Cookies: Total €210 million fine for Google & Facebook
CNIL (the Data Protection Regulator in France) has fined Google & Facebook for non-compliance with Data Protection legislation related to the use of cookies and
Blogs
Log4j vulnerability – CVE-2021-44228
Log4j is a fast and flexible logging framework. It essentially allows developers to control which log statements are output with arbitrary granularity. What is the
Microsoft’s new Open-Source nature is a breath of fresh air
Today’s cyber threats and exploits don’t follow a system or schema. They are heavily customised, built to be executed on any system regardless of O/S or function – and that makes them more deadlier than ever for an organisation’s digital platform.
9/11 – Twenty Years on
The advances in technology since then can now allow an attacker to achieve wide reaching consequences without having to be physically present at the target. The combination of cyber-attacks and physical attacks place even greater demand on security professionals to manage the risk.
When the September 11 attacks were carried out, terror groups had a minimal online presence. Changes in technology have allowed these groups to embrace the anonymity the internet can provide to further their activity.
GDPR – The Cyber Criminal’s Friend
Since GDPR came in there have been a few changes in the cyber landscape and one significant change is the rise of ransomware. It is simply everywhere. When you first look you may be forgiven for thinking that it is particularly prevalent in the USA. And yes, that is partly true, but the reason for that is that by US law, a company must declare when they have had a data breach. Since 2002, the US Data Breach Notification Laws state that a company has 10 days to notify the authorities of a data breach. That, from a mapping point of view, is what makes the US look like a hotspot.
Construction Industry – Threat Assessment August 2021
The construction industry may not appear to be an obvious target for cybercrime. The industry has an image of being a physical world industry with no connections to the digital one. If only that was true. The construction industry is being sought out by threat actors as the next easy target. In 2020 the average cost of the data breach within the construction industry was $4.99 million US dollars.
Automating malware analysis with Cuckoo Sandbox
Malware is an ever-present but constantly changing threat in the cyber security world.
EU Adopts ‘Adequacy’ decision allowing data to continue flowing freely to the UK
Good news followed the weekend, as the European Commission approved plans to recognise the United Kingdom’s data protection regime as ‘adequate’.
Ransomware – Do I need Cyber Insurance
Ransomware incidents continue to feature in the international as well as IT industry press, with recent high profile victims being JBS Foods, Fujifilm, Colonial Pipeline, Ireland’s Health Service Executive, and AXA Insurance. Less well publicised are the many smaller organisations that are held to cyber ransom.
Preparing for the Inevitable
“There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.”
This aphorism is generally accepted within the information security and wider risk management industries as being true.
If we accept that this is the case, then it is logical that we should prepare our companies for cyber-attacks, not only for the breach itself but also how they should respond.
Categories
Latest Insights
Bridewell Achieves CREST CSIR and SOC 2 Certification
June 30, 2022
Last week, Bridewell achieved its fourth certification in collaboration with CREST, gaining the Cyber Security Incident Response (CSIR) certification. This new accreditation is the latest
CNI Organisations Must Lighten Load on Cyber Teams or Risk Mass Exodus of Workforce
June 28, 2022
4 in 10 cyber leaders in UK CNI say stress and burnout could push them to leave their job in next year Reading, UK –
What Can Data Privacy Teams Learn From Danske Bank’s £ 1.1 Million Fine?
June 22, 2022
In April, Danske Bank, the largest bank in Denmark, was fined 10 million Danish kroner (£1.1 million GBP) by the Danish Data Protection Agency (DPA)
