Articles about Security

Cyber security company Kaspersky Lab has been running an interesting experiment in London with a shop that only accepts personal data as payment.

The Data Dollar Store provided shoppers with the opportunity to get their hands on exclusive prints and artwork by street artist Ben Eine. The difference came at the checkout where the only way to pay was with Data Dollars -- a new currency created by Kaspersky Lab that consists of a customer's personal data held on smartphones such as images, video or texts.

Continue reading →

Lack of visibility into endpoints poses a major issue for enterprises as IT administrators can be left in the dark about where data is and how it's being used.

This means that when data breaches occur it can take longer to detect the source. A new tool from ThinAir aims to shorten this detection time by analyzing interactions and making information available via a conversational interface.

Continue reading →

Is your company protected from zero-day exploits? Do you even understand what these threats are and how they can affect you? If you don’t, chances are you won’t be prepared when a hacker takes advantage of one of these exploits and steals a large amount of sensitive information from you.

Zero-day exploits are no joke -- some of the most costly cyber-attacks in history have come from hackers using these vulnerabilities. They can cost you more than just a lot of money; they can make your customers lose faith in your ability to protect their information. What can you do to deal with these exploits? Fortunately, there are a few ways to keep your network and the data you store safe and sound.

Continue reading →

More risks are being created by departments outside of IT, but it's still the IT department's problem according to a new survey.

The study by identity platform SailPoint shows that 55 percent of respondents believe one of the key reasons that non-IT departments introduce the most risk is that they often lack the understanding of what actions and behaviors are potentially hazardous.

Continue reading →

The UK Home Secretary, Amber Rudd, has admitted that she doesn't understand end-to-end encryption, but still wants to "to find the best way to combat" it anyway. Speaking at the Conservative Party conference, she said that Silicon Valley had a "moral obligation" to help fight the crime and terrorism she believes is abetted by encryption technology.

Despite having previously voiced support for back doors into systems such as WhatsApp, Rudd said she does not want such access, nor is she seeking to ban encryption. Saying "I don't need to understand how encryption works to understand how it's helping -- end-to-end encryption -- the criminals," she added that she wants technology firms to make it easier for police and security services to access encrypted data.

Continue reading →

Identity and access management (IAM) is all about ensuring that the right people have the right access to the right resources and being able to prove that all the access is legitimate. But as those heavily involved in IAM know, that is much easier said than done. There’s a lot that goes into getting all of these elements "right."

First, you must set up the accounts that enable a user to get to the resources they need -- often called provisioning (and its dangerous sister, de-provisioning, when said user no longer needs that access). Second, in order for that account to grant the appropriate access, there has to be a concept of authorization which provides a definition for what is allowed and not allowed with that access. And third, there should be some way to make sure that provisioning and de-provisioning are done securely with efficiency and that the associated authorization is accurate -- i.e. everyone has exactly the access they need, nothing more and nothing less.

Continue reading →

At a time when British businesses should be bolstering and updating their data protection policies in preparation for new legislation, it is worrying to report a culture of secrecy and ambivalence towards data breaches across the country.

With the EU General Data Protection Regulation (GDPR) due to come into force on May 25 next year, bringing with it huge fines of up to 20m Euros or four percent of turnover, a survey has revealed the real extent of Britain’s data breach problem.

Continue reading →

The General Data Protection Regulation (GDPR) that takes effect May 25th 2018 is still raising serious compliance concerns for most UK companies, according to a Bitdefender survey. With companies becoming more enthusiastic in deploying hybrid infrastructures that involve leveraging the capabilities of both the public and the private cloud, 85 percent of UK respondents agree encryption is the most effective way to secure public cloud data.

Interestingly, only one third of UK respondents actually secure between 31 and 60 percent of cloud-stored data, while 21 percent encrypt everything stored within the public cloud. With GDPR placing tough restrictions regarding how "any information relating to an identified or identifiable natural personal" is handled, encryption plays a vital role in achieving this.

Continue reading →

Today's threat landscape is becoming increasingly more complex and sophisticated, And all sizes of business are at risk.

VIPRE Security has released the results of a survey of 250 SMB IT managers which shows that 66 percent say they would either go out of business or shut down for a day or more if their systems and/or data were compromised.

Continue reading →

It recently came to light that Google had killed off NFC Smart Lock in Android -- without telling anyone. Now the company has come clean about just why the feature was given the chop.

Google says that "in the case of NFC unlock, we've seen extremely low usage," adding that there are now many more ways of unlocking Android devices. But while Google points to features such as On-Body detection, fingerprint scanning and Trusted Places, fans of the missing feature say that none of these are comparable.

Continue reading →

Ransomware has been named as one of the most pressing threats to society by officers at Europol.

The force has released a new report which claims that ransomware is reaching "epidemic" levels, eclipsing other areas of cybercrime such as data breaches, pornography and card fraud.

Continue reading →

The Extensible Firmware Interface (EFI) has steadily replaced BIOS in recent years as means of booting and controlling hardware devices.

Mac systems have used EFI since 2006 but an analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems finds that in many cases the EFI is not receiving security updates, leaving users vulnerable to attacks.

Continue reading →

Just a year after the Mirai malware infected connected devices to create the first IoT botnet, new research from Norton shows that global botnets have continued to grow and spread as a result of unaware users inadvertently infecting others.

According to Norton, the top three countries responsible for hosting the highest number of bots in Europe are Germany at just over eight percent, Italy at 10 percent and Russia at almost 14 percent.

Continue reading →

As the cost of dealing with the aftermath of a security breach has risen significantly in the past year alone, new research has revealed that staff training can greatly help reduce the risk of cyber attacks.

A new survey from Accenture found that 55 percent of workers in the UK could not recall ever receiving training regarding cyber threats, meaning many of them are often unsure what to do in order to prevent, identify or respond to a cyber attack.

Continue reading →

Poor management of user accounts is leaving organizations open to security and compliance risks according to a new report.

Identity and access management specialist One Identity surveyed over 900 IT security professionals, in conjunction with Dimensional Research, and finds that what should be security best practices -- such as swift removal of access to corporate data and applications, dormant account identification, and role administration -- continue to be a challenge for many enterprises.

Continue reading →