How did the sector react to the findings? What, if anything, has actually happened as a result — and one month later, what exactly have we learned? Despite the pandemic accelerating the importance of cyber security, less than half of global business leaders and employees can name their CISO, a new report finds.
By Rene Millman. Online and offline criminals are mimicking big businesses, setting up corporate structures and offices to make operations more efficient and to act as cover.
Organised crime researcher, lecturer and consultant Chris Allen explains that this level of sophistication means we all need to be wary. How vulnerabilities are discovered, disclosed and dispatched makes a significant difference to risk management.
Mark Mayne investigates…. Owanate Bestman is a cybersecurity specialist recruiter with first-hand experience of creating gender-balanced security departments. In the second of a two-part series looking into how cybercriminals operate organised crime consultant, lecturer and researcher Chris Allen looks at how the dark markets actually work and whether you can mitigate…. In the first of a two-part series looking into how cybercriminals operate, organised crime consultant, lecturer and researcher Chris Allen looks at how and why people become cybercriminals and what we can do to stop them….
The process of signing and signatures has always been susceptible to fraud but as technology has progressed, the act of signing has become far more secure than in the past, to the point where wet signatures can be considered more risky compared to digital signatures, especially in the context of remote business. In this long-read article, in association with Entrust, we look at why digital signatures are so paramount for security, and the connection it has with PKI.
Should your organisation adopt an Avengers-style strategy to security to stand the best chance of countering emerging cyber threats? Davey Winder has been speaking to industry experts who think that psychologists, spooks, and scientists hold the key to locking down your cybersecurity defences. Chris Allen, organised crime researcher, lecturer and consultant, picks five must-reads for any cybersecurity professional.
Sensors reported a staggering So… SC Media spoke to seven industry experts for their thoughts on the biggest challenges in cybersecurity this year and what businesses can do to protect themselves.
Covid changed everything in the real and virtual worlds. Organised crime researcher, lecturer and consultant Chris Allen examines how cybercriminals are taking advantage of the turmoil … how you can best protect your business. Your most valuable assets — your executives — are also a criminal's most potent weapons. The NHS is slowly replacing old, vulnerable technology, a new report reveals. How do you keep complex systems up-to-date?
How do you balance the importance of patching with the risk of disruption? And when does fit-for-purpose become dangerously outdated? But is it all doom and gloom when it comes to Brexit and cyber security? Organised crime researcher, lecturer and consultant Chris Allen takes a look at potential positive outcomes for UK businesses — in the second of this two-part Brexit series ….
Why CISOs must turn to crisis management strategy to repair data-breach reputations. Here are three essential rules…. There are plenty more Phish in the sea. Phishing is getting cuter, smarter and our businesses more vulnerable. Billions of Bluetooth devices are vulnerable to attack according to new research, leaving business data on mobile devices and IoT systems open to compromise by attackers.
Being aware of this is one thing, successfully protecting is a whole other challenge…. Part one: The evolving ransomware threat surface and response strategy. Heavily downloaded, built at speed in the middle of a pandemic… should you feel comfortable recommending to staff they download the new track-and-trace app — or does the cyber-risk outweigh the virus gain?
SC Media sent Davey Winder to investigate…. Chris Allen, consultant, lecturer and researcher in organised crime, digs into the rogue state… and offers some advice on mitigating your North Korean risk. Paul Rummery is a consultant for SecureNet Consulting, a collaborative network of IT professionals helping SMB and enterprise organisations with technical support, cybersecurity, infrastructure and data protection services.
Chris Allen, consultant, lecturer and researcher in organised crime, has seen ransomware explode in this year of the pandemic… and has a sustainable answer to avoid payment. The Boothole bug has shone a light on just how easy it is to take over systems when they are starting up: this has become a battleground of heightened risk for CISOs, we need to pay attention.
Chris Allen, consultant, lecturer and researcher in organised crime, assesses the extent of the threat posed by Chinese telecommunications giant Huawei — and from China as a whole. Trying to solve the ongoing shortage of cybersecurity professionals requires fresh thinking. Chris Allen, consultant, lecturer and researcher in organised crime, examines the impact of the delayed release of the Russian Report on the world of business.
The SC Europe Awards celebrate the companies, products and people that excel in cybersecurity. The Twitter hack exposes the need to do more to protect employees from social-engineering attacks. The Mimecast Threat Intelligence team team analysed key trends in malware, impersonation attacks and email phishing since the beginning of the COVID crisis. In this article you will discover the findings as well as the steps that your organisation can take to minimise risk and increase cyber awareness.
By signing up to SC Media UK, you will benefit from our regularly distributed SC Newswire bulletin, plus have access to content from industry-leading partners. Learn more about how we use your information when accessing sponsored content. Sign In. How to make the most of cyber apprenticeships. Three things I had to learn to thrive from a mid-career change. Three random words: how to mitigate growing password threats. How to make your life easier and your security better: neurodiverse thinking.
Five ways to see if your staff security training actually works. Three ways to get procurement on board. The six things you need to know about John McAfee. The end of the beginning: remote working essentials. Special podcast episode 3: how you can secure the cloud.
The end of the beginning: the future of work… and us. Special podcast episode 1: Detection and response — building proactive capability. The warring brothers: five ways security and IT teams can heal the rift.
Special podcast episode 4: Think like a baddie. Women in cybersecurity: five ways you can promote diversity. Ransomware the truth behind ransomware payments. New reality. New threats. And new possibilities in cybersecurity. Ransomware criminal business models and payment realities. More SolarWinds-style attack are imminent: what you need to know. How you can help more women study cyber security.
Making ransomware payments illegal: the nuclear option. Why you need to keep a close eye on MSP security. How to reduce fraud: cooperation and a dedicated strategy. How to inspire gender balance and diverse thinking in cyber. Change that. Know your enemy 3: Cybercrime Inc. The lifecycle of vulnerabilities: why timing is everything. How to recruit, retain and make diverse talent flourish.
Know your enemy: shining a light on the dark web. Know your enemy: how to become a cybercriminal. Everything you need to know about digital signatures. People matter: the key ingredient to a resilience mindset. One of the biggest concerns for the security sector is the truly exponential growth of the Internet of Things, and the Industrial Internet of Things, increasing the attack surface to include everything from previously isolated industrial processes to everyday consumer appliances.
Anything that connects to the internet is potentially hackable, so what solutions are there that organisations and their key employees can deploy to minimise and mitigate the threat posed by myriad connected devices? Privileged users can have the keys to the kingdom. So impersonating them and taking control of their access is a key target for attack groups, from criminals to nation states. Hence ramped up versions of identity and access control, network segmentation tools, and approaches to outsourcing and third parties are appropriate here, where they may have been considered too cumbersome for the average user.
Yet these, often senior, users are just as resistant to friction as any other, so how do you reduce reliance on trust while still letting people do their job? There have long been regulatory compliance tools, but they have been thrust to the fore in the cyber-security sphere in the wake of GDPR, though this category encompasses other regulations and compliance requirements relevant to cyber-security and GRC teams. Solutions can be software, algorithms, or other innovative approaches that aid companies so that they know their compliance requirements, or prevent, identify, or remediate non-compliance.
Security information and event management SIEM tools are used to collect, aggregate and correlate log data for unified analysis and reporting. Typically, these tools can take logs from a large number of sources, normalise them and build a database that allows detailed reporting and analysis. While forensic analysis of network events may be a feature of a SIEM, it is not the only feature, nor is it the primary focus of the tool.
Contenders in this category should help cyber-security teams research and analyse cyber-crime and other threat trends and any technical developments being made by those engaging in cybercriminal activity against both private and public entities. These technologies facilitate the understanding and contextual relevance of various types of data, often an overwhelming amount, collected from internal network devices, as well as from external sources such as open source tools, social media platforms, the dark web and more.
Armed with these more digestible analysis on risks and cyber-threats, cyber-security teams should be able to enhance their tactical plans preparing for and reacting to an infrastructure intrusion prior to, during and after an attack, ultimately improving their overall security posture so their long-term security strategy is more predictive rather than simply reactive.
From big data analysis, dealing with millions of logs, to cutting edge analytics, cyber security is moving closer to Artificial Intelligence and driving potential use-cases for deployment. Machine learning should be more than automating manual tasks, but should apply logic to infer conditions and courses of action; AI is currently referring to machine learning from unstructured data, and while other definitions will be considered, judges will be alert to hype exceeding reality in this cutting edge area.
Support as well as service of products and services sold are critical components of any contract. What cutting-edge technologies are bursting onto the scene to address the newest information security needs facing organisations with some innovative capabilities? This new category welcomes both new vendors and old pros looking to provide products and services that look to help shape the future by addressing fast-evolving threats through the creation of these types of offerings. The product must have been launched not more than 18 months prior to entry, and entries should have some customers available who can act as references.
This includes tools and services from all product sectors specifically designed to meet the requirements of large enterprises.
These products measure, analyse and report risk, as well as enforce and update configuration policies within the enterprise, including but not limited to network, encryption, software and hardware devices. Nominees should be the tried-and-true, longer-standing companies which have been offering products and services to customers for at least three years. Nominations can come from all sectors. This includes tools and services from all product sectors specifically designed to meet the requirements of small- to mid-sized businesses.
Entrants should include companies and organisations that offer such training without the requirement or need to secure any particular professional certification, as well as certification programmes that may or may not provide training. Programmes typically are defined as professional industry groups offering certifications to IT security professionals wishing to receive educational experience and credentials.
Entrants can include organisations in the industry granting certifications for the training and knowledge they provide. Contenders should only include teams from end-user companies that have executed and are managing exceptional and strong security programmes, which they have built from virtually nonexistent ones. However, vendors may nominate the team at an end-user customer and SC will follow up to confirm that they wish to enter and submit an application.
The Cybersecurity Newcomer of the Year award is a new category that has been introduced to highlight and commend the cyber generation of the future. This award is focused on acknowledging those who are bringing fresh innovation, ideas and influence to the infosec sector.
In theory cyber-security is a results-oriented industry where no one notices your age, sex, background or other characteristics not relevant to your ability to deliver. This award recognises the women leaders who are paving the way in the industry and challenging the status quo. This award will recognise women for their professional success, community involvement and leadership roles in the fields of Information Security, Risk Management and Privacy.
This award commends the standout champions who have led best-in-class programmes of IT security. Whatever the company size that they represent, they have demonstrated to peers and stakeholders at every level, the importance of sound security strategy and implementation. Their planning and execution of a balanced tech and people-led approach will be demonstrably clear from projects and delivery. The judges will choose one standout winner from this list. This coveted award is chosen by the editor alone, and commends a trendsetting, authoritative and outstanding company who has led the charge in reshaping and innovating security strategy in a changed post-pandemic world.
This exceptional award will be chosen by the editorial team and will commend a lifetime of service, innovation and influence within the cybersecurity field. This commendation is for those who have truly gone above and beyond and will leave behind a changed — and bettered — cyber landscape as a legacy. The SC Awards Europe have truly established themselves as the most prestigious awards in the cyber-security sector. Entering the Awards gives you the opportunity to differentiate yourself as the best in the industry and get credibility from the leading brand in the profession - SC Media UK.
Our prestigious judging panel consists of industry thought leaders who will review and determine what products, companies and people are exemplifying best practice and the highest standards the industry can offer.
If shortlisted benefit from exposure for your projects on the awards website. Being able to classify yourselves globally as an award winning company is invaluable. A fantastic way to recognise all the hard work of your team - make sure to get their thoughts and ideas when you are putting your entries together to let them know the value of all the work they have been doing.
When writing your entries it allows you to evaluate your work from a different perspective, as well as introduce and publicise your new ideas to the industry - benchmarking yourself against your competition and making your work stand out. It is now more important than ever to focus on the positives on what your teams have been doing to combat an unprecedented challenge. Showcase and champion the astounding achievements and raise morale! SC Media UK is the leading information resource for cyber-security professionals in the UK and Europe, who need knowledge on IT security strategies, data protection best practices, government regulations and current IT security technologies.
Well-regarded in the industry for providing up-to-date news, comprehensive analysis, cutting-edge features, expert contributions and the best, most extensive collection of product reviews in the business, SC has readily advanced its editorial offerings over time to supplement its award-winning print and digital media.
E: [email protected]. Excellence Awards - Threat Solutions Best Authentication Technology Products here provide enhanced security to end-users or devices by offering credentials for access to an authenticator or authentication server. Best Communications Security Solution Products in this category deal with not only a collapsing perimeter, but also consumer-owned and controlled devices being used to get at corporate resources. Best Email Security Solution Email security addresses the ability to exchange email messages with assurance, as well as the ability to filter email messages based on content, source or other criteria.
Best Endpoint Security While the emphasis has moved from protect to detect, its not time to take down the barriers, and strength in depth re. Best Incident Response Solution The faster and more effectively you respond to an incident, the shorter time you give attackers to steal from or do damage on your systems.
0コメント