A recent report written by Enterprise Strategy Group (and commissioned by Intel Security), reveals slow responses to cyber-attacks from UK enterprises are leaving companies vulnerable to targeted online crime. This research is one of the latest attempts to persuade IT users to check their defences against cyber-threats and equally importantly to make some investments into dealing with […]
According to the latest article from the SC Magazine in the UK, the latest PCI DSS version 3.1 release has “split the IT security profession” when it comes to deciding how much protection it is really providing the card holder who shops online. The article states: The v3.1 PCI DSS release addresses the well known, and high
PCI DSS v3.1 – how much protection does the new update give online? Read More »
Chris Phillips heads up 2-sec’s Physical Security Consulting Practice and is ex-head of NaCTSO, the UK’s National Counter Terrorism Security Office. He provides his own expert view below on the jewellery heist, the failings of the Hatton Gardens physical security team and what should have been done to prevent the attack. The audacious Hatton Gardens
The Hatton Garden’s Heist – how did the Security Team get it so wrong? Read More »
Researchers with Cisco’s Talos Security Intelligence and Research Group have identified a new point-of-sale (POS) malware family – referred to as ‘PoSeidon’ – that takes steps to maintain persistence and also has mechanisms for updating. The new malware targets POS systems, scrapes the memory of infected machines for payment card information, and exfiltrates the data to servers
PoSeidon Malware – the solution is to take credit card data AWAY from PoS systems Read More »
The PCI Security Standards Council has released brand new guidance to advise businesses how they should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. However, a recent article has been published online by BankInfoSecurity.com (BIS) that appeared to flag up a difference of opinion as to the effectiveness of the new guidance. Whilst one
Debate on the New Guidance from PCI Council – does it go far enough? Read More »
In my role as CEO of 2-sec, I have spoken to many different types of businesses over the last twelve months, mostly about how their organisations are woefully under protected against malware, phishing, social engineering and other hacking tools on the threat landscape. Many of these companies do understand how vulnerable they are to attempted
A Little Voucher Could Make a BIG Difference in the World of Cybersecurity Read More »
There was new research from the Home Office led Cyber Streetwise programme last week. The latest poll shows that only 16% of small businesses in the UK said that improving their cyber-security was a “top priority” for 2015. 66% of businesses “don’t consider their businesses to be vulnerable” and more than three-quarters don’t understand the
Espionage-as-a-service: Brewing up a new threat to UK small businesses. Read More »
There was an interesting bit of research reported recently by the SC UK Magazine. The independent Corporate Executive Programme (CEP) has recently carried out a study into US/UK companies and their attitudes towards cyber-insurance. The results are really thought-provoking. A quarter of all total respondents said that their company had had a “business impacting” cyber
The Growth of Cyber Insurance – can your business survive without it? Read More »
The torrent sharing site Piratebay rose again from the ashes of the internet this month. The site had been shut down in December after a raid at the Nacka station, a nuclear-proof data centre built into a mountain complex near Stockholm, which sounds very James Bond. On 31st January 2015, the site re-emerged, one day
Blocking websites at work…is it essential to your company’s cyber security? Read More »
