|
Masterclass
|
Laptops blitzed in under 30 seconds
What if your laptop could be 'backdoored' via a technology almost everyone uses and trusts: Intel. It's not simply a possibility, however - it's been reported as happening on a massive scale |
 |
The vital link
Predictive analytics is not a miracle cure. But it can help to alter how organisations look at security operations and incident response workflow, when properly embraced |
 |
Taking the fight to the enemy
David Ferbrache, chief technology officer in KPMG’s cyber security practice, has been looking closely at key areas where organisations might well focus their attention in the 12 months ahead
|
 |
Hacking on the cheap
A team of experts bypassed an iPhone’s fingerprint sensor and manipulated facial and voice recognition security systems on various banking apps. Cost of the ‘technology’ to do this? Around £45 |
 |
Through the glass, darkly
Computing Security asked those in the know to do some future-gazing and give us their top predictions for cybersecurity in 2018. Here’s what they had to say |
 |
GDPR: The Silver Lining
Are there four letters presently capable of generating greater fear and anxiety for organisations around the world than GDPR? Colin Tankard, managing director, Digital Pathways, seeks to alleviate those concerns |
 |
Reviews
|
|
Titania Nipper Studio 2.5
Network routers, firewalls and switches are essential to business operations – and yet their very complexity makes them easy targets for cyber criminals. Here’s one key solution to overcoming these challenges.
|
|
|
|
Welcome to the February 2018 issue of the Computing Security Newsletter.
In an important move, BSI, the business standards company, has published the revised international standard for risk management, BS ISO 31000:2018 Risk management: guidelines
The purpose of this standard is to assist an organisation to integrate risk management into all of its activities and functions. Properly implemented, risk management improves performance, encourages innovation and supports the achievement of objectives. BS ISO 31000 provides best practice guidance on how an organisation can create a framework for risk management strategy that aligns with its broader goals
Risk can take many shapes and forms – including economic, political and environmental. BS ISO 31000 is intentionally broad in its scope, in order to assist organisations with managing risk of any kind, and is consequently applicable to organisations in all sectors
A notable change in this revision is a review of the principles of risk management. One of these is continual improvement. This means it is not enough for an organisation to create a risk management framework that is never revisited or reviewed. To be effective, the risk management framework needs to take into account the context of the organisation and its current risk management practices, so that gaps can be addressed. The different parts of the framework and how they work together should always be adapted for specific needs.
Human and cultural factors are also key. For example, different opinions will affect risk appetite, and the judgement and perception of risk. A traditional hierarchical organisation may have very different attitudes to risk to a collaborative, innovation-based company.
This revision highlights the importance of top management not only implementing risk management, but also promoting it. Ultimately, the effectiveness of risk management depends on its integration into the organisation at all levels.
Anne Hayes, head of the Governance and Resilience sector at BSI, comments: “Effective risk management is about all levels of an organisation strategically planning for today and for tomorrow. BS ISO 31000 provides structured risk management guidance for any organisation, so that it can prepare effectively for the future. Having a plan is in the best interests of everyone’s safety, security and resilience.”
To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.
Brian Wall, Editor
Computing Security
Follow us :
|
|
