Cloud Security – Sophos Optix solution

Deployment of business applications and systems in multi-cloud configurations across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) is common and rapidly becoming the default. The benefits of this deployment approach are numerous, but it also brings increased complexity. This complexity combined with the expanding network surface area due to the proliferation […]

Staying PSD2 Compliant with QWAC

A new EU directive related to security is due to go into effect on the 14th of September 2019. It is called the Payment Service Directive 2 (PSD2), and it is focused on the banking and financial technology sectors. As the name suggests PSD2 is the second implementation of EU wide banking regulations, and it […]

Network Access Control

The number of endpoints on IT networks is expanding at an ever-increasing rate. User devices have moved beyond the traditional desktop and laptop to include smartphones, tablets, and wearable devices with network connectivity, such as the Apple Watch. The rapid growth seen for mobile devices over the last decade may now have stalled, but the […]

GDPR One Year On: What Have We Learned?

Saturday the 25th of May marked a year since the EU General Data Protection Regulations (GDPR) came into force in the EU. Most member states have adapted their national data protection laws to be GDPR equivalent (Portugal, Greece, and Slovenia are in the final stages) and the rules governing how data is collected, stored and […]

Secure Email and Accidental Data Leakage

Data breaches are still a threat for all organisations and with the advent of GDPR in the EU, the implications if one occurs go beyond the reputational into the potentially significant financial area. Most of the focus on preventing data breaches is on thwarting attacks from outside, but there is potential for data leakage from […]

The Evolution of Penetration Testing

Penetration Testing, or Pen Testing, is an essential component in any comprehensive network and application security strategy. Each security component is important, but there has been a tendency to see Pen Testing as an afterthought or as a box-ticking exercise for regulatory reasons. Indeed, organisations that gather credit card information need to comply with the […]

The Role of IAM in IOT

“Do you have valid ID?” We are all used to being asked for valid ID to prove who we say we are. From picking up a parcel at the post office, voting in elections or buying wine (if we are lucky enough to look that young), and in many other situations, proving your identity is […]

Veracode And Code Security

It’s almost a decade since Marc Andreessen wrote his influential “Why Software Is Eating the World” article in The Wall Street Journal. In the article he outlined how software systems were, and would continue to, disrupt and replace traditional business models with layers of software and applications on the web and mobile devices. His prediction […]

Blockchain: Cybersecurity Help or Hinderance?

Blockchain technology has wound its way around the world, it has seeped into every sphere of our lives from banking to healthcare and beyond. Blockchain Technology is defined by Alex Tapscott (2016) as being; “An incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value” […]