The EU General Data Protection Regulation (GDPR) is a lengthy piece of legislation, even by European Commission standards. If nothing else, this drives home just how far-reaching and detailed it is. Yet many organisations currently grappling with compliance find it frustratingly short on some of the most important details. New Trend Micro research has found that confusion over some of the key terms in the legislation could mean many aren’t implementing the right cyber-security technologies to keep them compliant.
Layered security is the only way to ensure maximum threat protection, although we’d also encourage regulators to ease the compliance burden by providing more clarity to organisations. Continue reading →
The latest findings from PwC’s Global State of Information Security Survey 2018are out and they don’t bode well for GDPR compliance. In fact, many UK organisations polled don’t even know how many attacks they suffered last year or how they occurred, while board-level involvement in cybersecurity strategy remains minimal. These findings chime with those of a major piece of Trend Micro research into the forthcoming European data protection regulation.
To overcome these challenges, UK firms need to refocus their efforts around cybersecurity best practice, starting with a layered approach to threat protection blending multiple techniques at endpoint, gateway, datacentre and network levels. Continue reading →
Over the past 28 years, Trend Micro has led the industry in trying to better understand those who seek to do us and our customers harm. After all, how can we begin to build effective threat prevention if we don’t know what we’re trying to protect against? The latest of our in-depth reports into regional cybercrime underground markets focuses on the Middle East North Africa (MENA) region, and reveals some surprising findings. This is a cybercrime underground united in its goals with members keen to share and help each other; making it particularly dangerous for targets in the West.
That’s bad news for all of us as local MENA players move beyond DDoS and web defacement activity to more nefarious attacks. Against this backdrop, layered security becomes an essential mitigation strategy. Continue reading →
There’s not been much to celebrate in cybersecurity recently. The shadow of the Equifax breach still hangs over the industry as a cautionary tale of what can happen if security processes and execution aren’t 100% watertight. In fact, Europol last week reported stats claiming over two billion records on European citizens have been leaked over the past 12 months. While there’s clearly lots to do, it was heartening to see the UK’s National Cyber Security Centre (NCSC) this week reporting a successful first year in operation.
The GCHQ offshoot claimed to have dealt with 590 “significant” cyber threats reported over the 12-month period. While we’re 100% behind its work, it’s obvious the scale of the problem and the determination of online attackers continues to rise. That means organisations must also take matters into their own hands with best practice, layered cybersecurity. Continue reading →