If you cannot view this email please click here

BYOD

Passwords

 Hacking Cloud Compliance Reviews


COMPUTING SECURITY AWARDS

COMPUTING SECURITY AWARDS 2016

Nominations for the 2016 Computing Security Awards closed on 5 August. And we have had a huge response, with a wide range of products, companies and people being put forward. But which ones will see their names up in lights and honoured at our gala awards night later this year? Please go to our website and cast your votes to determine the ultimate winners. www.computingsecurityawards.co.uk
Meanwhile, here are more of our winners from the 2015 Computing Security Awards:

Fraud Prevention Award

WINNER: RSA
RUNNER UP: Tabernus

main headline

Security Recruitment Company of the Year

WINNER: Evolution Recruitment Solutions
RUNNER UP: Computer Futures

main headline

Security Service Provider of the Year

WINNER: ZeroDayLab
RUNNER UP: Egress

All of the 2015 Awards results can be seen by going to:

www.computingsecurityawards.co.uk

Please note: the winning products and services will not necessarily be the only solutions or the newest solutions available from the respective suppliers. You should contact these suppliers directly to learn more about what they can offer.

main headline



News

IT security preparedness on the up and up

New survey highlights big improvements in IT security effectiveness

 main headline

New Cyber Stars campaign

A training manager is spearheading a national campaign to get firms to protect their IT systems

Bosses boost IAM spending

Fresh focus on consumer identities, improving customer experience and operational efficiencies

Forgotten vulnerabilities still pose threat

A key report showing malware infection attempts are increasing sparks sharp response

 main headline

NATO on a war footing

NATO is now officially recognising cyberspace as a frontier for war

 main headline

Stepping up threat defences

Manufacturers urged to step up their planning against cyber security threats


Review

GhangorCloud Information Security Enforcer

Security breaches relating to IT now have such serious consequences that enterprises must protect to survive

main headline

SecurEnvoy SecurAccess 8

Two factor authentication (2FA) is the only way forward for security-savvy businesses, as standard username and password combinations are now dangerously insecure

main headline


Features

Mind games

Increased innovation in IoT from a security standpoint is playing into the hands of hacktivists and cyber criminals. How can they be stopped?

 main headline

Thinking your way to safety

The tools and technology to help organisations embrace a secure future are close to hand

 main headline

Battle for Cloud domination

According to Oracle executive chairman Larry Ellison: "We need much better security. We need a next-generation of security, because… we are losing a lot of these cyber battles.”

 main headline

Sealing up the leaks

What does a successful data protection strategy look like in the face of eroding security perimeters, increasing targeted attacks, and evolving user habits and expectations?



 main headline


Opinion

Shedding light on shadow IT

Jonathan Whitley of WatchGuard Technologies offers some insights into building a secure BYOX environment

 main headline


White papers

How to avoid a tangled Web

Web 2.0 aids enterprises in conducting business, but also introduces many damaging risks. Trend Micro offers its insights into Web application vulnerabilities and how to avoid these

Meeting European Data Protection and Security Requirements with CipherCloud Solutions

This white paper investigates how encryption and tokenisation of data can help companies that are subject both to EU data protection and general security laws to adopt cloud-based solutions and remain in legal compliance

Welcome to the August 2016 issue of the Computing Security Newsletter

The recent scandal over O2 cutomers’ data appearing for sale on the dark web shook many, not least those directly affected. O2 says it was not a victim of a data breach – hackers actually stole the data from another source nearly three years ago – but that has left many unimpressed.

Richard Stiennon, chief strategy officer at Blancco Technology Group, is one of many in that category who have contacted Computing Security to express their concerns. He believes that O2 claiming it has been a victim of ‘credential stuffing’ is an insufficient excuse.

“According to O2, this isn’t a data breach per se,” he says. “Instead, they’re classifying it and their business as being the victim of a hacking tool called ‘credential stuffing’. In this case, hackers used ‘credential stuffing’ to breach a gaming site called XSplit and subsequently stole members’ login details three years ago. Then, in 2016, the hackers were able to match gamers’ login details from XSplit to indirectly hack into O2 users’ accounts.

“The major issue here is that a lot of people reuse the same usernames and passwords for various digital site logins. And at the same time, many of those digital sites and companies have a low-level authentication process in place to validate user account information.

“A good start for O2 would have been to introduce a multiple point authentication system, because human nature dictates that people aren’t going to stop using the same login details, but organisations still owe their customers complete data protection,” Stiennon points out. “And considering cyber-crime is now a bigger threat than traditional crime in the UK, it is more important than ever for companies to take data protection very, very seriously.” To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.

Brian Wall, Editor
Computing Security

Follow us :

 

 
 

To unsubscribe click here

Published by: BTC 35 Station Square Petts Wood BR5 1LZ

Tel: +44 (0) 1689 616 000
Fax: +44 ( 0) 1689 826 622