Tesco Bank suffer the largest ever FCA fine for cyber attack 16th November 2018 Tesco Personal Finance plc (Tesco Bank) has been fined £16,400,000 by the Financial Conduct Authority (FCA) for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber attack in 2016. Deficient cyber…
DNS gives hackers global access to all internet devices 16th November 2018 The Domain Name System (DNS) has been an essential component of the functionality of the Internet since 1985. This remarkable technology enables internet services and the World Wide Web to be globally available to billions of users. DNS acts as the ‘internet phone…
Why is DDoS attack a major cyber threat? 8th November 2018 Distributed denial-of-service (DDoS) cyber attacks remain a significant threat to any organisation that uses a web site or web application to deliver its services. The Arbor Networks 2018 Worldwide Infrastructure Security Report confirms that a total of 7.5 million DDoS attacks were executed in…
16% of top 50 UK law firms don’t have secure website 2nd November 2018 A recent survey by Trustify has indicated that 16% of the top 50 law firms in the UK do not have a secure website. Commenting on the survey report, Rachel Moloney from The Lawyer, added that over 10 per cent of…
How secure are your web applications? 31st October 2018 Web applications and web sites deliver accessible and powerful services to consumers and businesses throughout the world. At the heart of modern banking, e-commerce and cloud-based IT provision, they are an attractive and easy target for cyber criminals. In common with all software, web applications contain…
The rise of fileless malware attack 16th October 2018 The first half of 2018 has seen a 94% increase in the number of fileless cyber attacks on global companies who use the endpoint detection and response (EDR) services of SentinelOne. The latest SentinelOne Enterprise Risk Index Report identifies that fileless attacks using PowerShell increased to…
Supply chain cyber security is a priority for law firms 11th October 2018 Cyber security risks associated with the use of third-party suppliers by law firms have been highlighted as a major concern by the UK National Cyber Security Centre. The recent NCSC Cyber Threat Assessment for the UK Legal Sector report confirms that supply…
Private equity firms must measure their portfolio cyber security posture 12th September 2018 Cyber security is increasingly on the agenda of board meetings for successful investment management and private equity companies in the UK. General Partners must ensure they have effective cyber security measures in place in their own firm. They must also have visibility…
Personal data for sale on the Dark Web? 4th September 2018 With the almost daily news of large-scale data privacy breaches resulting from cyber attack, individuals and business owners are increasingly asking, ‘Has my personal data already left the building?’. The scale of personal data theft remains staggering. This is illustrated by T-Mobile announcing that…
Cyber security is a key risk for UK solicitors 29th August 2018 Cyber security has been identified as one of the top ten business issues in the Risk Outlook 2018/19 Report published by the Solicitors Regulation Authority (SRA). The annual SRA risk report is an accurate ‘barometer’ of the commercial and legal challenges faced by…
Cisco highlights huge growth in complexity of future cyber attack 17th August 2018 The Cisco Annual Security Report 2018 highlights the huge growth in the complexity and impact of malware used in cyber attacks. It also identifies the common use of encryption to enhance security is being used by malicious actors as a powerful tool…
16th August 2018 The increasing frequency and severity of cyber attack is now on the agenda of the boardroom of every major global organisation. The appointment of a Chief Information Security Officer (CISO) is essential to ensure the alignment of security measures with enterprise and business objectives. What is a CISO? A Chief Information…
The Internet Crime Complaint Center (IC3) of the FBI is reporting that email-based social engineering attacks were the most commonly reported cybercrime category in the US in 2017. Business e-mail compromise (fake CEO attack) and fake investment scams targeting companies and not for profit organisations resulted in an estimated loss of over $676 million dollars.…
Researchers from Check Point Software have announced at DEF CON 26 that fax machines can be easily used by cyber attackers to breach an IT system. In this age of advanced cyber attack methodologies, it is ironic to be reminded of a wide-spread security vulnerability in a digital technology that’s been used in offices since…
9th August 2018 General Partners in UK private equity firms are under increasing pressure to mitigate the business risks associated with the exponential growth in cyber crime. They also face the burden of complying to strict data security requirements of European regulations which include the General Data Protection Regulation (GDPR) and the Alternative Investment Fund…
As a regular commentator on the cyber security industry, I am frequently surprised at the seeming lack of understanding of what cyber security is and how it can be used by an organisation to truly mitigate the growing risk of cyber attack. This is often demonstrated by the incorrect (and annoying) use of the terms,…
