Data Security (Inc. Data Loss Prevention), Cyber Security, Privacy, Website Security, Email Security, Malware/Viruses, Open Source Intelligence, Cyber Security/Product Training

Service Offerings

  • Cyber security training
  • Product reviews
  • Blog or article writing
  • Cyber security consulting for SME & HNWI
View more details here or email me.

Chapter Author

Contact Graeme

Journalists, students, potential clients or anyone else, email.......
graeme@datasecurityexpert.co.uk

Something private to say?
PGP public key

No AI Used Here

TalkTalk hack: The ICO’s biggest fine so far - TalkTalk must be trembling in their shoes, erh, no

Details
Category: Cyber Security (Personal)
Time for secondary sch. maths, rare I know in the working world with calculators. £1,795,000,000 (revenue) divided by 10 (for 10%) = £179,500,000, divided by 100 (for 1%) = £17,950,000. How about 0.5% or even 0.1%? No. Many calculations later and the grand figure is about 0.0222% of revenue.

If you are a local council or charity a fine of tens or hundreds of thousands will be difficult but not for a firm with over a billion in revenue, an entire PR department and thousands of staff. The ICO has only been issuing fines for about five years and so far, it has not issued many.

TalkTalk was allegedly penetrated through a SQL injection attack, this attack type has been around for years and according to reports, Sony was hit around five years ago. Being well known you would think TalkTalk would have tried to mitigate it. Poor security maybe but others are likely the same.

Read more …

IoT security is like running before you can walk

Details
Category: Cyber Security (Personal)
Take a baby or toddler which of course is where the phrase comes from, it first crawls, walks, climbs, runs and finally cycles. Security should be the same, first you should secure your home, office, data centre and then move onto the network, endpoints, websites, email servers etc.

Many companies have not done much of the above. Take various City of London offices, LCD screens with users on are sitting next to windows. Good front office access control maybe but you can look over someone’s shoulder from outside.

Then you need to secure the network with the use of hardware firewalls and IPS (intrusion detection prevention). Mail servers and webservers are next since they face the world wide web and further down the line is endpoints.

Makes sense? Likely to some. The problem is companies are struggling to secure their normal network because they do not understand the risks or care. Plus, there is a shortage of products which actually work and a global shortage of skilled staff.

Move onto IoT (internet of things), if anyone including home users is struggling to secure their conventional kit why move onto IoT which can add a physical element into the equation? Webcams, CCTV, heating/electricity control companies do not put much effort into security.

Read more …

First time home buyers: what a helpful government we have!

Details
Category: Private Thoughts
This is the second “personal” non-IT or IT security article of the year and the 80th article I have written and published in some form. Typically, I only write about issues I see in the country or affect me in some way presently or in the future.

What you need to buy a property money wise and the process: right property check, deposit check, mortgage agreed check, surveyor fees check, legal fees check, hire a van fees check and stamp duty not check.

Read more …

Page 27 of 60