For enterprise cyber defence, there should be more than one solution

Enterprises face a dilemma when it comes to defence against today’s modern DDoS attacks: do they trust the surgical precision of an on-premise DDoS protection solution or go with a DDoS cloud scrubbing solution? It’s a tough decision for IT managers to make, as whichever option chosen will be the companies way of protecting themselves from cyberattacks. But, why even choose between the two?

Rooftop Solar Takes Hold in Iraq in the Aftermath of ISIS


Editor’s Picks

The souk, or marketplace, keeps buzzing in Sulaimani, a provincial capital in Iraq’s semi-autonomous Kurdish region, even though the national power grid has just gone off-line. Merchants like Mohamad Romie emerge from shops to fire up their generators or switch over to commercial backup power suppliers.

More security added to Firefox accounts

Mozilla is rolling out support for a two-step authentication process for Firefox Accounts, the credentials system that protects bookmarks, passwords, open tabs and other data synchronized between devices via the Firefox Sync feature.

Backdoors in D-Link’s backyard

“If you want to change the world, start with yourself.” In the case of security research this can be rephrased to: “If you want to make the world safer, start with the smart things in your home.” Or, to be more specific, start with your router – the core of any home network as well as an interesting research object. And that router you got from your ISP as part of your internet contract is even more interesting when it comes to research.

Threat Analyst Insights: Life Without Data

In the context of scoping out research for reports over the years, I’ve occasionally heard the phrase, “I can’t find any data regarding ‘X’.” The person making this statement usually offers it in a spirit of resignation, as if the lack of data signifies a deficiency in their toolset, their methodology, or the research request itself.

Insider Threat Controls: What Are the GDPR Implications?

Now that we’ve very nearly reached the deadline for General Data Protection Regulation (GDPR), insider threat management is more crucial than ever. What is an insider threat? It’s when an insider’s credentials and access are used — either directly by malicious actors or indirectly by criminals with stolen or acquired credentials — to obtain sensitive data from an organization.

10 Best Practices to Secure and Protect Passwords

This year, Verizon outlined in its annual Data Breach Investigations Report that 81 percent of hacking-related data breaches involved either stolen or weak passwords. This means that password protection is a real pain in the neck for security officers at enterprises. They can’t be complacent about the processes and controls they rely on for password management as cyber criminals are continuously improving their hacking strategies. Here is a list of 10 password protection best practices that will help enterprises (or anyone, really) strengthen their security against current threats.

Can Organisations Turn Back Time after a Cyber-Attack?

In the aftermath of a cyber breach, the costs of disruption, downtime and recovery can soon escalate. As we have seen from recent high profile attacks, these costs can have a serious impact on an organisation’s bottom line. Last year, in the wake of the notPetya attack, Maersk, Reckitt Benckiser and FedEx all had to issue warnings that the attacks had cost each company hundreds of millions of dollars. Whilst the full extent is not yet known, it has underlined the financial impact that such breaches can have.   

Data Security and GDPR: You Can’t Protect What You Don’t Know

Last month, I spoke to an audience of sales and marketing professionals at the General Data Protection Regulation (GDPR) Summit in London. I thoroughly enjoyed the experience. My presentation and live demo focused on data security and how basic defense measures can help with several of the key GDPR obligations.

Hackers are exploiting a new zero-day flaw in GPON routers

Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven’t yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerability in the wild.