Business continuity planning is a big part of your overall risk management framework – or should be. But if you’ve decided that it’s part of “IT security” and you’ve left it to the IT department, here are the top 5 mistakes you’ve probably made. 1. Continuity is about the whole business There’s no point having … Continue reading Top 5 Business Continuity Mistakes
Say I’m out to get you. I might be a disgruntled employee, or a business rival. What’s my best way of taking your business down? Let’s assume I can gain access to your network – easy enough if I’m an employee, after all. I could leak all your confidential information to your competitors – or … Continue reading How do you destroy a business?
I’ve spent a lot of this year talking about confidentiality. That’s what most people mean when they talk about “cyber-security”: keeping secret stuff secret. Which is, of course, important. But in the security biz we talk about three aspects to security: confidentiality, integrity and availability. Fun fact: we’re told to teach this as availability, integrity … Continue reading Enough about secrecy! What about the other stuff?
A great deal of security writing is about preventing breaches. This seems pretty sensible at first glance – after all, isn’t that what security is? But when you think about it for a little longer, you begin to see some cracks. Let’s just remind ourselves that “cyber”-security is just part of an overall security picture. … Continue reading Is prevention better than cure?
The Russians have allegedly issued an ultimatum to Ukrainian armed forces in the Crimea. If they don’t surrender by 03:00 tomorrow (4th March) the Russians will invade. I stress that this is unconfirmed (source: Reuters) and may well be no more than bluster and sabre-rattling. Still, it gives one pause. How is this relevant to … Continue reading Keeping the lights on