Tag Archives: Data Security

TDSi’s Ian Hoare gains Master’s degree from Bournemouth University

Integrated security manufacturer TDSi has announced that its software analyst and developer Ian Hoare has graduated with a Master’s degree in Cyber Security and Human Factors from Bournemouth University. Hoare’s qualification demonstrates the company’s continued commitment to research, education and training.

TDSi’s managing director John Davies commented: “We’re very proud that Ian has earned his Master’s degree, having worked extremely hard to study alongside his role at TDSi. As a company, we champion education and training as it benefits not only the person and the business, but also the security industry as a whole.”

Hoare elaborated on the significance of his new degree for his role at TDSi. “This new qualification demonstrates that I’m up-to-date with the very latest advances in cloud computing and online security. The TDSi team is always at the forefront of secure software for the modern world, but we’re keen to illustrate this with Continuing Professional Development, giving additional confidence to our customers that all has been done to secure their data.”

Ian Graduation 2017

Ian Hoare of TDSi

As part of his graduation process, Hoare produced a dissertation that examines the secure development life-cycle and how it can fit into the agile development process. He commented: “The Agile development process doesn’t allow for any security processes. There’s an argument that it shouldn’t, as it’s an overhead of the initial development.”

Hoare concluded: “However, it’s important to identify and mitigate vulnerabilities within the system, as the financial costs are far greater if vulnerabilities are found after the product is released. This is even more important with the EU’s looming General Data Protection Regulation, which comes into force in May next year.”

Hoare’s Master’s in Cyber Security and Human Factors is just part of an ongoing process of training and research. He concluded: “The cloud environment is continuously changing, with new threats evolving. It’s vital to use this knowledge now and to continuously keep this learning and information updated as technology and security needs evolve.”

Advertisements

Leave a comment

Filed under Risk UK News

Bored and distracted employees “could be biggest data security risk” warns Centrify

Employees who become distracted at work are more likely to be the cause of human error and a potential security risk. That’s according to a ‘snapshot’ poll conducted by Centrify.

While more than a third (35%) of survey respondents cite distraction and boredom as the main cause of human error, other causes include heavy workloads (19%), excessive policies and compliance regulations (5%), social media (5%) and password sharing (4%). Poor management is also highlighted by 11% of security professionals, while 8% believe human error is caused by not recognising data security responsibilities at work.

According to the survey, which examines how human error might lead to data security risks within organisations, over half (57%) of respondents believe businesses will eventually trust technology enough to replace employees as a way of avoiding human error in the workplace.

CentrifyDataSecurity

Despite the potential risks of human error at work, however, nearly three-quarters (74%) of respondents feel that it’s the responsibility of the employee, rather than technology, to ensure that the host company avoids a potential data breach.

“It’s interesting that the majority of security professionals we surveyed are confident that businesses will trust technology enough to replace people so that fewer mistakes are made at work, yet on the other hand firmly put the responsibility for data security in the hands of employees rather than technology,” commented Andy Heather, vice-president and managing director at Centrify EMEA.

“It seems that we as employees are both responsible and responsible: responsible for making mistakes and responsible for avoiding a potential data breach. It shows just how aware we need to be at work about what we do and how we behave when it comes to our work practices in general and our security practices in particular.”

Leave a comment

Filed under Risk UK News

Criminals target UK’s youth as cases of identity fraud increase

Cifas, the UK’s leading fraud prevention service, has released new figures showing a 52% rise in young identity fraud victims in the UK. In 2015, just under 24,000 (23,959) people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures have been published on the same day as a new short film, entitled ‘Data to Go’, is launched online to raise awareness of this type of fraud. Shot in a London coffee shop in March this year, the film uses hidden cameras to capture baffled reactions from people caught in a stunt where their personal data, all found on public websites, is revealed to them live on a coffee cup.

Identity fraud happens when a fraudster pretends to be an innocent individual to buy a product or take out a loan in their name. Often, victims don’t even realise that they’ve been targeted until a bill arrives for something they didn’t buy or they experience problems with their credit rating.

IdentityTheftNew

To carry out this kind of fraud successfully, fraudsters usually have access to their victim’s personal information such as name, date of birth, address, their bank details and information on who they hold accounts with. Fraudsters gain such detail in a variety of ways, including through hacking and data loss, as well as using social media to put the pieces of someone’s identity together. 86% of all identity frauds in 2015 were perpetrated online.

People of all ages can be at risk of identity fraud, but with growing numbers of young people falling victim, Cifas is calling for better education around fraud and financial crime.

Fraudsters are opportunists

Simon Dukes, CEO of Cifas, said: “Fraudsters are opportunists. As banks and lenders have become more adept at detecting false identities, so the fraudsters have instead focused on stealing and using genuine people’s details. Society, Government and industry all have a role to play in preventing fraud. However, our concern is that the lack of awareness about identity fraud is making it even easier for fraudsters to obtain the information they need.”

Dukes continued: “The likes of Facebook, Twitter, LinkedIn and other online platforms are much more than just social media sites – they’re now a hunting ground for identity thieves. We’re urging people to check their privacy settings today and think twice about what information they share. Social media is fantastic, and the way we live our lives online gives us huge opportunities. Taking a few simple steps will help us to enjoy the benefits while reducing the risks. To a fraudster, the information we put online is a goldmine.”

IdentityTheftSign

Commander Chris Greany, the City of London Police’s national co-ordinator for economic crime, added: “We’ve known for some time that identity fraud has become the engine that drives much of today’s criminality, and so it’s vitally important that people keep their personal information safe and secure. In the fight against fraud, education is key and it’s great that Cifas and its members are taking identity fraud seriously and working together to raise awareness of how the issue is now increasingly affecting young people through the launch of this film.”

As part of the campaign, Cifas commissioned a survey with Britain Thinks to find out more about 18-24 year olds’ attitudes towards personal data and identity fraud. The survey found that young people are alarmingly unaware that they’re at risk:

  • Only 34% of 18-24 year olds say they learned about online security when they were at school
  • 50% of the 18-24 year olds surveyed believe they would never fall for an online scam (compared to the national average of 37%)
  • Only 57% of 18-24 year olds report thinking about how secure their personal details are online (compared to 73% for the population as a whole)

They’re also less likely to install anti-virus software on their mobile phone than the national average (27% compared to 37%).

Organisations such as the City of London Police, Action Fraud, Get Safe Online, Her Majesty’s Government’s Cyber Streetwise campaign, Financial Fraud Action UK and Cifas members including Coventry Building Society, BT and Secure Trust Bank are all supporting the campaign and sharing the new film across their social media networks.

Cifas is also appealing to youth organisations, schools and universities to share the film so it reaches as many young people as possible.

Leave a comment

Filed under Risk UK News, Uncategorized

Jacksons Fencing shortlisted for Data Centre Physical Security and Fire Suppression Product of the Year category at coveted DCS Awards

Jacksons Fencing (one of the UK’s leading designers, manufacturers and installers of security fencing and access control systems) has been shortlisted as a finalist in the hotly-contested Data Centre Physical Security and Fire Suppression Product of the Year category at this year’s DCS Awards.

The DCS Awards were created to acknowledge and reward product designers, manufacturers, suppliers and providers operating in the Data Centre arena. They recognise the achievements of solution vendors and their business partners alike and, in 2016, encompass a wider range of both facilities and IT categories than ever before.

Print

The product selected by the panel is the Trident Jakoustic 3, an LPS 1175-certified perimeter fence designed, developed and manufactured by Jacksons Fencing. It’s the only timber-based fencing system that combines certified security ratings with acoustic barrier properties, and was designed specifically for sensitive applications where privacy, a discrete appearance and maximum protection against unauthorised access by cutting through, burrowing under and scaling over is required.

What makes Trident Jakoustic 3 ideal for applications in and around Data Centres is that it offers up to a 28 dB reduction in noise entering or migrating from a site. This is an important factor for a business operating 24/7, 365 days a year where generators for UPS and HVAC play an integral part in site operations.

Peter Jackson, CEO of Jacksons Fencing, commented: “It’s great to be recognised in the DCS Awards. It’s proof that, even in the Internet of Things obsessed world of data security, there’s recognition of the fact that, if you cannot protect the perimeter and manage access, you leave your facility, its staff and assets vulnerable to attack.”

*To cast your vote for Jacksons Fencing visit: http://www.dcsawards.com/voting.php 

**Voting closes on Friday 22 April

Leave a comment

Filed under Risk UK News, Uncategorized

Lenel introduces Lite version of OnGuard WATCH for visualisation of critical security data

Lenel Systems International has announced the launch of OnGuard WATCH Lite 1.0 across Europe, Middle East and Africa. WATCH Lite is a free version of the comprehensive, web-based dashboard tool for OnGuard system users.

The dashboard discovers and presents security data to security and IT professionals in a whole new way, enabling them to visualise the information at once to allow for quicker decisions rather than having to scan multiple reports.

OnGuard WATCH Lite places actionable information at the fingertips of key personnel. Users can monitor OnGuard system information through one graphical and intuitive interface to more efficiently manage the OnGuard system.

“OnGuard WATCH Lite is a great way for existing end users to develop a flavour of the benefits of this new dashboard,” said James Wheeler, regional sales director for Lenel in the UK. “It helps them visualise important security data and develop an overall snapshot of OnGuard system performance. It only takes a matter of seconds to understand system health. Additionally, it gives the user a view into the new look and feel of the next generation of OnGuard systems, as well as underlying technologies such as the new Lenel Services Platform and browser support.”

With OnGuard WATCH Lite, end users can quickly view:

  • Total counts of access panels, readers, inputs, outputs, card holders, active badges, visitors and visits
  • Basic system information about OnGuard and the Windows operating system, SQL server versions and service packs
  • Database back-up details
  • New badges created per day
  • Alarms generated per day
  • System performance (such as CPU, memory usage, hard drive and peak usage)
  • Error logs

For additional ease of use, the date range can display a few days, months or years of captured data while deeper analysis may be conducted into hours and minutes.

OnGuard WATCH Lite is free for customers with a valid software upgrade and support plan and also available as a free 90-day trial for customers without a support plan.

The full version of OnGuard WATCH will be available later this year through Lenel value-added resellers.

*For more detailed information visit: www.lenel.com

Leave a comment

Filed under Risk UK News

KPMG on cyber crime in 2015: ‘This time it’s personal’

‘This time it’s personal’ will be the motto of 2015 as cyber criminals are predicted to become more selective in the way that they target victims.

According to Stephen Bonner, a partner in KPMG’s cyber security practice, the next 12 months will see criminals move away from mass spear-fishing tactics in favour of highly-targeted ‘campaigns’ based on the data trail people leave in their online lives.

“Over the past year, the Internet of Things took its first tentative steps into the mainstream,” said Bonner, “but consumers’ willingness to adopt the latest trend has come at a price. Their desire to be seen has overtaken their desire to be secure, meaning that we can expect organised crime to find new ways in which to make money in our increasingly digitised society.”

Bonner continued: “It’s possible that our willingness to share and shop online will let criminals become more selective about who they target. They will not need to maintain the current ‘hit and hope’ approach of spear phishing, instead only attacking specific users and computers based on the data these give away about their owners.”

According to Bonner, the result will be a business world in which cyber protection matures and where Governments come together to improve ways in which confidential data is secured.

The next 12 months will see criminals move away from mass spear-fishing tactics in favour of highly targeted ‘campaigns’ based on the data trail people leave in their online lives

The next 12 months will see criminals move away from mass spear-fishing tactics in favour of highly targeted ‘campaigns’ based on the data trail people leave in their online lives

“2014 may have been a year in which hardly any time went by without news of a cyber attack,” asserted Bonner, “and the next 12 months will be no different. This time, however, third party assurance will become a burgeoning industry as firms seek to protect themselves against lawsuits for loss of data or revenue. As part of this, my hope is that EU Governments will reach agreement on data protection legislation in a post-Snowden world and implement a data breach disclosure regime.”

In conclusion, Bonner explained: “Ultimately, cyber defence will be akin to a game of whack-a-mole with more emphasis on spotting attacks, more sharing of intelligence in near real-time and enhanced efforts by companies and Governments to counter and disrupt cyber attacks as quickly as they can. However, to win the game a change in mindset is needed, with security teams necessarily having to reinvent themselves by engaging with the business to really understand its priorities and justify the budget, in turn ensuring that their efforts are focused on defending key business assets while being seen as an enabler for doing business in the digital world.”

Leave a comment

Filed under Risk UK News

UK businesses “sleepwalking” into reputational time bomb

According to research conducted by BSI, the business standards company, UK businesses are at risk of sleepwalking into a reputational time bomb due to a lack of awareness on how to protect their data assets. As cyber hackers become more complex and sophisticated in their methods, UK organisations are being urged to strengthen their security systems in order to protect both themselves and consumers.

The BSI survey of IT decision-makers1 finds that cyber security is a growing concern, with over half (56%) of UK businesses being more concerned about this issue than was the case 12 months ago. Seven-in-10 (70%) attribute this to hackers becoming more skilled and better at targeting businesses.

However, while the majority (98%) of organisations have taken steps to minimise risks to their information security, only 12% are extremely confident about the security measures they have in place to defend against these attacks.

Worryingly, IT directors appear to have accepted the risks posed to their information security, with nine-in-10 (91%) admitting their organisation has been the victim of a cyber attack at some point. Around half have experienced an attempted hack and/or suffered from malware (49% in both instances). Around four-in-ten (42%) have experienced the installation of unauthorised software by trusted insiders, while nearly one third (30%) report having suffered from a loss of confidential information.

Managing risks: key to protecting data assets

Despite confidence in the security measures they have in place, three-in-five (60%) of those organisations surveyed have not provided staff with information security training. Over a third (37%) haven’t installed anti-virus software and only just under half (49%) monitor their user’s access to applications, computers and software.

Conversely, organisations that have implemented ISO 27001 – the international Information Security Management System Standard – are more conscious about potential cyber attacks than those who haven’t (56% versus 12%). As such, 52% of organisations with ISO 27001 already implemented are extremely confident about their level of resilience against the latest methods of cyber hacking.

Maureen Sumner Smith: UK managing director at BSI

Maureen Sumner Smith: UK managing director at BSI

“The research reveals that businesses who can identify threats are more aware of them,” said Mike Edwards, information security specialist and tutor at BSI. “Our experience confirms this. We know that organisations with ISO 27001 in place can better identify the threats and vulnerabilities posed to their information security and put in place appropriate controls designed to manage and mitigate risk.”

Consumers looking to organisations that go ‘above and beyond’

As consumers are now spending more and more of their time and money online, so their vulnerability to cyber attacks is increasing. A recent survey2 showed that nearly half of consumers questioned had suffered from a cyber attack/crime event, yet only 4% have stopped using online services to reduce the risks.

Consumers are looking to companies for protection, who in turn need to safeguard themselves and their customers’ data. However, there’s an inherent lack of trust from consumers on how their data is handled by organisations, with one third of those questioned admitting they don’t trust organisations with their data.

On the other hand, there’s a level of acceptance that nothing online will ever be wholly safe, leading to a false sense of security that: ‘This will not happen to me’ among those who have not suffered from a cyber attack/crime.

Maureen Sumner Smith, UK managing director at BSI, explained: “Consumers want their information to be confidential and not shared or sold. Those who want to be reassured that their data is safe and secure are looking to organisations willing to go the extra mile to protect and look after their data.”

Sumner Smith continued: “Best Practice security frameworks, such as ISO 27001 and easily recognisable consumer icons like the BSI Kitemark for Secure Digital Transactions can help organisations benefit from increased sales, fewer security breaches and protected reputations. Our research shows that the onus is very much on businesses to wake up and take responsibility if they want to continue to be profitable and protect their brand reputations.”

References
1Research interviews conducted with 200 IT decision-makers in UK businesses employing between 250 and 1,000 members of staff. Interviews carried out in October 2014 by Vanson Bourne
2Consumer research involving 1,589 UK adults. Conducted in September 2014 by Opinion Matters

Leave a comment

Filed under Risk UK News