RSS FeedBlogs

Security Spotlight

Security spotlight

Shining a light on the security and governance issues facing enterprise IT

Recent Posts

RSS FeedSubscribe to this blog
About Author
Security spotlight



Putting the 'Cover' into Disaster Recovery

Combine regular testing of physical disaster recovery procedures and automated data protection testing

by Security spotlight

When Hurricane Sandy struck New York, images of the storm-battered city soon eclipsed other pictures from its destructive course across the Caribbean and Atlantic. It also made clear nature’s effect on business. The New York Stock Exchange...

July 17, 2014 4:54:32 PM Read Full Post

The eBay breach: Big brands can no longer protect their users

If the attack happened in February or March, it€™s long past the point where a reset will stop possible secondary compromises

by Security spotlight

Megabrand eBay has fallen to the hackers - do the world’s most powerful brands know what they’re doing? Yesterday eBay set in motion what must be the largest password reset in Internet history after asking its entire user base of 230...

May 22, 2014 12:17:42 PM Read Full Post

Making risk assessment less risky for critical infrastructure

Targeted cyberattacks are not random so risk assessment is complex

by Security spotlight

It is the calm before the cyber storm. Over the past several years, critical infrastructure cybersecurity has become a top-of-mind concern for utility managers and for governments alike. Ever since the Stuxnet malware damaged Iranian uranium...

May 13, 2014 11:47:37 AM Read Full Post

Open source security software

The great debate

by Security spotlight

One of the most interesting debates in IT/infosec circles is around the use of and reliance upon open source security software. Open source security software has its share of fans as well as detractors. As one of its avid fans, I started fiddling...

December 19, 2013 6:34:13 AM Read Full Post

How to make sure you don't end up with a Snowden-sized security leak

Risky business outsourcing....

by Security spotlight

You can’t move much these days for news of PRISM whistle-blower Edward Snowden, the information security engineer who walked out of his job at US defence contractor Booz Allen Hamilton last month with “thousands” of top secret...

June 14, 2013 3:11:18 PM Read Full Post

Why the UK shouldn't fear a Cyber Pearl Harbour

Don't relax, but don't believe all the security hype

by Security spotlight

There’s no doubt that “Cyber Pearl Harbour” is a great headline, evoking memories of the devastating surprise attack by Japanese fighters on a US military base that forced the States into World War 2. Information security...

April 16, 2013 2:55:44 PM Read Full Post

The architects of our own destruction

Caesar, infrastructure, outsourcing and offshoring

by Security spotlight

I never wanted to spend my life in IT. I passed a programming exam at high school because I promised the teacher I would never return. It was the hardest 50% I ever had to work for! My passions were history and literature, and especially Latin,...

April 03, 2013 3:26:05 PM Read Full Post

The world's first cyberwar has started

The USA threw some big rocks at Iran, which is now throwing some back

by Security spotlight

We can now say with some certainty that the world’s first cyberwar is upon us, unfolding behind the scenes with a rising level of intensity, so far pretty much ignored by all but the need-to-knows.On one side are the US and its European and...

January 16, 2013 3:00:00 PM Read Full Post

Five common practices that lead to failed IT compliance audits and security breaches

Avoiding the auditor's trap is a strong motivator, but avoiding falling into a criminal's trap has got to be the ultimate goal

by Security spotlight

To put it simply, privileged accounts are like the keys to the kingdom of IT. They grant access to sensitive data and configuration settings. They’re rarely changed in most organisations, yet they’re known to nearly everyone....

January 03, 2013 1:00:00 PM Read Full Post

Twitter, stress and confusion will define the security landscape in 2013

In 2013, we can expect to see more and more companies not only "embracing" but also "adjusting" to the new social landscape

by Security spotlight

2012 was a year where Twitter became an integral part of everyday lives. For some, Sally Bercow perhaps being the most high-profile example from the UK, 2012 was also the year where Twitter had to be relegated to the past.  Freedom of...

January 03, 2013 2:00:00 AM Read Full Post

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message