Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit
  • Menu
  • Blog Home
  • Cyber Security
    • ISO 27001
    • ISO 27002
    • IT Security
  • Business Continuity
    • Disaster Recovery
    • ISO 25999
  • Data Protection
    • Data Breaches
  • PCI DSS

The post-pandemic recovery will lead to an increasingly cyber-compromised 2023

Alan Calder November 22, 2021 IT Security
A slew of reports and surveys released over the weekend reveal the size of the cyber crime challenge faced by today’s organisations. Digital transformation, driven by the pandemic, and the shift to hybrid working, driven by the post-pandemic recovery, both …
[Continue Reading...]

Crime school and Ransomware

Alan Calder April 27, 2021 Cyber Security
ransomware
If there were a business degree for criminals, I’m sure that the evolution of the ransomware business model would be a key case study. The original concept was elegantly simple: deploy malware onto a target company’s devices, encrypt the hard …
[Continue Reading...]

Oracle’s dangerous patching policy

Alan Calder April 22, 2021 Cyber Security
Oracle releases a quarterly Critical Patch Update (CPU) and the most recent, released this April, apparently fixes 390 bugs across the Oracle software suite. 41 vulnerabilities are ranked as critical, five of which achieve a perfect CVSS score of 10. …
[Continue Reading...]

Working From Home Phishing Scams

Alan Calder April 19, 2021 Cyber Security
Proliferation of phishing scams, aimed at people working from home, demonstrates extent to which cyber criminals systematically exploit vulnerabilities – particularly those that can be socially engineered. With high numbers of people working from home, and the explosion over the …
[Continue Reading...]

UK Cybersecurity Breaches Survey 2021

Alan Calder March 31, 2021 Cyber Security
Published last week, the UK’s Cybersecurity Breaches Survey contains a number of interesting facts. Although it was not surprising that most organisations found that Covid-19 made cyber security harder, it was surprising that the vast majority of organisations still do …
[Continue Reading...]

Email authentication, DMARC and Exchange

Alan Calder March 24, 2021 Cyber Security
email
DMARC is a technology that enables responsible organisations to ensure that their domains are not spoofed in phishing attacks. In today’s cyber crime environment, it should be a standard aspect of every organisation’s security configuration. DMARC, however, won’t protect organisations targeted …
[Continue Reading...]

The ransomware eco-system

Alan Calder March 12, 2021 Cyber Security
Ransomware is not just a type of cyber attack – it is an entire eco-system of supply, facilitated by a legitimate economy that, inadvertently perhaps, keeps the ransomware show on the road: Inside the Ransomware Economy | SecurityWeek.Com. The challenge …
[Continue Reading...]

Security basics are basic….

Alan Calder March 10, 2021 Cyber Security
As Windows ships a massive 89 security patches (14 critical, 74 important), Adobe ships critical patches for its software (although it doesn’t think they’ll be exploited!), and WordPress reveals a critical vulnerability that allows a bad actor to completely take …
[Continue Reading...]

Ada Lovelace – International Women’s Day

Alan Calder March 8, 2021 Cyber Security
Ada Lovelace (1815 – 1852), daughter of Lord Byron, is increasingly and widely recognised as the first person to see that a calculating machine – such as Charles Baggage’s Analytical Engine – could be programmed to solve problems of any …
[Continue Reading...]

BEC vs Ransomware

Alan Calder March 2, 2021 Cyber Security, Data Breaches
FBI reports for 2019 show BEC (Business email compromise) attacks generating far better returns for cyber criminals than ransomware. BEC attacks do not require the same level of technology or human resource as do ransomware attacks, nor do they generate …
[Continue Reading...]
  • ← Older posts

    Categories

    • BS10012
    • Business and the Economy
    • Business Continuity
    • Compliance
    • Cyber Security
    • Data Breaches
    • Data Protection
    • Disaster Recovery
    • e-discovery
    • EU GDPR
    • General
    • Green IT
    • ISMS
    • ISO 20000
    • ISO 25999
    • ISO 27001
    • ISO 27002 (ISO 17999)
    • IT Governance
    • IT Security
    • ITIL
    • Mobile Devices
    • MSP
    • PCI DSS
    • Prince2
    • social media
    • White Collar Crime

    IT Governance Tags

    banks books Business Continuity CEOs CIOs CobiT Compliance corporate governance CSOs Data Breaches data protection act data security dpa fraud GDPR HMRC IM information security infosec ISMS iso27001 ISO 27001 ISO 27001 Certification ISO 27001 Toolkit IT Governance IT Governance Framework ITIL IT Security malware MSP networking sites NHS PCI DSS personal data phishing Prince2 sarbanes-oxley security breaches SOX spam Training USB Sticks viruses White Collar Crime wireless
Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit Copyright © 2022.