Lessons Learned from the WannaCry Ransomware Outbreak

Introduction On Friday May 12, 2017 news broke of a widespread ransomware outbreak known as “WannaCry” or several similar variations of similar names. Much has been written about the outbreak itself related to the apparent origins being rooted in the confluence of vulnerabilities stockpiled by the United States’ National Security Administration (NSA), which were stolen and linked by the “Shadow Brokers” organization, and hacking tools developed by the Central Intelligence…

There’s No Excuse for Failing to Fix Simple Security Flaws

Protecting a business and its customers against cyber-attack and data loss is a multi-faceted, relentless task that requires careful consideration and robust systems and policies. Some elements of this are more complex than others but ultimately those challenges can, and must, be overcome. What there is no excuse for, however, is a business knowing about, and failing to rectify, a simple, easily fixable flaw in its cyber-security as seen with…

Making Staff Awareness of Security Threats an Ongoing Process

You may have seen this week that Dropbox links have become the latest vector for phishing and malware attacks to try and harvest user details and valuable business data. Given Dropbox is the leading file storage and sharing application for business this is hardly shocking.  What may be more surprising though is that these latest attacks can be more easily identified, and prevented, if staff are made aware of the…

Knowing your data rights on the Web – and protecting those rights

Wednesday 12th March was the 25th anniversary of what we now know as the World Wide Web – a date that Tim Berners-Lee, the `inventor’ of the web used to call for an Internet Bill of Rights to be drawn up.  His call follows in the wake of the revelations of Government online surveillance from the past year, and also from the continued growth of online criminal activity. Berners-Lee called…