dcsimg

A week in security (July 9 – July 15)

Last week, we talked about domestic abuse fuelled by IoT, doing threat intel programs right, blocking ICO fraud, and man-in-the-middle attacks. We also explained why we block shady ad blockers and provided tips to online shoppers for Prime Day. Other news: Reports revealed that low-end Android devices sold in Egypt, Brazil, South Africa, Myanmar, and other developing markets contain pre-installed … [Read more...]

What makes ISO 27001 the go-to standard for information security?

ISO 27001 is one of the fastest-growing management standards in the world. with the number of awarded certifications increasing by 20% in consecutive years. In 2016 (the last available figures), 33,290 certifications were issued worldwide, and 27,536 certifications were awarded the year before.  ISO 27001 is clearly very popular, but what makes it the standard for information … [Read more...]

52% of web applications contain high-severity vulnerabilities

A new study has highlighted the poor state of web application security. Positive Technologies tested various web applications, and found that every single one contained vulnerabilities, with 52% containing high-severity weaknesses.  The Web Application Vulnerabilities report also found that:  48% of tested applications are vulnerable to unauthorised access;  44% of applications placed personal … [Read more...]

Why you should adopt ISO 27001

With cyber attacks and data breaches on the rise, cyber security is fast becoming organisations’ top priority. Many have chosen to mitigate the risk by implementing an information security management system (ISMS). An ISMS is a system of processes, documents, technology and people that helps organisations manage, monitor and improve their information security in one place. ISO 27001 is the … [Read more...]

1 in 8 cyber attacks successful in Denmark

A recent survey by the Danish Society of Engineers’ IT subsidiary, IDA-it, concluded that two thirds of businesses had experienced a cyber attack, and that up to one in eight cyber attacks carried out against Danish organisations are successful. IDA-it surveyed people working in IT or personal data related roles in the public and private sector. Kåre Løvgren, IDA-it’s chairperson, said that … [Read more...]

Danish rail network DSB hit by cyber attack

DSB, the Danish state rail operator, was hit by a distributed denial-of-service (DDoS) cyber attack on Sunday, April 13. A DDoS attack attempts to disrupt a host or network from connecting to the Internet in order to render a network or machines unavailable. It meant that passengers were unable to buy tickets on Sunday, and purchases through DSB’s ticket machines, app, website and retail stores … [Read more...]

9 steps to implementing ISO 27001

There are many reasons to adopt ISO 27001, the international standard that describes best practice for an information security management system (ISMS). It helps organisations improve their security, comply with cyber security regulations, and protect and enhance their reputation. But implementing the Standard takes a lot of time and effort. That should be obvious, at least if you believe the … [Read more...]

The GDPR and Brexit

In less than a month from now, the General Data Protection Regulation (GDPR) comes into force across the EU. It is expected that businesses and charities across Ireland have taken the necessary measures, such as preparing new policies, appointing chief information security officers, restricting IT admin rights and installing firewalls and controls over company-owned devices, to ensure compliance … [Read more...]

How to spot a phishing attack

Phishing is one of the biggest threats that individuals and organisations face, but do you know what they are, what they look like, and where to look for them? In the broadest sense, phishing is any attempt to pose as a trustworthy source in order to get people to hand over personal information. Phishing usually takes the form of mass emails sent to hundreds or thousands of people, criminals can … [Read more...]

The GDPR: Understanding the 6 data protection principles

The EU General Data Protection Regulation (GDPR) outlines six data protection principles that organisations need to follow when collecting, processing and storing individuals’ personal data. The data controller is responsible for meeting the principles and must be able to demonstrate the organisation’s compliance practices. We’ve listed the six principles here with advice on how you can follow … [Read more...]