Category Archives: Privacy

UK Data Protection Bill: No Turning Back Now for GDPR Compliance

by Bharat Mistry

The UK government this week introduced its Data Protection Bill, ending months of speculation over just how committed it was to preserving the country’s fast-growing digital economy. If passed, the new legislation will write into UK law the EU General Data Protection Regulation. The good news is, UK IT and business leaders finally have clarity over the future: the GDPR will still apply post-Brexit. The bad news: there’s little more than nine months before the new regulation comes into force.

That’s why we’ve devoted plenty of time to focus on data protection issues at our upcoming CLOUDSEC conference in London next month. It promises to be a must-see event for any IT decision makers still struggling to comply with the sweeping new laws. Continue reading

Layered Protection: The Only Cure for the Ransomware Epidemic

by Raimund Genes

What’s the number one challenge facing CISOs today? It’s not compliance, budgetary concerns, securing cloud computing or even data breaches – as important as all of these issues are. It’s ransomware. Every day there seems to be a new outbreak. The latest is a double-edged attack campaign apparently combining ransomware and DDoS. But while many cybercriminals are keen to exploit your organisation’s weakest point – its users – via web and email channels, some are looking to attack other parts of the IT infrastructure such as the network and servers.

That’s why CISOs need to ensure their organisation implements layered protection covering all possible weak points. It’s the only way to ensure you stand the maximum chance of avoiding ransomware infection. Continue reading

Banking on Hybrid Cloud: Some Top Security Tips

by Bharat Mistry

A new Wall Street Journal news story this week claims that Amazon Web Services is beginning to make headway in the banking sector. If it’s true it’ll be a major breakthrough for the public cloud provider in an industry which has long been too risk averse and highly regulated for its brand of multi-tenant cloud computing. What the piece doesn’t mention explicitly is that if the notoriously conservative financial services industry is signing up to the public cloud, it’s most likely to be as part of hybrid deployments.

Yet even with a mix of private and public cloud installed to limit risk, organisations must remember that cloud computing brings with it a whole new set of security and management challenges. Forward planning, as always, is everything. Continue reading

Sharing the latest in Global Threat Trends with CLOUDSEC

by Ross Baker

Over the past quarter of a century and more Trend Micro has been protecting individuals and organisations around the world from everything the black hats can throw at us. Over that time we’ve come to appreciate that the value we bring is not just in our global threat analyst teams; our award-winning products for endpoint, virtual, cloud and physical security; or our pioneering Smart Protection Network. It’s also in the alliances we form – from law enforcement to academia, to our peers in the security research community.

That’s why we’ve been hosting the CLOUDSEC security conference since 2011. It’s an event that brings together some of cyber security’s foremost practitioners and speakers to share best practices, and the latest industry trends. For the first time ever, it’s coming to London on the 17th September.

Threats, threats, threats
CLOUDSEC covers many of the hottest topics in cyber security today, including targeted attacks, data protection and privacy; Internet of Everything; cloud and virtual security; and critical national infrastructure threats. But cyber security is nothing without context, so attention is always paid to make sessions as relevant as possible.

Even just a cursory look at the IT security headlines over the past week or two will show you why CLOUDSEC is as relevant today as it was four years ago. There have been reports of major vulnerabilities in so-called “smart watches” – potentially increasing the cyber risk surface for organisations already struggling to manage BYOD. Then there was a damaging cyber attack against the US Census Bureau, for which activist group Anonymous claimed responsibility.

But perhaps the most widely reported breach of recent weeks was that hitting the parent company of infidelity site Ashley Madison. Reports are still emerging as to what happened, but attackers The Impact Group claim they have access to highly sensitive data on 37 million customers globally. If nothing else, the incident can tell us much about the limits of online data privacy in the 21st century, and the level of risk facing online businesses which store customer data.

What to expect
In fact, Communicating Cyber Risk to the Business is one of the sessions slated for CLOUDSEC in London in September, along with other presentations on cyber activism, organised crime, incident response and the Internet of Everything.

Expect a raft of world-renowned experts including Andy Archibald, head of the NCA’s National Cyber Crime Unit; PwC Legal’s global head of cyber security and data protection, Stewart Room; and FBI cyber task force supervisory special agent, Timothy Wallach. Also on hand, of course, will be our very own Trend Micro CTO Raimund Genes, and VP security research, Rik Ferguson.

We all know cyber security is a never-ending learning curve for IT professionals – so if you’re nearby on Thursday, 17 September, come down to CLOUDSEC in London to take another step on that journey.

More info: http://www.cloudsec.com/uk
Twitter: Follow @TrendMicroUK #CLOUDSEC2015