It might sound crazy to the uninitiated, but organisations across the globe pay people to break into their systems and find sensitive information. The reason they do this is simple: to catch a thief, you must think like one. Organisations hire ethical hackers, otherwise …
After a drawn-out investigation, the Irish DPC (Data Protection Commission) has confirmed that it intends to fine Instagram for several data protection violations. And the fine, should it stand, is a big one: €405 million. It’s the second largest penalty …
Insider security threats are a major problem that all organisations face. According to the 2021 Verizon Data Breach Investigations Report, insiders are responsible for 22% of all security incidents. Meanwhile, a Ponemon Institute report found that the average global cost of an insider …
Last week, the European Commission published new draft legislation that attempts to crack down on security vulnerabilities in Internet-connected devices and services. The Cyber Resilience Act will regulate the IoT (Internet of Things), which has been frequently criticised for having …
Cloud computing is a key tool for organisations everywhere, offering a wealth of opportunity to extend IT capabilities and take advantage of innovations. And as more organisations move to remote or hybrid working, Cloud services are more valuable than ever. …
Cyber security researchers have discovered a toolkit for sale on the dark web that allows criminal hackers to bypass MFA (multi-factor authentication) mechanisms and break into organisations’ systems. The toolkit, dubbed ‘EvilProxy’, is available on a subscription basis for up …
Organisations are under increasing pressure to address cyber security, as attacks become more frequent and sophisticated. With traditional measures to protect systems failing, decision makers must rethink their cyber defence strategy. Consider, for example, Cisco’s 2022 Cybersecurity Almanac, which predicts …
The PCI DSS (Payment Card Industry Data Security Standard) contains a set of requirements to help organisations prevent payment card fraud. But did you know that the same requirements don’t apply universally? In fact, there are four PCI compliance levels, …
Welcome to our latest monthly review of cyber attacks and data breaches. In August 2022, we found 112 publicly disclosed security incidents, accounting for 97 million breached records. As ever, you can find the full list of security incidents on our …
New guidance published by the EDPB (European Data Protection Board) is expected to resolve territorial disputes when investigating data protection violations. The EDPB published its Art. 65(1)(a) binding decision on 17 August, following a legal wrangle into a GDPR (General …
