What was that about insider risk?

I think I might have mentioned recently that your main cyber risk is your own staff,  and that it's more often carelessness than ill intentions. Apparently I was being clairvoyant again: yesterday Boeing notified the regulator that an employee had accidentally sent out the personal details of 36,000 staff in an email to his wife.  Now Boeing has to pay for … Continue reading What was that about insider risk?

Stop saying yes

We learned last year that the Russian Carbanak hacking group were planning to target hospitality businesses. We learned this week that they’re succeeding, and extracting ransom (or causing disruption) at luxury hotels all over the place, including in Britain. What incredibly sophisticated technique are they using to penetrate security? Are there basements full of hollow-eyed … Continue reading Stop saying yes

What can you learn from the Yahoo! hack?

So, Yahoo! has been hacked, and 500m records abstracted, allegedly by a “state-sponsored” agency. Apart from worrying what you might have kept on Yahoo!, and whether using the same password for your social media account and your bank account was really a good idea, what does this mean for you? First off it’s a reminder … Continue reading What can you learn from the Yahoo! hack?

In or out – the tech perspective

Bremain or Brexit? This isn’t a political blog, but it’s worth reminding ourselves of June 23rd’s implications for IT & cyber-security. Privacy and personal data Even if we leave the EU, we’ll still have to implement the General Data Protection Regulation, only to have to re-invent it later. If we want to trade with the … Continue reading In or out – the tech perspective