The simple way to mitigate over 90% of Critical Microsoft Vulnerabilities

Unconvinced about the importance of removing user admin rights? Read on for some compelling reasons why user privileges should be at the top of your security agenda in 2014. Continue reading

Posted in Vulnerabilities | Tagged , , , | Comments Off

5 reasons to love least privilege security

IT security doesn’t often get much love, from end users or system administrators. So in this post, I’m going to give you 5 reasons why you should embrace least privilege security with open arms on Valentine’s Day. Continue reading

Posted in Least Privilege | Tagged , , , | Comments Off

Microsoft extends limited security support for Windows XP – but is this enough?

Microsoft has announced that it will continue to provide updates to its anti-malware signatures and engine for Windows XP users until July 14th, 2015. But what does this really mean?

The end of support for the operating system as a whole is April 8th, 2014, and this extended security service isn’t enough to keep organizations secure. Continue reading

Posted in Windows Migration | Tagged , , , | Comments Off

Data breaches multiply: Something is badly wrong, but what?

Target’s breach tells us the world still isn’t fixed.

The list of world-famous firms humbled by data breaches since 2007 makes sobering reading: Heartland, TK Maxx, the Sony PlayStation Network, Evernote, and now retailer Target are among a long list that have ended up with their expensively-tended brand names etched into data security history for the wrong reasons. Continue reading

Posted in Cyber Threats | Tagged , , | Comments Off

What’s new in PCI 3.0?

Following the launch of PCI DSS 3.0 in January, I’ve been faced with questions from many businesses about changes they should implement within the next year to remain or become compliant with the updated mandate. Continue reading

Posted in Regulatory Compliance | Tagged , , , | Comments Off

Using least privilege to achieve compliance: The dual benefit

What do the guidelines of PCI DSS, FDCC, SOX and HIPAA have in common? These mandates, in addition to other commonly implemented regulations, either explicitly demand or at least suggest the use of least privilege security to effectively safeguard data. In terms of compliance, this methodology has a dual benefit – not only does it satisfy auditors, but it will also protect against security breaches that could result in destructive data loss. Continue reading

Posted in Regulatory Compliance | Tagged , , , , | Comments Off

7 Windows 7 Resolutions for 2014

Migrating from XP to 7 offers organizations a good moment to re-assess their security setup. But where to start?

After nearly 13 years, Tuesday 8 April is the day Windows XP reaches the end of the road as Microsoft pulls extended support. Anyone still running XP after that day will be on their own and left exposed to an inevitable wave of malware attacks lured by the pickings to be had from millions of PCs running an unpatched operating system. Continue reading

Posted in Least Privilege, Windows 7 | Tagged , , , | Comments Off

Admin Rights in Windows 7/8: 5 Steps to Make Your Migration a Success

Imagine an OS without security updates, hotfixes or support – being stuck in a world of perpetual zero days in what would effectively be open season for cybercriminals. Come April 8th 2014, this is exactly what many organizations will be facing as Microsoft withdraws it’s free support for the hugely popular Windows XP operating system. Continue reading

Posted in Windows 7, Windows 8 | Tagged , , | Comments Off

Top 5 Security Predictions for 2014

2013 will be remembered as a somewhat turbulent year for cyber and data security. Amongst the numerous high profile data breaches, involving such companies as The New York Times, Adobe and Facebook, was of course Edward Snowden and the NSA scandal, which effectively changed the game in terms of the ‘insider threat’.

However, promising to be just as significant a year for security, we look at the top 5 challenges affecting organizations in 2014. Continue reading

Posted in Cyber Threats | Tagged , , , | Comments Off

Cyber Threats: How modern hackers are waiting to ensnare the User

Hackers have evolved since the days when you would receive an anonymous email with a suspicious attachment. Now cyber-criminals are using ever more sophisticated methods to circumvent system defences and actively pursue an organization’s single biggest weakness, the user. Continue reading

Posted in Cyber Threats, Insider Threat | Tagged , , , , | Comments Off