Cyber Security Practitioner

Volume: 1 Issue: 5
(August 2015)


News

Jonathan Lloyd-White, Director of Security and Information at the UK’s HM Revenue and Customs (‘HMRC’), confirmed at a July conference on ‘Cyber security: assurance, resilience and response,’ organised by think tank Reform, details surrounding the information security practices being adopted by HMRC, including the non-ministerial department’s new phishing training programme and the launch of a new Cyber Security Command Centre. / read more

The Online Trust Alliance (‘OTA’) published, on 11 August, its draft Internet of Things Trust Framework. According to the OTA, the draft Framework is, ‘the first global, multi-stakeholder effort to address IoT risks comprehensively’ and is intended to assist manufacturers, developers and retailers who are developing or marketing connected devices relating to home automation and wearables. / read more

The Prudential Regulatory Authority (‘PRA’) sent questionnaires about ‘cyber resilience’ to UK insurers on 10 August, with the questions designed to enable the PRA to understand insurers’ cyber security governance arrangements, capabilities and their role in underwriting cyber insurance. / read more


Features

The Ashley Madison breach and data dump ought to be the cyber security story that finally makes political and business leaders understand that they can’t be glib about these topics any more. The impacts of the breach are obvious. Think about the family situations that have been ruined. There are children whose childhoods will be robbed as their parents crash into divorce. I dread to think what some of the victims may do. It doesn’t need typing out. / read more

Klaus Beucher and Anupreet Singh Amole of Freshfields Bruckhaus Deringer LLP, in this article, analyse cyber security as a risk factor that buyers and their advisers must consider in a business’ M&A process, given that substantial targets will inevitably rely on IT systems to some degree. While businesses are typically very much aware of cyber security risks, whether they take action on them during the M&A approach may be a different matter. Klaus and Anupreet discuss the role of due diligence in addressing cyber security during M&A activities. / read more

Despite its place in many cyber security toolkits, penetration testing has a perhaps surprising lack of agreed standards or best practice. BSI and Security Lancaster collaborated to investigate standardisation in this area and put forward recommendations for penetration testing standards. Tim McGarr, Market Development Manager at BSI, and William Knowles and Dr Alistair Baron of Lancaster University discuss the research conducted and the outcomes so far. / read more

With the release on 2 July of its Cyber Security Strategy 2015-17, Ireland has taken an important step forward in advancing its cyber security agenda. The Strategy contains a number of provisions, including relating to legislation concerning cyber security; for example the Irish government through the Strategy makes clear that it will soon ratify the Budapest Convention. The objectives and initiatives found within the Strategy will be of note to businesses with operations in Ireland, which as Ireland’s Government is keenly aware, includes many global technology and internet-born companies. Adam Finlay, Partner at McCann FitzGerald assesses the Strategy and what it means for Ireland’s cyber security landscape. / read more

Yuval Malachi, Co-Founder and CTO of deception technology solutions provider TrapX, argues that in today’s cyber security landscape, the legacy information security tools available to companies are failing to counter the threats organisations face, and points to the development of deception technology as an alternative means of defence. In this article, Yuval explains the evolving threats faced by organisations and how deception technology can assist companies in bolstering their cyber defences. / read more

It’s no surprise that cloud services have increased in popularity over the past few years and are continuing to do so. Whether organisations are using cloud services to store data, host internet services or simply transport files from one machine to another, the benefits are clear. This increase in popularity was highlighted in July by Alibaba announcing that it would make a $1 billion investment on expansion into the market1. / read more

With the prevalence of cyber threats being discussed on a daily basis in the world’s media, it is common to hear certain terms - such as ‘drive-by attack,’ ‘hacktivist’ and ‘DDoS’ - used again and again but often with little in the way of explanation of what these terms actually comprise. To begin to rectify this, Rachel J Mullan of the Cyber Threat Detection & Response team at PwC in London presents a taxonomy of cyber threats and explains the meaning behind eleven such terms. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed