Stuart O'Brien, Author at Cyber Secure Forum | Forum Events Ltd - Page 5 of 5
Posts By :

Stuart O'Brien

‘Fake Security’ at festivals under investigation

 960 639 Stuart O'Brien
By:
0
0

The Security Industry Authority (SIA) has begun investigation into a security firm for allegedly supplying copied badges to unlicensed stewards at UK festivals.

LS Armour Security of Barry, South Wales is alleged with the offence.

The investigation has led to two arrests, along with seizure of business records, including contracts for future events.

It is believed that the SIA has also requested the assistance of other event organisers of festivals that have used the firm previously and have future bookings.

In a statement, an SIA spokesman said: “This type of unlawful conduct remains rare due to responsible organisers and security providers conducting appropriate due diligence.

“Nevertheless, the SIA understands that at this time of year, event organisers and primary contractors may not have sufficient SIA-licensed staff, which can lead to extensive sub-contracting.

“This provides opportunities to rogue providers that, with appropriate checks by organisers and primary contractors, can be largely mitigated.”

The watchdog issues licences to bouncers and security firms.

The SIA has also sent letters to promoters asking that “all reasonable steps to ensure the person named on and in possession of the licence are the same person by requiring them to provide further evidence of identity”. The SIA adds that by doing so “this will mitigate the risk of the cloned licence”.

The £1m cost of a data security breach

 960 640 Stuart O'Brien
By:
0
0

A new report by NTT Security has revealed that a UK business will spend more than  £1 million recovering from a data security breach.

The study of 1,350 non-IT business decision makers across 11 countries, 200 of which are from the UK, also reveals that respondents anticipate it would take, on average, almost three months (80 days) to recover from an attack, almost a week longer than the global average of 74 days. UK respondents also predict a significant impact of their organisation’s revenue, suggesting as much as a 9.5 per cent drop, which fares slightly better than the global average of nearly 10 per cent.

In the UK, business decision makers expect a data breach to cause short-term financial losses, as well as affect the organisation’s long-term ability to do business. More than two-thirds (64 per cent) cite loss of customer confidence, damage to reputation (67 per cent) and financial loss (44 per cent), while one in 10 anticipate staff losses, and nine per cent expect senior executives to resign following a security incident.

Some 63 per cent of respondents in the UK ‘agree’ that a data breach is inevitable at some point, up from the previous report’s UK figure of 57 per cent.

“Companies are absolutely right to worry about the financial impact of a data breach – both in terms of short-term financial losses and long-term brand and reputational damage,” said Linda McCormack, vice president UK & Ireland at NTT Security.

“Although this year’s £1.1m figure is slightly down on last year’s report (£1.2m), no company, regardless of its size, sector or focus, can afford to ignore the consequences of what are increasingly sophisticated and targeted security attacks, like the widespread and damaging ransomware attack we recently witnessed.“

A full copy of the 2017 Risk:Value report can be found here.

 

 

CPA Global awarded ISO 37001 anti-bribery certification

 960 247 Stuart O'Brien
By:
0
0

IP management and technology company CPA Global has been awarded the ISO 37001 standard for anti-bribery management systems, following an extensive assurance audit conducted by the independent certification body ETHIC Intelligence.

CPA Global has had a long-standing commitment to bribery prevention, both internally and between its wider network of partners and agents.

“Our objective is always to operate to the highest professional standards across the entire business” said CEO Simon Webster. “The achievement of ISO 37001 certification at such an early stage in its existence demonstrates our commitment to delivering a professional and trusted service to our customers around the world.”

Mark Speck, Chief Compliance Officer at CPA Global, added: “Commitment to the highest level of professional practice which includes careful selection and continuous due diligence of our third parties has always been part of the CPA Global DNA.

“The granting of ISO 37001 certification is testimony to our employees’ collective dedication to meeting and exceeding on security, privacy, and performance standards. Following the audit, the lead auditor praised CPA Global’s noteworthy compliance achievements, including the commitment that CPA Global employees across the globe had to our anti-bribery policy.

“We believe that by achieving this certification quickly, we can encourage our partners, suppliers and agents to reach the same level of compliance.”

The World Bank estimates that businesses and individuals pay an estimated $1.5 trillion in bribes each year, around two per cent of global GDP. Bribery and corruption has been shown to have a negative impact on economic development and to reduce overseas investment in impacted countries. The ISO standard 37001 was established in 2016 to raise the level of awareness and compliance with anti-bribery best practice on an international scale. The standard specifies requirements for establishing, implementing, and continually improving anti-bribery management systems. The system can be stand-alone or integrated into an overall management system.

Responsible leadership critical to managing AI and robots

 960 640 Stuart O'Brien
By:
0
0

A recent roundtable held at Nyenrode Business Universieit has found that responsible leadership is critical to manage changes such as job losses to AI and robotics technologies, both societally and environmentally.

The roundtable, made up of 24 managers of prominent, ethically responsible Dutch firms, as well as 24 outstanding students from seven Dutch universities, met to discuss AI and robotics technologies developments.

Bob de Wit, Professor of Strategic Leadership at Nyenrode Business Universiteit and organiser of the event, commented: “Advancements such as AI, robotics and big data will be the catalysts for a societal revolution. As businesses increasingly adopt them, huge numbers could lose their jobs, affecting both work and economic structures globally.

“It is likely that the new jobs that these technologies create will be high-skilled and too few in number. And when every economy relies on its citizens having income, once these job losses start hitting – purported by consulting firm, CBRE, to be half of professional jobs by 2025 – then spending will stop, taxes will plummet and the economy will suffer.

“Although every business wants to keep up with the digital revolution, cutting corners ethically could result in far worse consequences for us all.”

Without commitment to responsible leadership, sectors such as oil and energy could harness tech advancements to protect their interests at great future cost.

Wit concluded: “Businesses, societies and governments are not fully prepared for the speed of the advancements we are making in work-related technology. The next generation of managers need to prioritise ethical, social and environmental responsibility when making big decisions, perhaps even putting these above profit. The power tech affords us is immense, but if misused, the consequences could be irreversible.”

NHS faces staff retention crisis

 960 692 Stuart O'Brien
By:
0
0

Figures released by the Nursing and Midwifery Council have revealed that more nurses and midwives are leaving the profession than joining, up to 51% in a four year period.

Low pay, poor working conditions, long hours and a shortage of qualified staff are all blamed for the decision to leave.

For the first time ever, the Royal College of Nursing (RCN) figures show that more have left the register than joined during 2016/17.

With over 40,000 nursing vacancies in England, the RCN and Royal College Of Midwives (RCM) have called on the Government to scrap the pay cap to help halt the loss of talent.

In an interview with Sky News, Saffron Cordery, director of policy and strategy at NHS Providers, said: “This goes beyond the concerns over Brexit – worrying though they are.

“The reduction in numbers is most pronounced among UK registrants. And it is particularly disappointing to see so many of our younger nurses and midwives choosing to leave.”

Janet Davies, chief executive of the Royal College of Nursing, said: “With more people leaving than joining, the NHS will be further than ever from filling the 40,000 vacant nurse jobs in England alone.

“The 1% cap means nursing staff can no longer afford to stay in the profession and scrapping student funding means people can no longer afford to join it.”

Apprenticeship Levy spurs HR strategies

 960 640 Stuart O'Brien
By:
0
0

New research from talent and acquisition firm Alexander Mann Solutions has revealed that the introduction of the Apprenticeship Levy offers companies the opportunity to embrace new opportunities.

The White Paper was based on in-depth interviews with organisations including BAE Systems, Barclays, BT, CapGemini, GE, HSBC, Jaguar Land Rover and Santander, amongst others.

It found that the introduction of the Levy presents a rare opportunity to engage in meaningful conversations with both finance and general management teams about what is needed in terms of future talent, sourcing, and development.

The research also revealed further opportunities around improving the inclusion of individuals from under-represented groups; the majority of contributors agree that the new round of apprenticeships has the potential to tap into under-utilised pools of talent and consequently generate significant workplace diversity benefits.

“What I find really encouraging about the interviews we conducted for this White Paper, and the wider discussions I’ve had with other senior HR figures since, is the fact that major employers in the UK are embracing opportunities offered by the introduction of the Levy,” commented Tim Campbell, head of client services, Emerging Talent, Alexander Mann Solutions.

“Its introduction seems to have galvanised thinking around the sourcing and the development of talent and how it can be more closely aligned with the real needs of organisations, both now and in the foreseeable future. And the result has already been a set of innovative and imaginative strategies, which, while still in their early stages, seem set to revolutionise the way we recruit, train and retain our people – not only with regards to emerging talent, but also wider workforces.”

NHS left vulnerable to cyber attacks

 960 634 Stuart O'Brien
By:
0
0

Experts from the British Computer Society (BCS) & The Chartered Institute for IT have claimed that a lack of investment in cyber-security software and accountability left the NHS open to the Wannacry virus.

The malware disrupted hospital staff across the UK in May as computers systems crashed, leaving frontline hospital staff unable to access important patient information, with operations cancelled and doctors and nurses forced to rely on hand-written notes to track patient’s case histories and treatments.

A report into the attack by the BCS found that the crisis could have been avoided had hospital IT teams had an official cyber-attack protocol, in-house cyber-security experts and up-to-date secure software.

‘’Patients should be able to trust that hospital computer systems are as solid as the first-class doctors and nurses that make our NHS the envy of the world,” said David Evans, director of community & policy at The Chartered Institute.

“Unfortunately, without the necessary IT professionals, proper investment and training the damage caused by the Wannacry ransomware virus was an inevitability, but with the roadmap we are releasing today, will make it less likely that such an attack will have the same impact in the future.”

The Chartered Institute of IT has joined forces with the Patient’s Association, the Royal College of Nursing, Microsoft to produce a blueprint that outlines steps NHS trusts should take to avoid another crippling cyber-attack.

Top of the list is ensuring there are clearly laid-out standards for accrediting relevant IT professionals. NHS board are being urged to ensure they understand their responsibilities, how to make use of registered cyber security experts and increase the number of qualified and registered IT professionals.

DNS-based attacks costs businesses $2m+ a year

 960 240 Stuart O'Brien
By:
0
0

Research by network services provider Efficient IP has revealed that poorly designed network solutions cost businesses more than $2 million a year.

The 2017 Global DNS Threat Survey Report explored the technical and behavioural causes of the rise in DNS threats and their potential effects to businesses across the world. Major issues highlighted by the study in its third year include a lack of awareness as to the variety of attacks, a failure to adapt security solutions to protect DNS and poor responses to vulnerability notifications. These concerns will not only be subject to regulatory changes, but also create a higher risk of data loss, downtime or compromised public image.

According to the report, carried out among 1,000 respondents across APAC, Europe and North America, 94% of respondents claim DNS security is critical for this business. Yet 76% of organisations have been subjected to a DNS attack in last 12 months and 28% suffered data theft. The Global DNS Threat Survey Report also estimates the annual average costs of the damages caused by DNS attacks to be $2.236 million (for organisations with 3,000+ employees). The leading causes were Malware (35%), DDoS (32%), Cache Poisoning (23%), DNS Tunnelling (22%) or Zero-Day Exploits (19%).

“The results once again highlight that despite the evolving threat landscape and the increase in cyber-attacks, organisations across the globe and their IT departments still don’t fully appreciate the risks from DNS-based attacks,” said David Williamson, CEO at EfficientIP.

“In less than a year, GDPR will come into effect, so organisations really need to start rethinking their security in order to manage today’s threats and save their business from fines of up to £20 million or 4% of global revenue.”

Globally, the results varied widely. 39% of respondents from the UK and US demonstrated more awareness of the top 5 DNS-based attacks than Spain (38%), Australia (36%), Germany (32%) and France (27%), but less than India (50%) and Singapore (47%). In the UK, the attacks organisations are the most aware of include: DNS-based Malware (52%), DDoS (43%), DNS Tunnelling (39%), Cache Poisoning (34%) and Zero-Day Exploits (28%).

The full report and recommendations can be read here

 

CAST for Security arrives

 960 636 Stuart O'Brien
By:
0
0

Software analysis and measurement company CAST has launched CAST for Security.

Offering system-level analysis to strengthen the security of business-critical software, CAST for Security helps organisations optimise application design to protect sensitive data, by preventing common software attacks and enforcing architectural constructs known to keep data secure.

Combining technology from the Application Intelligence Platform (AIP) and specific rules for static application security testing (SAST), CAST for Security flags security hot spots that are vulnerable to attack, ensures secure coding practices, eliminates false positives and trends security performance over time.

“Cyber risk and security challenges have moved beyond network-level issues to the application layer. To be successful in this new paradigm, CIOs must adopt a holistic, proactive and design-based approach to securing applications while not overwhelming development teams,” said Olivier Bonsignour, EVP of product development at CAST.

“As organisations adopt DevOps and Agile methodologies for speed, CAST for Security opens a new line of cyber defence by inserting secure design practices from the beginning of the software development lifecycle, resulting in high-quality, secure apps that can still be delivered in a timely manner.”

“As a recognised leader in analysing system reliability and resilience in IT software, CAST has always had an established set of security findings,” added Lev Lesokhin, EVP of Strategy and Analytics at CAST.

“Over the last two years, a significant part of our customer base has tapped CAST for our security capabilities because it’s much more comprehensive than what is available today. CAST for Security is now packaged and priced as a separate offer to make it easier for our customers to benefit from CAST’s expertise in application security.”

www.castsoftware.com