Cyber Sentinel Cyber Security Blog

ISSA WIS SIG Webinar: Opening Doors for Women in the Information Security Field

Save the Date for ISSA’s Women in Security SIG webinar on the theme State of Women in the Information Security Field! 6th April 2015 – 4pm EST, 1pm PST, 9pm BST Please click here to register. After registering, you will receive a confirmation email containing information about joining the webinar. Speaker: Keirsten Williams: Data Security Analyst-PCI Compliance, Conn’s HomePlus […]

ISSA WIS SIG Webinar: Opening Doors for Women in the Information Security Field Read More »

Debate on the New Guidance from PCI Council – does it go far enough?

The PCI Security Standards Council has released brand new guidance to advise businesses how they should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. However, a recent article has been published online by BankInfoSecurity.com (BIS) that appeared to flag up a difference of opinion as to the effectiveness of the new guidance. Whilst one

Debate on the New Guidance from PCI Council – does it go far enough? Read More »

Carbanak requires people, process and tech, but mostly people

The Carbanak malware was injected into the bank targets using sophisticated spear phishing emails. When employees clicked on the email attachments, they downloaded malware onto their computers. The malware used was completely undetectable by anti-malware programs. The malware took advantage of a zero-day exploit to install itself on users’ machines. It lurked for a long

Carbanak requires people, process and tech, but mostly people Read More »

A Little Voucher Could Make a BIG Difference in the World of Cybersecurity

In my role as CEO of 2-sec, I have spoken to many different types of businesses over the last twelve months, mostly about how their organisations are woefully under protected against malware, phishing, social engineering and other hacking tools on the threat landscape. Many of these companies do understand how vulnerable they are to attempted

A Little Voucher Could Make a BIG Difference in the World of Cybersecurity Read More »

Why is POODLE and SSL v3 a problem?

As I’m sure you already know, PCI DSS v3.1 introduces a single change to replace “SSL” with “strong cryptography” in section 4.x. Whilst it might be a single change in PCI DSS, it literally means hundreds of thousands of HTTPS web pages around the world need their underlying web servers reconfiguring to use strong encryption.

Why is POODLE and SSL v3 a problem? Read More »

We are proud to be leading sponsors of ISSA-UK in 2015

As you probably all know, I’ve always been extremely appreciative of my close professional connection with ISSA-UK. (Information Security Systems Association) This year, we are very proud to be leading sponsors of the UK Chapter of ISSA-UK. ISSA is the largest international, not-for-profit association specifically for information security professionals, and the ISSA-UK Chapter is the world’s most successful

We are proud to be leading sponsors of ISSA-UK in 2015 Read More »

Espionage-as-a-service: Brewing up a new threat to UK small businesses.

There was new research from the Home Office led Cyber Streetwise programme last week. The latest poll shows that only 16% of small businesses in the UK said that improving their cyber-security was a “top priority” for 2015. 66% of businesses “don’t consider their businesses to be vulnerable” and more than three-quarters don’t understand the

Espionage-as-a-service: Brewing up a new threat to UK small businesses. Read More »

The Growth of Cyber Insurance – can your business survive without it?

There was an interesting bit of research reported recently by the SC UK Magazine. The independent Corporate Executive Programme (CEP) has recently carried out a study into US/UK companies and their attitudes towards cyber-insurance. The results are really thought-provoking. A quarter of all total respondents said that their company had had a “business impacting” cyber

The Growth of Cyber Insurance – can your business survive without it? Read More »

Blocking websites at work…is it essential to your company’s cyber security?

The torrent sharing site Piratebay rose again from the ashes of the internet this month. The site had been shut down in December after a raid at the Nacka station, a nuclear-proof data centre built into a mountain complex near Stockholm, which sounds very James Bond. On 31st January 2015, the site re-emerged, one day

Blocking websites at work…is it essential to your company’s cyber security? Read More »

The Cyber Sentinel

Start typing and press enter to search