Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

UK Hacking Fines

UK firms to face fines of up to £17m if they fail to protect against hackers

The UK Government has committed to updating and strengthening data protection laws through a new Data Protection Bill.

The aim is to give consumers the confidence that their data will be managed securely and safely. Research shows that more than 80 per cent of people feel that they do not have complete control over their data online.

Under the plans individuals will have more control over their data by having the right to be forgotten and ask for their personal data to be erased. This will also mean that people can ask social media channels to delete information they posted in their childhood. The reliance on default opt-out or pre-selected ‘tick boxes’, which are largely ignored, to give consent for organisations to collect personal data will also become a thing of the past.

Businesses will be supported to ensure they are able to manage and secure data properly. The data protection regulator, the Information Commissioner’s Office (ICO), will also be given more power to defend consumer interests and issue higher fines, of up to £17 million or four per cent of global turnover, in cases of the most serious data breaches.

Matt Hancock, Minister of State for Digital said: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.

“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”

The Data Protection Bill will:

  • Make it simpler to withdraw consent for the use of personal data
  • Allow people to ask for their personal data held by companies to be erased
  • Enable parents and guardians to give consent for their child’s data to be used
  • Require ‘explicit’ consent to be necessary for processing sensitive personal data
  • Expand the definition of ‘personal data’ to include IP addresses, internet cookies and DNA
  • Update and strengthen data protection law to reflect the changing nature and scope of the digital economy
  • Make it easier and free for individuals to require an organisation to disclose the personal data it holds on them
  • Make it easier for customers to move data between service providers

New criminal offences will be created to deter organisations from either intentionally or recklessly creating situations where someone could be identified from anonymised data.

Elizabeth Denham, Information Commissioner, said: “We are pleased the Government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public.”

Data protection rules will also be made clearer for those who handle data but they will be made more accountable for the data they process with the priority on personal privacy rights. Those organisations carrying out high-risk data processing will be obliged to carry out impact assessments to understand the risks involved.

The Bill will bring the European Union’s General Data Protection Regulation (GDPR) into UK law, helping Britain prepare for a successful Brexit.

Julian David, CEO of techUK, offered: “The UK has always been a world leader in data protection and data-driven innovation. Key to realising the full opportunities of data is building a culture of trust and confidence.

“This statement of intent is an important and welcome first step in that process. techUK supports the aim of a Data Protection Bill that implements GDPR in full, puts the UK in a strong position to secure unhindered data flows once it has left the EU, and gives businesses the clarity they need about their new obligations.”

CensorNet

INDUSTRY SPOTLIGHT: CensorNet Cloud Security

CensorNet, the complete cloud security company, helps organisations to effectively manage and control the use of cloud applications in their business.

The company provides a unified and multi-layered approach to securing the cloud via its purpose built, multi-functional cloud security platform that delivers integrated web security, email security, CASB and adaptive multi-factor authentication.

This provides organisations with security-focused visibility and control over user access, data and assets to allow access while controlling outcomes and allows businesses to address the security, audit, compliance and productivity issues associated with the use of cloud applications and devices.

CensorNet enables organisations to control Shadow IT, safely implement BYOD initiatives and protect from cyber threats.

www.censornet.com

Smart Car

UK government issues smart car security guidelines

A new generation of internet-connected cars will have to be better protected from hackers, under tough new UK government guidance issued this week.

Smart vehicles are increasingly becoming the norm on British roads – allowing drivers to access maps, travel information and new digital radio services from the driving seat.

But while smart cars and vans offer new services for drivers, it is feared would-be hackers could target them to access personal data, steal cars that use keyless entry, or even take control of technology for malicious reasons.

The new government guidance has been written to ensure engineers developing smart vehicles will have to toughen up cyber protections and help ‘design out’ hacking.

The government is also looking at a broader programme of work announced in this year’s Queen’s speech under the landmark Autonomous and Electric Vehicles Bill that aims to create a new framework for self-driving vehicle insurance.

It is claimed the legislation will put Britain at the centre of the new technological developments in smart and autonomous vehicles – while ensuring safety and consumer protection remain at the heart of the emerging industry.

Measures to be put before Parliament mean that insuring modern vehicles will provide protection for consumers if technologies fail.

This comes alongside new guidance that means manufacturers will need to design out cyber security threats as part of their development work.

This, the government says, will cement the UK as a world-leading location for research and development for the next generation of vehicles. And it forms part of the government’s drive to ensure the country harnesses the economic and job-creating potential of new tech industries.

Transport Minister Lord Callanan said: “Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low, but we must make sure the public is protected. Whether we’re turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.

“That’s why it’s essential all parties involved in the manufacturing and supply chain are provided with a consistent set of guidelines that support this global industry. Our key principles give advice on what organisations should do, from the board level down, as well as technical design and development considerations.”

Security IT Summit

SAVE THE DATE: Security IT Summit 2018

The Security IT Summit will return on July 3rd 2018 at the Hilton London Canary Wharf, once again providing the leading platform for senior IT security professionals to meet with trusted solution providers, learn from the sector’s preeminent thought-leaders and and network with peers.

The 2017 instalment of the event was the most successful yet, with delegates able to meet with the likes of LogRhythm, Bomgar, Celestix, Darktrace, ESET, LGC, Onapsis, Okta, Performanta, Pervade Software, PhishMe, PT Global Solutions, SonicWall, Twist and Shout Media, Unipart Security Solutions, Varonis, WinMagic Data Security and more.

Meanwhile, the Security IT Summit’s seminar programme tackled the big issues of National Cyber Security Strategy, Cloud Software Security and GDPR Compliance.

Of course, for 2018 the event will remain completely FREE to attend for IT security professionals – to register for your VIP delegate place click here, or contact Liz Cowell on 01992 374 072 or email l.cowell@forumevents.co.uk.

Alternatively, if you’re an IT security solutions provider and would like to showcase your products and services at the Security IT Summit, contact Haydn Boxall on 01992 374 084 or email h.boxall@forumevents.co.uk.

Security IT Summit

Limited availability for Total Security Summit places

There are a very limited number of places left for delegates at the Total Security Summit, which takes place on October 16th & 17th 2017 at Whittlebury Hall, Northamptonshire.

It’s FREE to attend, but you need to act swiftly if you would like to be part of the event.

As a VIP guest, you will join other senior security professionals from organisations including Celtic Manor Resort, Nottingham City Council, Prudential, Thames Water, Tesco, Telefonica, Avis, Budget, Greene King, Discovery Communications, Boots, Google, EDF Energy, Vodafone, The Walt Disney Company and many more.

Plus, you’ll be able to meet leading suppliers of security services, who can help you with projects in 2018 and beyond.

Don’t miss out. There are just a handful of FREE places left.

To secure yours, contact Leanne Webster on 01992 374066 or email leanne.webster@forumevents.co.uk.

Alternatively, if you’re an industry supplier and would like to showcase your products and services at the Total Security Summit, contact Nick Stannard on 01992 374092 or email n.stannard@forumevents.co.uk.

Bomgar

INDUSTRY SPOTLIGHT: Bomgar Secure Access Solutions

Bomgar is the leader in Secure Access solutions that empower businesses – its leading privileged access management and secure remote support solutions help security, IT and support professionals improve productivity and security by enabling secure, controlled connections to any system or device, anywhere in the world.

Bomgar offers the most secure remote access and support technology on the planet. Each encrypted connection is outbound, so you can connect without VPN or firewall changes.

You can leverage Active Directory and LDAPS to manage authentication, require multi-factor authentication, define more than 50 permissions for technicians and privileged users, and capture a detailed audit log of every remote connection.

For more information, visit www.bomgar.com.

Security IT Summit

Are you ready to meet your new security partners?

If you’re thinking about changing your partners for IP/IT Security, Access Control, Business Continuity, CCTV, Fire Solutions, Loss Prevention, Perimeter Security, Transit Security and more, then you need to attend the Total Security Summit as a VIP guest.

The 20th Anniversary edition of this two-day event takes place on October 16th & 17th 2017 at Whittlebury Hall in Northamptonshire, providing a unique opportunity for you to meet with trusted security suppliers across a range of disciplines.

Among the firms standing by to meet your security needs in 2018 and beyond are Alternative Systems Protection, ASDC Southern Ltd, Gallagher Security (Europe) Ltd, Grosvenor Technology, HIK Vision, IndigoVision , UTC, Milestone Systems UK & Ireland, Nedap, Stanley Security Solutions, Track Force, Tyco, VSG and more.

In addition to a personalised itinerary with the above suppliers, your complimentary VIP invitation includes attendance to an inspiring seminar programme hosted by industry thought leaders, opportunities to network with peers, overnight accommodation plus full hospitality throughout.

Simply click here to confirm your place, or contact Leanne Webster on 01992 374066 / leanne.webster@forumevents.co.uk.

Cooperate

Ex-CIA official: Global cyber security cooperation ‘critical’

The CIA’s former Chief Technology Officer Gus Hunt has called for more international engagement on the issue of cyber-security, even between countries who are not traditionally seen as allies.

Speaking to the Straights Times on a visit to Singapore, Hunt – who now heads up a cyber division at Accenture Federal Services – pinpointed the inter-connectivity being fostered by initiatives such as the Internet of Things (IoT) as one of the catalysts for the growing number of high-profile malware attacks.

“[The growing use of smart and connected devices is the] single biggest issue facing cyber security”, said Hunt. “That means there could be a hundred times more ways by which hackers could get at you, and we really have to begin to focus very clearly as nations and businesses about how to secure these things.”

To combat this threat, Hunt said that cooperation between countries would be ‘critically important’, in part referencing President Trump’s recent, poorly received, suggestion that the US and Russia should foster closer ties when it comes to cyber security.

“We need to develop international partnerships around cyber security as all of us are affected by it,” said Hunt. “The worst thing that can happen is that we lose all confidence in our ability to do commerce electronically. Imagine how destructive that would be to national economies.”

Hunt also suggested that there was a need to extend tenets of the Geneva Convention, such as the agreement not to attack hospitals with conventional weapons, to include cyber attacks too, given the recent impact of malware such as WannaCry on organisations such as the NHS in the UK.

Security IT Summit

EVENT REVIEW: Security IT Summit

The UK’s cyber security industry descended on the the Hilton London Canary Wharf last Tuesday (July 4th) for the Security IT Summit.

And the timing couldn’t have been more serendipitous – the latest high profile cyber attack demonstrated that companies around the world remain vulnerable.

After the WannaCry ransomware infected more than 230,000 computers in 150 countries last month, the latest virus outbreak last week disrupted world business again, with economic losses expected to be in the billions.

As such, the Security IT Summit represented a unique opportunity for delegates from some of the UK’s biggest corporations and organisations to find the tools they need to protect their business, allowing them to meet with trusted cyber security solution providers, learn from industry experts and discuss challenges with like-minded peers.

Among the solution providers delegates were able to meet were LogRhythm, Bomgar, Celestix, Darktrace, ESET, LGC, Onapsis, Okta, Performanta, Pervade Software, PhishMe, PT Global Solutions, SonicWall, Twist and Shout Media, Unipart Security Solutions, Varonis, WinMagic Data Security and more.

Meanwhile, the event’s seminar programme tackled the big issues of National Cyber Security Strategy, Cloud Software Security and GDPR Compliance.

Plus, delegates got to hear first hand from ex-fraudster Elliot Castro, whose seminar session ‘Fraud: How it’s done – and what to look out for’ detailed how he managed to scam call centres and individuals out of £2 million.

But don’t worry if you weren’t able to attend – we’ll be announcing dates for the Security IT Summit 2018 shortly – for more information about how you can take part, contact Haydn Boxall on 01992 374 084 or email h.boxall@forumevents.co.uk.

10Duke

INDUSTRY SPOTLIGHT: 10Duke Authentication & Authorisation

10Duke provides authentication and authorisation as-a-service solutions for leading consumer and technology brands worldwide such as Trimble, Unilever, Savills, Volvo, Rovio and more.

Our products are used to address three primary use cases:

The 10Duke Identity Provider – enables Single Sign-On (SSO) for customers accessing applications, whether they are desktop, mobile or web, using either their preferred email (direct login), their company ID (domain login) or their favourite social ID (social login).

The 10Duke Identity Bridge – a cloud-based service that provides Single Sign-On (SSO) capability for employees and contractors to seamlessly access multiple SaaS applications with the same username and password without the need to login separately to each service.

The 10Duke Entitlements – gives you control of the delivery and licensing of your applications; it provides an engine to dynamically create and manage the licenses you offer to customers and supports a wide variety of license models.