Posts Categorized: risk

6 Signs Of Poor Cyber Security Health

cyber security

Business owners: is your cyber security health at risk? I can tell you that the bar for cyber security health in many small businesses is very low indeed. There are two important facts I’d like to point out concerning the cyber security health of the nation. Firstly, that the economy consists mostly of smaller businesses, many… Read more »

Balancing Cyber Security Risk & Reward

Cyber Security

Ensuring that the Board understands how cyber security risks affect the business – a challenge for all Non-Executive Directors

5 Constraints To Security Innovation

“We now have a massive security industry, and hacking and data loss is a bigger issue than ever before”   The great thing about the information security field is that it constantly re-invents itself, or at least it tries to. In truth, real innovation is rare, and recyling is common. Developments in information security are… Read more »

Security News Roundup: Can You Hear Me Now?

Sometimes, the price of success is unwanted attention. Witness the apparently stratospheric rise in malware on the Android mobile platform. With mobile usage continuing to explode, coupled with the vast array of valuable data we store and access from our phones, it should come as no surprise that the  bad guys want a piece of… Read more »

Security News Roundup: The Demise Of The Human

With the US version of the RSA conference in full swing this week, we’re pleased to be able to present some signal despite the noise. It turns out that China is being hacked by the US. There, we said it. As they say, it takes two to tango, so we presume this comes as no great… Read more »

7 Security Warning Signals

2011 featured plenty of news about high-profile data loss and cybercriminal activity. And so did 2012. Any guesses for 2013? Some common causes emerge in all of these cases. Poorly managed infrastructure, insecure web applications, and a lack of attention to security procedures are often cited. But how do these conditions arise? How is it… Read more »

Risk Assessment Guidelines Information Supplement

You might be interested to read the recently published output from the PCI Risk Assessment SIG (Special Interest Group). There’s guidance in there on what constitutes a risk assessment process, and what it should cover. The document makes specific reference to PCI DSS requirement 12.1.2: “12.1.2 Includes an annual process that identifies threats, and vulnerabilities,… Read more »