Company bosses: barrier to security in essential services Tweet December 2011 | Derek Parkinson | Leave a comment Company bosses are among the major barriers to improving the security of the Industrial Control Systems (ICS) that our essential services depend on, according to an in-depth study by ENISA. “Many experts agreed that one of the main difficulties in … Continue reading →
Are reports of the death of the hardware token premature? Tweet December 2011 | Derek Parkinson | Leave a comment A survey of UK companies shows that almost a quarter have suffered a security breach that can be traced to a lost or stolen hardware token, says Entrust. They have been recovered from locations that range from the unsurprising: restaurant … Continue reading →
Mobile apps on course to repeat past mistakes Tweet December 2011 | Derek Parkinson | Leave a comment Mobile devices bring avoidable risks to the workplace because developers of mobile applications are repeating some basic security mistakes previously made with web and enterprise apps, Veracode has warned. For the first time, the company’s State of Software Security Report, … Continue reading →
ENISA urges overhaul of HTTPS Tweet December 2011 | Derek Parkinson | Leave a comment ENISA has added its voice to those calling for a rethink of how we implement HTTPS. The EU agency agrees with observers who see general problems in the system, in addition to failings by Certificate Authorities (CAs) such as DigiNotar, … Continue reading →
W3C fires first shot in war against scripting and injection attacks Tweet December 2011 | Derek Parkinson | Leave a comment Work is underway at W3C to strengthen the security of web browsers with the release this week of the first draft of its Content Security Policy (CSP). In simple terms, CSP is an extension to HTTP that enables whitelist policies … Continue reading →
BT invests in smart data analysis to counter security threats Tweet November 2011 | Derek Parkinson | Leave a comment Research on an early warning system for threats to the UK’s critical infrastructure will be part of a managed security service offered by BT, according to the company’s chief of security research Robert Ghanea-Hercock. The technology, which grew out of … Continue reading →
Security and privacy: top concerns for converts to cloud Tweet November 2011 | Derek Parkinson | Leave a comment Security and privacy top the list of concerns for UK organisations that currently use cloud services, or plan to do so in future, according to a cross-sector survey commissioned by the Cloud Industry Forum (CIF). Security is a concern for … Continue reading →
ENISA: crypto and clouds won’t save us from “life-logging” dangers Tweet November 2011 | Derek Parkinson | Leave a comment Excessive reliance on data encryption and cloud services will increase the risk of security breaches as rapidly growing quantities of our personal data are stored online in the next few years, ENISA has warned. The EU agency assembled a panel … Continue reading →
WikiLeaks insider: workload was “simply insane” for one organisation Tweet October 2011 | Derek Parkinson | Leave a comment The funding woes that may shut down WikiLeaks entirely mark the end of an era for the online support available to whistleblowers, to be replaced by a broader, more collaborative approach, says Herbert Snorasson, former WikiLeaks member and a founder … Continue reading →
Smart meters – Government weighs wireless options Tweet October 2011 | Derek Parkinson | Leave a comment The Government has settled on a wireless infrastructure for the smart meter network that will connect all UK homes and businesses to energy suppliers by 2020, but has not yet revealed details about how this will be secured “because it … Continue reading →
