion. An obvious example of structured data would be a database, where each record has a key, which can be used to … Read more

2018 was a mixed year for cyber-security. Websites like Statistica suggesting that we have seen a drastic fall in the number of data breaches (in the USA) from 1,579 in 2017 to 668 in 2018; with the number of records exposed dropping from 179 million to just over 22 million. We have seen the implementation of stricter compliance mandates across the globe, most notably with the radical updates of the … Read more

2018 is coming to an end, and there is certainly no end in sight to the onslaught of cyber-attacks that plague individuals, companies and critical infrastructure. So, what are we likely to see in 2019? Below is a brief round-up of emerging security trends and attack vectors. 1. An Increase in the Use of Multi-Factor Authentication While enterprises have been slow to adopt MFA due to the complexities associated with … Read more

It’s not always easy to define what constitutes an insider threat, as most security incidents are, in some way or another, the consequence of either negligent or malicious employees. What we do know is that insider threats continue to plague organisations across the globe. According to a recent report by CA Technologies, a majority (53%) of businesses have experienced an insider attack in the past 12 months. The question remains, … Read more