If you cannot view this email please click here

BYOD

Passwords

Hacking Cloud Compliance Reviews



COMPUTING SECURITY AWARDS


COMPUTING SECURITY AWARDS 2016

At a gala night at the Cumberland Hotel in London last month, the 2016 Computing Security Awards took place, celebrating all that is best in our industry.

This was a night to honour the winners, of course, who had come though against fierce opposition to secure their places in the limelight. But it was also a great opportunity to acknowledge all of those organisations and individuals who had fought their way into the finals in their categories, indicating what a wealth of talent and expertise now exists right across our industry - something that is serving to keep businesses safe from the relentless attacks being perpetrated at every turn.

Over the coming months in our newsletters, we will be singling out those who triumphed at the 2016 awards - starting with the three categories shown below.

Anti Spam Solution of the Year

WINNER: LibraESVA - LibraESVA

RUNNER-UP: AVG Technologies - AVG Internet Security Business Edition

main headline

Anti Malware Solution of the Year

WINNER: Malwarebytes - Endpoint Security

RUNNER-UP: Varonis - DatAdvantage and DatAlert

main headline

Auditing/Reporting Solution of the Year

WINNER: Varonis - DatAdvantage

RUNNER-UP: Titania - Nipper Studio

main headline


News


Braking bad and out of control

Researchers have managed to remotely slam on the brakes of a Tesla Model S from 12 miles away, pop the trunk and fold in the side mirror - all while the car was moving.

IT professionals fight back against their assailants

The received wisdom is that European IT security professionals are being subjected to overbearing pressure from adversaries when it comes to dealing with cybersecurity

main headline

Hacked off by the hackers

An online study reveals that people are most worried about credit cards or bank statements being hacked, with 85% in the UK ranking it a top concern, well ahead of the US and Germany (78%).

main headline

New cyber funding for university

The UK government has announced the renewal of funding for the Centre for Doctoral Training (CDT) in Cyber Security at Royal Holloway, University of London

Employees putting organisations at serious risk

An online study suggests organisations are still being exposed to increasingly sophisticated cyber threats posed by social engineering

main headline



Features


Heroes and villains

When it comes to personal data, there are those you can trust to keep it safe - and those who are simply beyond trusting

main headline

The Empire strikes back!

No longer will the UK adopt a reactive position in the face of cybercrime. It will come out, all guns blazing, to take down those that threaten its sovereignty and security


main headline

Battle of wits

Organisations must take responsibility for their security by undertaking due diligence and self-regulation - else they could be the next victims of a data breach

main headline



Product Review


Ixia ThreatARMOR

Enterprises with overwhelmed security services should seriously consider augmenting them with ThreatARMOR

main headline

Phishing Mitigation from SpearSec

Measurement and analysis is central to SpearSec, and there are a wide range of analytics and statistics offered to drive improvement and assess service effectiveness

main headline


Opinion


No soft touch

How exactly can you best manage software verification, and what are the first step towards safe and resilient systems? Dr João Ferreira, a computer scientist working in the School of Computing at Teesside University, offers his insights

main headline

White papers

How to avoid a tangled Web

Web 2.0 aids enterprises in conducting business, but also introduces many damaging risks. Trend Micro offers its insights into Web application vulnerabilities and how to avoid these

Meeting European Data Protection and Security Requirements with CipherCloud Solutions

This white paper investigates how encryption and tokenisation of data can help companies that are subject both to EU data protection and general security laws to adopt cloud-based solutions and remain in legal compliance

Welcome to the December 2016 issue of the Computing Security Newsletter

So, Camelot and Google have become two of the latest big name organisation to suffer a data breach. They are now like ducks at the fairground, waiting to be shot down, it would seem!

Let’s focus on Camelot. Here is the opening of the statement that appeared on its website in the immediate wake of the intrusion:

“On 28 November 2016, as part of our online security monitoring, we became aware of suspicious activity on a very small proportion of our players’ online National Lottery Accounts. We would like to make clear that there has been no unauthorised access to core National Lottery systems or any of our databases, which would affect National Lottery draws or payment of prizes. In addition, no money has been deposited or withdrawn from affected player accounts. We are currently taking all the necessary steps to fully understand what has happened, but we believe that the email address and password used on the National Lottery website may have been stolen from another website where affected players use the same details.”

All well and not so good, but any sense or admission of direct responsibility on the part of Camelot seems to be missing. As Jason Hart, CTO Data Protection at Gemalto, rightly points out, in response to the breach: “Organisations that handle customer data owe it to their customers to roll out more robust authentication procedures, such as one-time passwords and two-factor authentication methods, which can add that extra layer of protection. These measures should be the default setting for any online account and, if this had been the case, this event would have been a non-starter.”

Time and again, we are seeing breaches that need never have taken place. When will the message get through that failure to have in place the right procedures, policies and levels of protection will make a breach all but inevitable?

To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.

Brian Wall, Editor
Computing Security

Follow us :

 

 

 

To unsubscribe click here

Published by: BTC 35 Station Square Petts Wood BR5 1LZ

Tel: +44 (0) 1689 616 000
Fax: +44 ( 0) 1689 826 622