Yearly Archives: 2016

Cyber security in perspective – a look back at 2016

Year 2016

 

 

 

 

 

 

 

 

As we reflect on 2016, there are two stand out events that dwarf every other piece of news this year – the decision of the UK to leave the EU and the election of one Donald J Trump.  Both put cyber security in the spotlight in 2016 for different reasons – from the confusing to the bizarre.

But it wasn’t just the changing political landscape that caught our eye. Many organisations were affected by ransomware attacks and one high profile business discovered just how costly the on-going fall-out from their data breach would turn out to be.

So, let’s look back at 2016 through the cyber security lens of Ascentor. Continue reading “Cyber security in perspective – a look back at 2016” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

How to deliver digital transformation – without the security risk

 

Digital transformation is a major programme for many organisations. The motivation for it varies, but there are some common aspects, namely adopting new technologies to maintain an efficient and effective workforce and engaging with customers to improve the bottom line.

Likewise in the public sector, digital transformation programmes create opportunities for efficiency savings and economies of scale, with new and imaginative ways to deliver services to citizens. But the stakes are high. Get the security wrong and the programme could be the cause of a very public, and very expensive, loss of confidence. Continue reading “How to deliver digital transformation – without the security risk” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

Supply Chain Cyber Security – defeating the weakest link (Part 2)

Cyber chain 2

 

 

 

 

 

 

 

 

In the first part of this blog we created a scenario of just how easy it is to cause a cyber security breach. ‘Brian’ was a contractor with access to the server room. In moments he’d been able to gain access and steal his client’s intellectual property – all without trace. There was a weak link in their supply chain cyber security which he’d found no trouble to exploit.

In Part 2 we introduce a 4 step supply chain cyber security process – and provide links to guidance on supply chain risks and methodologies for assessing an organisation’s security. We also discuss how far down the supply chain you need to manage. Continue reading “Supply Chain Cyber Security – defeating the weakest link (Part 2)” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

The Future of Information Assurance Accreditation

Checkbox on digital screen

 

 

 

 

 

 

 

 

Ascentor’s Paddy Keating attended the SUAC – Accreditors’ Professional Update and Development Event 2016 on 2-3 November 2016. One of the main topics regarded the future of accreditation within government centred on a recent consultation paper entitled Assuring Information Services for Government prepared by the Accreditation Specialism Advisor Group (ASAG).

The paper identified some drivers for change including efficiency, quality and speed but it also identified the underlying problem of accreditation and accreditors themselves having bad press. Here are Paddy’s reflections on the day. Continue reading “The Future of Information Assurance Accreditation” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Cutting through the confusion: GDPR and Brexit

brexit and eu flag on a pc keyboard

 

 

 

 

 

 

 

 

For some time there has been a looming date in the data protection calendar – 25th May 2018. That’s when the GDPR (General Data Protection Regulation) is set to come into force. Organisations across Europe will then be required to comply with tougher rules to prove they actively protect and more explicitly ask to collect personal data. But, for how long?

Thanks to the Brexit vote on June 23rd there’s now a climate of uncertainty over EU regulation compliance and what will happen after the UK leaves the EU. What’s more, 44% of IT professionals in a recent poll indicated they were unaware or only vaguely aware of the new GDPR rules.

So what happens now? The Deputy Information Commissioner Steve Wood says that UK businesses are “caught in a confusing place, between looming EU regulation and Brexit.” Continue reading “Cutting through the confusion: GDPR and Brexit” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ransomware and Large Enterprises – a defence-in-depth strategy

Ransomware antivirus immunization word cloud concept.

 

 

 

 

 

 

 

 

 

Part 3 in a series of blogs on ransomware. Ransomware is on the rampage. Earlier in the year barely a week would go by without a report of a costly attack. Now it’s almost a daily news story with reports suggesting that the number of attacks increased by 30 per cent in August alone. Even worse, payment doesn’t necessarily come with any guarantees. A recent article from infosecurity magazine found that 1 in 5 UK organisations that paid during a ransomware attack didn’t get their data back.

In this climate, the question is how to have confidence that you are on top of the problem, with a good chance of prevention and a coherent strategy to recover from it without having to pay up. Continue reading “Ransomware and Large Enterprises – a defence-in-depth strategy” »

avatar

Peter Curran

Principal IA Consultant at Ascentor

More Posts

Follow Me:
Twitter

Share

Supply Chain Cyber Security – defeating the weakest link (Part 1)

Cyber chain 2

 

 

 

 

 

 

 

 

It’s an everyday story but it could happen in your business – right under your nose and far more easily than you could have imagined. Who’d have thought that a contractor would cost millions in lost revenue and nearly bring the business to its knees? But that’s what a weak link in your supply chain cyber security can do.

Picture the scene… Brian parks in the street around the corner from work and walks down the side of his company building. The back door, propped half open by the fire extinguisher, makes entry a breeze. He takes off his balaclava and walks down the corridor to the server room. Brian provides IT support to this and other local companies and, as IT system administrator, he has the keys to the server room door… Continue reading “Supply Chain Cyber Security – defeating the weakest link (Part 1)” »

avatar

Steve Maddison

Director and Principal Consultant

More Posts

Share

Cyber Insurance – can you ever be fully covered?

Cyber insurance image

 

 

 

 

 

 

 

 

Whether it be from hackers, careless employees, malicious insiders or ransomware (pick your own threat list) – organisations are under increasing risk of cyber attack. And, wherever there is a risk – there’s the option of insurance.

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), has been around for over a decade. Now, as cyber threats grow, cyber insurance looks set to join other business insurance policies in the risk management toolkit. But, can it really adequately compensate against the consequences of an attack? Continue reading “Cyber Insurance – can you ever be fully covered?” »

avatar

Ben Wheeler

Ascentor marketing and content editor.

More Posts

Share

Ransomware – Back up or Pay up – Top Tips for SMEs

Ransomware

 

 

 

 

 

 

 

 

Part 2 in a series of blogs on ransomware. In the first blog we covered some basic cyber hygiene as well as providing 6 top tips for single home computer backups. This second blog takes it up a level and is aimed at Small and Medium Enterprises (SMEs).

Ransomware is the installation you really don’t want – it’ll encrypt your files and you’ll be blackmailed in to paying a ransom for the recovery key. What’s more, it’s a fast growing menace. New data from Intel Security shows a 24 per cent increase in this kind of malware in the first quarter of 2016 alone.

By restricting the ability of systems to operate, ransomware has the capacity to cause long-term damage to the reputation and profitability of any business. However, due to their size, SMEs don’t always have the resources to counter the damage that an attack can cause. We hope that, by following these six tips, SMEs will be better prepared to prevent attacks or respond with confidence, should the worst happen. Continue reading “Ransomware – Back up or Pay up – Top Tips for SMEs” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

Passwords? It’s enough to give you a headache

Password headache

 

 

 

 

 

 

 

 

 

Life was so much easier when all we had to remember was a 4 figure PIN to get money from the cashpoint machine. Nowadays we need passwords for almost everything we do online and most people have many accounts and registrations that require passwords, which we are meant to remember – it’s enough to give you a headache.

We are told by every budding security geek that our passwords need to be strong or complex, that they should be at least so many characters long, that we shouldn’t re-use them, that we shouldn’t write them down, that we should change them regularly, that we should… STOP – rewind that last bit… We are now being told we don’t have to change passwords regularly – HOORAH! Continue reading “Passwords? It’s enough to give you a headache” »

avatar

Bert Curtin

Senior Information Assurance Consultant at Ascentor

More Posts

Share