InfoSec News


Secure Information Management

In today's rapidly evolving business environment, every CXO needs to feel that their organisation's information and valuable IP is safe and secure. How do organisations keep abreast of the growing attack surface and exposure that they face?  It's hard not to feel like a sitting duck. An army of Cyber criminals exists in what is an ever increasing, convenient way to wreak havoc. Crime-as-a-Service (CRAAS) is flourishing as the Cyber criminal culture hones its techniques and joins the outsourcing world to earn maximum profits.  Niche specialist Cyber criminals are the norm today with specialities including RansomWare-as-a-Service (RAAS), Malware Installation-as-a-Service (MIAAS) and Cash Out-as-a-Service (COAAS) available freely (scarily so).

Successful protection strategies arise from careful human insight into the approach of the attacker. Human behaviour is still the guiding mechanism to  follow when considering the protection of  your organisation.


Read More →

Since its introduction in 2001, SharePoint has become one of the greatest tools for business and organisations around the globe who depend on the productivity and efficiency of SharePoint to centralise data and information for quick and easy access. Unfortunately, the dawn of a new era in information-based technology has brought a new wave of hackers. While most of us know that there are dangers out there, we don't always take the measures necessary to keep ourselves safe from these online threats.  While we all know that data breaches will funnel you and your company into a spider web of problems, we don't realise the actual impact. The hidden costs of SharePoint data breaches are tremendous, but there are ways to protect yourselves in a changing world.


Read More →

Keeping your data private has always been the fundamental goal of IT security. Today, confidentiality of private data is more critical than ever due to the legal implications of unintended data disclosure. We’ve all read the horror stories about USB drives, backup tapes, or laptops being stolen and costing a company millions in reputational damage, lost revenue and fines.


Read More →


The remedy in the event of a breach

Are you prepared to manage a network security incident? According to some vendors and analysts, it's now a case of when, not if, your company will be breached. Adobe, Target and eBay are just a few of the plethora of organisations that recently fell victim to cyber-attacks.

Incidents are increasing in frequency and complexity; so Incident Response Plans are crucial for helping enterprises prepare for a security event. Unfortunately, many are turning a blind eye to the importance of defining and testing an incident response plan. In fact, 77% of organisations do not have a plan at all, according to a recent NTT Group report.
Read More →

What is the state of your IT security team?

When it comes to incident response, “always be prepared” is a key mantra. Berkeley often presents to security professionals, and one of our favourite questions to ask is, “How many hours per day do you spend at work?”. The usual answer is eight or nine, and even those who spend more are still well behind the people they are battling. Hackers will routinely spend 12, 16 and even 18 hours a day trying to breach someones network. They live, breath, eat and sleep hacking. 


Read More →

A dentist in the Napa Valley (California, USA) has learned the hard way the importance of encryption. Protecting data at rest (live and archived) is just as important as protecting data in use and in motion.


Read More →

 

Penetration (pen) testing is a critical tool in the IT security of a company. Knowing what, if any, vulnerabilities exist in your applications will help to prevent the potential damage caused by hackers. A good penetration test should identify what harm could be done to applications, or the company, should they successfully identify any vulnerabilities and capitalise on them.


Read More →

Although private VPNs are a way to let employees connect to their business networks remotely and securely, they continue to be popular for individual use. With all of the hacking and identity theft incidents we hear about daily, having extra protection to encrypt the data that is transmitted via the internet is a plus for anyone. Virtual Private Networks provide extra security by encrypting data as it is transmitted through your ISP or Internet Service Provider. They also provide protection from hackers while surfing the internet using public wifi.


Read More →

A popular new type of scam (that has allowed Cyber criminals to milk companies out of billions over the last three years) is rooted in unauthorised access to CEO and C-suite executive address books.


Read More →
 
Media sources reported recently on the  Yahoo hack, the biggest cybersecurity breach to date.  Recode and the Washington Post's Daily 202 are among the first sites that commented on Yahoo's then-pending confirmation that a 2014 cyber attack affected over 500 million Yahoo users.

Read More →
/