'The devil is in the detail' is a phrase which comes to mind when speaking about the GDPR (General Data Protection Regulation). The obvious topics surrounding the application of the regulation's articles have been extensively discussed, leaving behind those tricky and often overlooked details.Read Article
Wherever there exists a conversation about the GDPR (General Data Protection Regulation), you can guarantee a handful of infamous topics are covered. The scaremonger worthy administrative penalties, the notion of consent being the lawfulness to rule all others and the Lord Lucan of rights, the right to forgotten.Read Article
As in recent years, 2017 has been marked by an increasing number of cyberattacks, and indications point to another tumultuous year as we head into 2018. In this blog post, we hear from Lastline's co-founder and CTO Giovanni Vigna on what he predicts to be the cybertrends of next year:Read Article
As the Internet continues to be an important part of our lives, it also becomes a more dangerous avenue for cybercrime. The risk increases as the massive online community’s use of the Internet becomes more rampant. And despite the public being aware of cybersecurity issues, anonymous online criminals are able find more victims and creative ways to commit Internet fraud with the use of Internet services or software programs with web access.Read Article
Much like the fable of the Emperor's New Clothes, there is much talk of the GDPR but little with any real substance. You have no doubt been told of the potential fines and heard of the right to be forgotten but how does the GDPR actually affect the IT security channel operationally? Rather than walking into 2018 wearing nothing, like the ill-fated Emperor in the tale. We interviewed Infinigate UK Sales Manager, Mike Tye, for his opinion on the operational challenges which he expects value-added resellers to witness as a result of the GDPR.
Since the first Denial-of-Service (DoS) attack was launched in 1974, Distributed Denial-of-Service (DDoS) attacks have remained among the most persistent and damaging cyber-attacks. Let’s examine how these attacks have evolved and how your company can mitigate them:
In the pursuit of writing about the practical application of the GDPR (General Data Protection Regulation) rather than reciting the contents of the freely available regulation document, I am writing this blog to answer a commonly asked question regarding the purchasing of marketing contact lists post May 2018.Read Article
If you haven’t heard of the GDPR (General Data Protection Regulation), quite frankly I am in envy of you. Never has there been an IT security topic so heavily covered by those who wish to show they are literate and can re-write what they have read. Astronomical fines, forbidden non-consensual communication and mighty data subjects wielding new found rights have all been covered repeatedly and tirelessly.Read Article
Back in August 2001 a cryptanalysis of Wired Equivalent Privacy (WEP) was published which outlined a passive attack which could be used to recover the RC4 keys used to encrypt wireless traffic. Fast forward to October 2017 and its replacement WPA2 has had the same treatment in the form of the KRACK Attack.
As far as titles go, this one will likely prove divisive. On one hand, there are a plethora of IT security solution and service providers who are keen and hungry for the opportunity to work with customers on their preparations for the GDPR. On the other, doubt is sowed by those who question the ability of anyone who claims to know anything about the GDPR, simply because there is nobody with experience in application of a regulation which yet to come into force.
The Lastline Daily Dose program supports National Cyber Security Awareness Month (NCSAM) with daily tips and advice to help individuals and organizations detect and prevent malware-based cyberattacks. Throughout October, Lastline will offer a daily dose of advice via social media channels, aligned to the weekly themes established by the Department of Homeland Security. The theme for week 1 of NCSAM is Simple Steps to Online Safety. Here are our daily doses of advice:
Biometrics are definitely better than passwords when it comes to security, but they aren't fool-proof. Here are the three main reasons biometrics aren't secure.Read Article
Email is unwaveringly consistent in upholding the theory of equal opposites. On one hand, it has enabled businesses to flourish in the electronic age with cheap and easy communication thus making it the default method of message exchange, however on the other, that direct-to-user route has meant that it remains the number one infection vector of choice for malware and phishing attacks since the 90's.Read Article
Keeping up with advances in technology is like being a hamster on a wheel: the race never ends. But that drive is ultimately what yields innovative advances in IT – for both hackers and cyber professionals alike.Read Article
The average IT security administrator has much to be concerned about today; the threat of ransomware bringing their businesses to a halt, their readiness for the incoming GDPR (General Data Protection Regulation), trusted employees forever on the cusp of potential betrayal and now the return of the oldest foe of them all... spam.Read Article
Without much hesitation, I am certain that my experience of the past eighteen months has been similar to others. Attending and consuming countless GDPR focussed conferences, webinars, panel discussions, blog posts and webinars in an effort to strengthen my own grasp of the topic and to trade suggestions on real-life application with peers. There is much to gain from such occasions.Read Article
Otherwise known as the measuring stick by which your some of your GDPR compliance will be assessed, the six core principles of the GDPR are the basic foundations upon which the regulation was constructed. Unquestionable and pure in nature, they are somewhat rarely acknowledged for one simple reason; five of the six have no real application in helping to peddling products and solutions.Read Article
It's almost six months until the implementation date of the European GDPR (General Data Protection Regulation) and the UK begins its journey toward the club's exit door. The release of the DPB (Data Protection Bill 2017) has confirmed the UK's position on how it plans to remain tied, yet distinct from its European neighbours.Read Article
The IT security industry, having grown each year since the dot-com bubble, is famously known as being a recession-proof investment. As more of our lives and our businesses grow to rely on the benefits of IT and the internet, so does the need to protect that reliance from any event which threatens it.Read Article
2017 may be remembered as the year of the botched cyber heist, when mass infections of ransomware variants embarrassed some of the world's largest and most famous organisations but earned their creators little more than notoriety. With mystery surrounding identity and motive, we may never get to the bottom of the full story but we may be able to draw some conclusions by following the money.Read Article
If the GDPR were a sea, it would be vast, confusing and in some places its shallow rocky geography would threaten metaphorical ships with disaster. Guidance for any would-be captain is plentiful; just searching for the term ‘GDPR’ in Google yields hundreds of thousands of results. From the basics of learning your portside and starboard to the more practical of how to protect your vessel from the supervisory authority’s arsenal, much is covered. That is with the exception of working with third-parties and most importantly, cross-border processing, something which is a normal aspect of business today, irrespective of size. This darker corner of the regulatory map is less often explored and must begin with identifying who is wearing the hat of the data controller and the data processor.Read Article
Many businesses and organisations are still reeling from the outbreak of the WannaCry ransomware attack, only to be hit again by another cyber-breach nicknamed Petya (also known NotPetya or Nyetya), but not all is as it seems… It’s now clear that the malware used the EternalBlue exploit to spread, which was the same vulnerability used by WannaCry. This time however, security experts including Kaspersky Labs claim the aim of the attack was not for monetary gain but to cause damage and destruction.
In a world of ever faster computing power, the thought that passwords should become simpler appears to be going against the grain. Yet, in May of 2017, the highly regarded American agency, NIST (National Institute of Standards and Technology), ended its consultative period for a new report into password guidelines. Contained within were some surprises about what we have come to believe about the security of complex passwords.Read Article
After the events of May 2017, cyber security teams may finally be able to eat from the adults table of respect at organisations worldwide. What had been predicted, yet often ignored for more than a decade, had materialised in the form of the WannaCry cyber attack; a service-extinction level event which rendered some of the world’s most famous brands and the UK's health service crippled and ultimately red-faced.Read Article
If there was a person in the world who didn’t know what ransomware was, they probably do now. On Friday the 12th of May 2017, what was initially dismissed as an issue on NHS (National Health Service) England’s IT system quickly developed into a global incident involving computers, laptops and servers in 150 (and still counting) countries.Read Article