web-archive-uk.com


Web directory, archive
Search web-archive-uk.com:


Find domain in archive system:
web-archive-uk.com » UK » C » CSRISKMANAGEMENT.CO.UK

Total: 259

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • CS Risk Management - CS InfoSec Blog
    on 22 April 2015 by Maritz Cloete UK courts can now impose unlimited DPA fines Magistrates courts are no longer limited to 5 000 fines for criminal offences under the DPA following the entry into force of the Legal Aid Sentencing and Punishment of Offenders Act 2012 Fines on Summary Conviction Regulations 2015 on 12th March 2015 The Regulations allow for an unlimited fine where individuals are convicted under section 55 offence of obtaining or disclosing personal data without the consent of the data controller The ICO has confirmed that it is conceivable for a Data Protection Officer to commit a criminal offence under section 55 DPOs caught breaching the rules therefore may find themselves liable to payment of a fine of a now uncapped amount This entry was posted in Data Protection Act Compliance Uncategorized and tagged Data Protection DPA on 21 April 2015 by Maritz Cloete PCI 3 1 released SSL 3 0 and TLS 1 0 no longer good enough A minor update to the PCI DSS standard was released by the PCI SSC earlier this week in the form of PCI DSS 3 1 Due to the vulnerabilities exposed in the recent POODLE and BEAST browser attacks the standard no longer sites SSL 3 0 or TLS 1 0 as examples of strong cryptography Continue reading This entry was posted in PCI DSS Compliance and tagged PCI DSS Risk Management on 17 April 2015 by Maritz Cloete Oracle Releases April 2015 Security Advisory Original release date April 15 2015 Last revised April 16 2015 Oracle has released security fixes to address 98 vulnerabilities as part of its quarterly Critical Patch Update Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system Users and administrators are encouraged to review the Oracle April 2015 Critical Patch Update and apply the necessary updates This product is provided subject to this Notification and this Privacy Use policy Source US CERT This entry was posted in Threat Alerts and tagged Cyber Security on 16 April 2015 by Maritz Cloete Verizon 2015 Data Breach Report nine common breach patterns It s that time of year again Verizon has just released its data breach report looking back over the reported security incidents and confirmed breaches that occurred during 2014 One of the key findings were that more than 92 of security incidents collected by Verizon over the last 10 years matched just nine attack patterns providing at least a straw of hope to cling on to if you are an information security professional feel overwhelmed by the seemingly innumerable number of security threats out there Below is the stats infested list of nine Continue reading This entry was posted in Cyber Security and tagged Cyber Security Cyber Security Defence on 15 April 2015 by Maritz Cloete Adobe Releases Security Updates for Flash Player ColdFusion and Flex Original release date April 15 2015 Adobe has released three security updates to address multiple vulnerabilities in Flash Player

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201504 (2016-02-14)
    Open archived version from archive


  • CS Risk Management - CS InfoSec Blog
    now require Cyber Essentials Plus Continue reading This entry was posted in Cyber Essentials and tagged cyber essentials on 27 March 2015 by Maritz Cloete Cisco Releases Semiannual IOS Software Security Advisory Bundled Publication Original release date March 26 2015 Cisco has released its semiannual Cisco IOS Software Security Advisory Bundled Publication This publication includes seven Security Advisories that address vulnerabilities in Cisco IOS Software Exploits of these vulnerabilities could result in a denial of service DoS condition interface queue wedge or exchange memory leak US CERT encourages users and administrators to review the following Cisco Security Advisory and apply the necessary updates This product is provided subject to this Notification and this Privacy Use policy Source US CERT This entry was posted in Threat Alerts and tagged Cyber Security on 26 March 2015 by Maritz Cloete ICO tells UK businesses to sort out data protection right now The ICO has told UK businesses to sort out data protection right now even though the new European Data Protection is only scheduled to come into force by 2017 at the earliest There is a lot going on in data protection that UK firms should be aware of besides the new EU data protection rules deputy information commissioner David Smith told a Westminster eForum in London Continue reading This entry was posted in Cyber Security Data Protection Act Compliance and tagged Data Protection on 23 March 2015 by Maritz Cloete Mozilla Releases Security Updates for Firefox Firefox ESR and SeaMonkey Original release date March 20 2015 Last revised March 23 2015 The Mozilla Foundation has released security updates to address vulnerabilities in Firefox Firefox ESR and SeaMonkey Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system Available updates include Firefox 36 0 4 Firefox ESR

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201503 (2016-02-14)
    Open archived version from archive

  • CS Risk Management - CS InfoSec Blog
    September 2014 Lenovo pre installed Superfish VisualDiscovery spyware on some of their PCs This software intercepts users web traffic to provide targeted advertisements In order to intercept encrypted connections those using HTTPS the software installs a trusted root CA certificate for Superfish All browser based encrypted traffic to the Internet is intercepted decrypted and Source US Cert This entry was posted in Threat Alerts and tagged Cyber Security on 20 February 2015 by Maritz Cloete Benefiting from Cyber Essentials This is a copy of an article we wrote that was published in the Cyber Security supplement of the New Statesman 12 16 Feb 2015 Cyber security starts with addressing what you can predict and anticipating what you cannot Cyber security risks are perceived to be unpredictable a perception fed by media coverage of the latest major cyber attacks affecting large companies However if these attacks are examined more closely more often than not the root cause of a successful attack was that cyber defences did not cover all vulnerabilities in the affected company s IT systems Many cyber attackers opportunistically exploit commonly known vulnerabilities in weak IT systems That means some incidents could have been predicted and avoided had the organisations in question taken steps to identify and address them Continue reading This entry was posted in Cyber Essentials and tagged cyber essentials New Statesman on 11 February 2015 by Maritz Cloete Search for Recent Posts Microsoft Releases February 2016 Security Bulletin Adobe Releases Security Updates Oracle Releases Security Updates for Java Comodo Chromodo Browsers Vulnerable to Cross Domain Attacks FTC Announces Enhancements to IdentityTheft gov Topics Security Controls Cyber Security Defence EU Data Regulation APT DPA cyber essentials plus PCI DSS Advanced Persistent Threats ISO27000 ISO27001 2013 Data Loss Prevention ISMS Information Security Data Protection Social Media Management Support

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201502 (2016-02-14)
    Open archived version from archive


  • CS Risk Management - CS InfoSec Blog
    a robbery attempt fail or subsequent arrest inevitable In the UK if a criminal is caught committing a robbery the sentence is from 12 months to life depending on the circumstances Theft of customer information personal details and trade secrets are just three of the key areas in which cyber crime is increasing and in many cases the crime will go unnoticed until the information is used to commit a real world crime Continue reading This entry was posted in Cyber Essentials Cyber Security and tagged cyber essentials Cyber Security Cyber Security Defence Data Loss Prevention Data Protection Information Security on line security Security Controls on 2 December 2014 by Maritz Cloete Search for Recent Posts Microsoft Releases February 2016 Security Bulletin Adobe Releases Security Updates Oracle Releases Security Updates for Java Comodo Chromodo Browsers Vulnerable to Cross Domain Attacks FTC Announces Enhancements to IdentityTheft gov Topics ISMS EU Data Regulation Cyber Security Defence Data Protection PCI DSS ISO27000 Security Controls ISO27001 2013 Information Security DPA ISO IEC27001 2013 Social Media ISO27001 cyber essentials plus Data Loss Prevention APT Management Support Cyber Security cyber essentials Advanced Persistent Threats RSS feed If you want to stay up to date with our

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201412 (2016-02-14)
    Open archived version from archive

  • CS Risk Management - CS InfoSec Blog
    makes for an interesting discussion with our clients However a recent study commissioned by CyberArk highlighted that the majority of criminals do not use valuable zero days exploits instead they use phishing and simple guessing techniques to obtain login credentials of executives or IT staff which they then exploit to gain access to valuable information Continue reading This entry was posted in Cyber Security and tagged Privileged Account Abuse on 21 November 2014 by Maritz Cloete Evaluating the potential cost of a cyber attack Organisations are becoming much more aware of the threat of cyber crime but many are still finding it difficult to translate this threat into real business terms The potential impact of a successful cyber attack on your business s bottom line is not that easy to define because attacks could range from a drive by denial of service attack through to the targeted theft of intellectual property Continue reading This entry was posted in Cyber Security and tagged cyber essentials Cyber Security Information Security on 11 November 2014 by Maritz Cloete The Threat Within Christmas is an expensive time of the year and with the recession and lack of pay rises in many companies a lot of people are starting to feel the pinch This presents a potential security threat to a company as people who are struggling may be tempted to look for other ways to raise extra money Company data may become at risk of disclosure such as a call centre worker selling customer information to a competitor to give them a competitive advantage or knowledge of when a re occurring contract may come to an end Malicious damage could be caused to systems and data or a delay could be caused to a project which would benefit a competitor Alternatively an employee may become frustrated with their situation and blame the company which may also lead to malicious damage being caused The last consideration is that it may not be a sole employee who is looking to steal or cause malicious damage but there may be multiple people involved Continue reading This entry was posted in Cyber Security and tagged Insider Threat on 10 November 2014 by Maritz Cloete How Cyber Essentials helps against attacks and vulnerabilities Whilst many companies and in particular SMEs have historically not recognised the requirement for investment in maintaining robust IT security measures the following statistics make worrying reading Earlier this year the PwC Information Security Breaches Survey 2014 highlighted the fact that the cost of a breach to an organisation has almost doubled since the previous year The average cost to a large organisation for the worst level of security breach is between 600k and 1 15m up from 450 to 850k a year ago The average cost to a small business for its worst security breach is between 65k and 115k up from 35 to 65k a year ago During the last year significant global brands have been impacted by Information security attacks These include Ebay

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201411 (2016-02-14)
    Open archived version from archive

  • CS Risk Management - CS InfoSec Blog
    Information Security Management System ISMS As the fear of security issues increases in business customers are looking for reassurance from companies who are likewise seeking reassurance from their suppliers that information security is being managed to ensure protection of their data For many companies the solution to responding to these concerns is alignment with ISO27001 This article covers some of the key points we have found that will make ISO27001 work for your business Continue reading This entry was posted in ISO27001 2013 and tagged ISO IEC27001 2013 ISO27000 ISO27001 ISO27001 2013 on 21 October 2014 by Maritz Cloete Search for Recent Posts Microsoft Releases February 2016 Security Bulletin Adobe Releases Security Updates Oracle Releases Security Updates for Java Comodo Chromodo Browsers Vulnerable to Cross Domain Attacks FTC Announces Enhancements to IdentityTheft gov Topics Information Security APT ISMS Advanced Persistent Threats cyber essentials plus Data Loss Prevention Social Media DPA Cyber Security Data Protection ISO27001 Management Support Security Controls ISO27000 ISO27001 2013 EU Data Regulation Cyber Security Defence cyber essentials ISO IEC27001 2013 PCI DSS RSS feed If you want to stay up to date with our blog subscribe to our RSS feed Archives February 2016 January 2016 December 2015

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201410 (2016-02-14)
    Open archived version from archive

  • CS Risk Management - CS InfoSec Blog
    Cyber Security and tagged Data Leakage Data Loss Prevention on 27 September 2014 by Maritz Cloete Management Buy in for ISO27001 Implementation Overcome obstacles for Management Buy In for Information Security For any security plan to be effective the co operation of staff at all levels is essential Achieving this is easier said than done with other priorities and lack of communication often proving to be stubborn obstacles To ensure staff buy in management must be seen to fully support an information security plan and this can be a tough obstacle to overcome Finding the best way to justify a security plan in the face of objections can be a challenge but being prepared with the facts about the risks and benefits will be a big advantage Continue reading This entry was posted in ISO27001 2013 and tagged ISMS ISO27001 Management Buy in Management Support on 10 September 2014 by Maritz Cloete Search for Recent Posts Microsoft Releases February 2016 Security Bulletin Adobe Releases Security Updates Oracle Releases Security Updates for Java Comodo Chromodo Browsers Vulnerable to Cross Domain Attacks FTC Announces Enhancements to IdentityTheft gov Topics ISO27001 Social Media Management Support Cyber Security Data Loss Prevention Security Controls Information

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201409 (2016-02-14)
    Open archived version from archive

  • CS Risk Management - CS InfoSec Blog
    Security and tagged Advanced Persistent Threats APT Cyber Security on 21 August 2014 by Maritz Cloete Social Media Friend or Foe Love it or hate it social networking has firmly embedded itself into the fabric of our world The likes of Facebook Twitter and LinkedIn can be powerful business tools especially for marketing communication and recruitment purposes But there is also the less appealing nature of the beast Provide employees with access to the internet and most will check their online profiles at least once during the day and the resulting downtime can quickly accumulate But to a business a far greater threat than the lack of productivity is the security of what is shared online through these networks Continue reading This entry was posted in Cyber Security and tagged Cyber Security Social Media on 10 August 2014 by Maritz Cloete Search for Recent Posts Microsoft Releases February 2016 Security Bulletin Adobe Releases Security Updates Oracle Releases Security Updates for Java Comodo Chromodo Browsers Vulnerable to Cross Domain Attacks FTC Announces Enhancements to IdentityTheft gov Topics cyber essentials ISO27001 Social Media APT PCI DSS Cyber Security Defence ISMS ISO27000 Security Controls Advanced Persistent Threats Data Protection ISO IEC27001 2013 Management

    Original URL path: http://www.csriskmanagement.co.uk/blog/?m=201408 (2016-02-14)
    Open archived version from archive



  •  


web-archive-uk.com, 2017-12-15