The ICO issued a £4.4 million monetary penalty notice this week against Interserve. Interserve suffered a cyberattack as a result of breaching the GDPR. INTERSERVE GROUP LIMITED monetary penalty notice (ico.org.uk) It’s worth reading in full. Note particularly how, in …
It is a truism that, in recessions, incidence of crime increases proportionately to the depth of the recession. This is doubly true of cybercrime. Today’s cyber criminals are sophisticated, agile opportunists – and recessions bring them lots of opportunities. Many …
ISO/IEC 27001:2022 is currently due for publication in early October. How different will it be to the current version of the Standard, which has been in use since 2013? Should an organisation delay kicking off an ISO 27001 implementation and …
A slew of reports and surveys released over the weekend reveal the size of the cyber crime challenge faced by today’s organisations. Digital transformation, driven by the pandemic, and the shift to hybrid working, driven by the post-pandemic recovery, both …
If there were a business degree for criminals, I’m sure that the evolution of the ransomware business model would be a key case study. The original concept was elegantly simple: deploy malware onto a target company’s devices, encrypt the hard …
Oracle releases a quarterly Critical Patch Update (CPU) and the most recent, released this April, apparently fixes 390 bugs across the Oracle software suite. 41 vulnerabilities are ranked as critical, five of which achieve a perfect CVSS score of 10. …
Proliferation of phishing scams, aimed at people working from home, demonstrates extent to which cyber criminals systematically exploit vulnerabilities – particularly those that can be socially engineered. With high numbers of people working from home, and the explosion over the …
Published last week, the UK’s Cybersecurity Breaches Survey contains a number of interesting facts. Although it was not surprising that most organisations found that Covid-19 made cyber security harder, it was surprising that the vast majority of organisations still do …
DMARC is a technology that enables responsible organisations to ensure that their domains are not spoofed in phishing attacks. In today’s cyber crime environment, it should be a standard aspect of every organisation’s security configuration. DMARC, however, won’t protect organisations targeted …
Ransomware is not just a type of cyber attack – it is an entire eco-system of supply, facilitated by a legitimate economy that, inadvertently perhaps, keeps the ransomware show on the road: Inside the Ransomware Economy | SecurityWeek.Com. The challenge …