CNIL – causes of reported data breaches (May – October 2018)

The CNIL (the French Data Protection Authority) received 742 notifications of personal data breaches (and see the original report in French) that affected over 33 million individuals located in France or elsewhere. 695 related to confidentiality breaches. The accommodation and food services sector had the highest number of breaches – 185. This is due to a specific case… Read More

The man, the cloud and the social rat

After a recent talk I gave on Information Security one of the attendees thanked me for explaining what it meant and then asked for more information about some of the attacks. So here are explanations about some of the attacks used in the talk, and a few more that I will be talking about in the… Read More

SMEs must take information security more seriously or lose out on new work

The recent Talk Talk hack, their third in a year, has been another example that a security breach has an impact on the reputation of a company and it’s share price. How Talk Talk will come out of this remains to be seen.  No doubt large companies are currently reviewing their information security measures starting with cyber… Read More

Security for the Internet of Things

Every device connected to the Internet is a potential threat to information security. In the new world of the Internet of Things (IoT), there could be 50 billion connected devices by 2020, up from 15 billion in 2015. Forecasts vary but what is certain is that there will be a dramatic increase. Manufacturers need to build in… Read More

How many companies would pay Ransomware hackers?

If Ransomware did get into a network 31% of companies say they would pay the hackers to regain access to their data. This figure is from an ESET study of 200 security professionals carried out at Infosecurity Europe in June 2015. The percentage seems high to me, but maybe a lot of companies have not got robust… Read More

US OPM incident – details of 4 million people may have been compromised

Details of 4 million current and former US government employees may have been compromised by a hack found in April 2015. US law enforcement officials are saying this was done by the same Chinese hackers that attacked an insurance company, using a ‘zero-day’ vulnerability that allowed them access. The implication, for me, is that the data… Read More