All Archives - Page 62 of 79 - Cyber Secure Forum | Forum Events Ltd

All

UK universities recognised for excellence in cyber security research

 960 640 Stuart O'Brien
By:
0
0

Three UK universities have been recognised as Academic Centres of Excellence in Cyber Security Research (ACE-CSR).

The National Cyber Security Centre (NCSC) and the Engineering and Physical Sciences Research Council (ESPRC) have identified the University of Kent, King’s College London, and Cardiff University as having first-rate research with scale and impact.

The universities will now join 14 other institutions in a scheme forming part of the Government’s National Cyber Security Strategy, which is making the UK the safest place to be online and helping to support the country’s thriving digital economy.

The universities will now have the opportunity to bid for funding to develop cutting-edge research in cyber security, including at Doctoral level, as well as attend annual conferences and workshops.

The scheme aims to create a better understanding of the strength of the UK’s academic capability in cyber security and identify areas where there are research opportunities or technical gaps. It makes collaboration between academia, business and government easier, and helps make sure cutting-edge research is turned into practical products and services. This includes developing tools to tackle mass marketing fraud online and better understand cyber criminals.

Minister for Digital Margot James said: “These universities are doing fantastic research in cyber security and they are rightly being recognised for their pioneering work. We have some of the best minds in the world working in the field and thanks to this scheme they can now help shape our National Cyber Security Strategy and develop the talent and services of tomorrow.”

Chris Ensor, Deputy Director for Cyber Security Skills and Growth at the NCSC, said: “The UK has world-class universities carrying out cutting edge research into all areas of cyber security. It’s fantastic to see three more universities recognised as Academic Centres of Excellence and I’m especially pleased that we now have centres in all home nations. The NCSC looks forward to collaborating with these institutions to make the UK the safest place to live and work online.”

Professor Pete Burnap, Professor of Data Science & Cybersecurity, and Director of the Airbus Centre of Excellence in Cybersecurity Analytics at Cardiff University said: “We are delighted to receive this recognition as it evidences our long track-record of research excellence in cyber security. Our core identity is the interdisciplinary fusion of artificial intelligence and cybersecurity, a concept we call Cyber Security Analytics. AI is at the heart of the UK government’s industrial strategy and our aim is to innovate with AI to improve automated cyber threat intelligence and support decision making and policy responses to make the UK more secure for individuals, business and the government. We are proud to be the first Welsh university to be recognised by NCSC for our cyber research capability, and we hope to build on the impressive expertise that already exists across the region between academia, government and business.”

Dr Jose M. Such, Director of the Centre, and Senior Lecturer in the Department of Informatics at King’s College London said: “We are thrilled to be recognised for the high-quality socio-technical cyber security research we conduct at King’s College London. This recognition acknowledges the critical and diverse mass of researchers working on this area at King’s from different but complementary angles and points of view. Our research focuses on three main research themes and their interrelationship: the use of AI for cyber security together with the cyber security of AI itself, the theoretical aspects of cyber security like verification and testing, and the socio-political and strategic aspects of cyber security.”

Shujun Li, Professor of Cyber Security and Director of the Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) at the University of Kent, said: “We are excited to be given the ACE-CSR status as an acknowledgement of the excellent research in cyber security at the University of Kent. Our research is truly interdisciplinary drawing on the expertise of colleagues from computer science and engineering as well as wider disciplines such as psychology, law, business and sociology. Our ambition is to have one of the largest and most productive cyber security research centres in the UK by 2022 as well as helping to grow the next-generation cyber security researchers.”

The ACE-CSR programme is supported by Government’s £1.9 billion National Cyber Security Strategy (NCSS) 2016-2021.

List of institutions that are recognised as Academic Centres of Excellence in Cyber Security Research are:

  • University of Birmingham
  • University of Bristol
  • University of Cambridge
  • Cardiff University
  • University of Edinburgh
  • University of Kent
  • Imperial College London
  • King’s College London
  • Lancaster University
  • Newcastle University
  • University of Oxford
  • Queen’s University Belfast
  • Royal Holloway, University of London
  • University of Southampton
  • University of Surrey
  • University of Warwick
    University College London

Meet your next cybersecurity partners at the Security IT Summit

 960 640 Stuart O'Brien
By:
0
0

The Security IT Summit returns once again for 2019, taking place on July 2nd 2019 at the Hilton London Canary Wharf.

The event will provide you with a rare full working day of networking, learning and connection building – plus cost-saving cybersecurity solutions.

In short, the Security IT Summit will enable you to lay the groundwork for your organisation’s cyber security strategy.

And what’s more, the Security IT Summit is completely FREE to attend as our VIP guest – benefits include:

– A personalised itinerary of meetings with solution providers who match your project requirements
– Attendance to a series of seminar sessions hosted by industry thought leaders
– Informal networking with peers
– Lunch and refreshments provided throughout the day

You’ll be joining 65+ other senior IT security professionals, and the the industry’s most trusted solution providers.

Among the delegates attending the last Security IT Summit were representatives from Arcadia, British Red Cross, Barclays PLC, Cancer Research, Fenwick, Financial Ombudsman Services, GE Capital, John Lewis, London Stock Exchange Group, Marshall Motor Group plc, Moonpig, Nationwide, O2 Telefonica, Pret A Manager, Prudential, The Guardian, Vodafone, Yorkshire Housing and more.

Register for your free place here.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

Do you specialise in Penetration Testing? We want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – in September we’re focussing on Penetration Testing.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Penetration Testing specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Lisa Carter on lisa.carter@mimrammedia.com.

Here are the areas we’ll be covering, month by month:

September – Penetration Testing

October – Vulnerability Management

November – Employee Security Awareness

December – Malware

For information on any of the above topics, contact Lisa Carter on lisa.carter@mimrammedia.com.

Biometrics and behaviour-based authentication on the rise

 960 640 Stuart O'Brien
By:
0
0

A new survey suggests our relationship with passwords to identify ourselves online is shifting.

For some of us, it’s shocking to consider single-factor authentication is even in use today, given that poor password habits and stronger computing power has led to an increase in hacking-related breaches involving either stolen or weak passwords.

But a Callsign survey has revealed that a knowledge-based approach, such as passwords, for accessing online accounts is now favoured by less than half of UK and US respondents (45% on both sides of the Atlantic).

Over the last few years, increased availability of biometric tools on laptops, tablets and smartphones has given consumers a taste for biometric identification, and in the survey 30% noted a preference for sharing and storing biometric information (32% in the UK and 27% in the US) for identification when accessing an online account or making a purchase.

Bit it’s clear there’s still a long way to go in shifting consumer attitudes away from solely relying on passwords. Callsign says biometric information as well as behavioural biometric data – such as the way a user swipes their screen or their unique keystroke pattern when entering their password – need to become the norm, so companies can more intelligently identify anomalies and apply additional layers of security.

With employees frequently cited as the weakest link in corporate cybersecurity enforcement, it is no surprise that traditional passwords are preferred at work, where people’s reluctance to embrace more innovative methods of identification over a presumed ease of access is commonplace.

Knowledge-based identification was the most favoured by 56% of workers (58% in the UK and 51% in the US), while biometric methods were preferred by a mere 15% of workers.

Other insights from this survey include:

  • Despite the high preference for knowledge-based identifiers at work (58% in the UK and 51% in the US), they are less favourable for personal use, where 46% noted they were preferred when logging in to check an account balance and 44% chose it for making a purchase or a balance transfer
  • The UK tends to be more receptive to biometrics compared to the US, with 32% to 27%, respectively, noting they’d prefer it overall
  • In the US, age is a significant factor as Baby Boomers (55+) are more receptive to passwords (46%) and biometric identifiers (31%) than younger respondents (aged 18-24), with 39% preferring passwords and 26% preferring biometric identifiers. Younger respondents (those 18 to 24) were more receptive to behavioural identifiers (12%) compared to those aged 55+ (4%)

“The study suggests we’re at a tipping point where our reliance on simple passwords is on a steady downward turn,” said Callsign CEO Zia Hayat. “Although two-factor and multi-factor authentication, along with biometrics, are an improvement, they are still flawed. Ultimately, we understand the privacy of users is paramount. Companies need to offer choice and control when it comes to the data that is collected and the identification methods used – another reason multi-factor identification is so limited.”

“However, there is a new realm of behavioural identification that is truly revolutionising and streamlining identification and improving customer experiences, all whilst minimising fraud. Here at Callsign, we’re creating a much more positive experience with greater protection and better privacy for the consumer or worker.”

Callsign commissioned YouGov Plc to conduct the survey. Total sample size was 2,131 adults in the UK and 1,160 adults in the US. Fieldwork was undertaken in August 2018.

Cybersecurity insurance up among UK firms, but full coverage lacking

 960 640 Stuart O'Brien
By:
0
0

The number of UK firms with cybersecurity insurance has risen in the past year — but less than half say their cyber insurance covers all risks.

The second annual cybersecurity survey from research and consultancy firm Ovum, for Silicon Valley analytics firm FICO, found that the number of UK firms reporting they have no cybersecurity insurance dropped from 31 percent in 2017 to 10 percent in 2018.

While this is substantially better than the 24 percent reported across all 11 countries surveyed, only 38 percent of UK respondents said their cybersecurity insurance covers all risks.

Telecommunications firms were the most likely to have no cybersecurity insurance — 17 percent reported this, compared to just 5 percent of financial services firms.Furthermore, less than half — just 40 percent — of firms said their insurer based their premiums on an accurate analysis of their risk profile.

Most firms said premiums are based on an inaccurate analysis, on industry averages or on unknown factors.

“Cybersecurity insurance has become a must-have for UK firms in a short period of time,” said Steve Hadaway, FICO general manager for Europe, the Middle East and Africa. “But with that growth will come increased pressure on insurers to increase the transparency and fairness around how premiums are set. Businesses will demand that their investments in cybersecurity protection — and the strength of their cybersecurity posture — drive their premiums down.”

“Although UK organizations perform well in terms of the uptake of cyber insurance, the fact that fewer than 40% have comprehensive insurance demonstrates there is still some way to go for these firms to have a broad view of their security posture and how to present it for insurance,” said Maxine Holt, research director at Ovum. “It could also show that these companies have a current security posture that insurers are not prepared to cover comprehensively. We should not detract from the positive news here; 90% of UK organizations have elevated the importance of cybersecurity to a level that requires insuring, even if only partially.”

Ovum conducted the survey for FICO through telephone interviews with 500 senior executives, mostly from the IT function, in businesses from the UK, the US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa. Respondents represented firms in financial services, telecommunications, retail and ecommerce, and power and utilities.

Exabeam raises $50m, aims to disrupt SIEM market

 960 640 Stuart O'Brien
By:
0
0

The company says demand for solution in the security information and event management (SIEM) market is expected to hit $4.54 billion in 2019 citing data from MarketsandMarkets.

Historically, the sector is dominated by a handful of providers, but in recent years has shifted to platforms that can support the massive data volumes generated by cloud applications and mobile device use.

Exabeam says it posted 250 per cent market growth in 2017, coming off 300 percent growth in 2016, and says it’s on track to double its market size in 2018. The firm’s core product is the Security Intelligence Platform (SIP); it was named the 2018 Gartner Peer Insights Customers’ Choice for its SIEM software, and recently won an SC Awards Europe 2018 for Best SIEM.

The platform uses a flat, predictable pricing model, which Exabeam says allows organisations to store all of their logs, unlike the “by-the-byte” pricing model that forces budget-conscious customers to limit the amount of data covered by the SIEM, creating blind spots that sacrifice the security of the entire organization.

“As a longtime investor in the cybersecurity space, I’ve always been excited about Exabeam’s approach and potential to deliver the next generation of security tech,” said Theresia Gouw, co-founder of Aspect Ventures, and a leading investor in cybersecurity. “It’s clear from the large increase in replacement wins with customers like ADP, Hulu, Safeway, Union Bank that Exabeam is consistently delivering industry-leading technology to the most demanding enterprises and government organizations in the world.”

“Our investors have an amazing track record of investing in companies that truly are disruptive and typically become category leaders,” said Exabeam CEO Nir Polak. “Their experience with high-growth companies like MuleSoft, Nutanix, Zscaler, ForeScout – is invaluable to us in the advice and guidance they pass along to our executive team. The new funding will allow us to invest heavily in our new cloud solutions and reach even more enterprises around the world. We are on track to overtake Splunk and be the next SIEM market leader.”

UK cybersecurity skills concerns highlighted

 960 640 Stuart O'Brien
By:
0
0

Only 56 per cent of UK firms believe they have sufficient cybersecurity skills in-house to deal with the numerous threats they are facing, according to new research.

Databarracks questioned over 400 IT decision makers in the UK as part of its 10th annual, survey in order to understand their views on a series of issues relating to IT security and business continuity.

Certainly, it seems cybersecurity investment has grown – in 2016, 59 per cent of respondents said that they had invested in safeguards to help fight against cyber threats, with the figure rising to 67 per cent in 2018.

Likewise, in 2016 only 12 per cent of firms surveyed said that they had updated their cybersecurity policy in the past 12 months, while in 2018 26 per cent of those surveyed said they had done so.

Meanwhile, threat monitoring software is now used by 28 per cent of businesses, compared to just 13 per cent of businesses in 2016.

Plus, the number of organisations that employed a Chief Security Information Officer has increased massively from one per cent in 2016 to 14 per cent in 2018.

Peter Groucutt, Managing Director at Databarracks, said: “Investment in cyber security safeguards, should translate to improved confidence but the findings show it is yet to make a significant difference. We are in the midst of a rapidly accelerating arms race. Organisations are desperately trying to match criminals, by working hard to improve knowledge, training and investment in security defences, but are clearly concerned about keeping pace. Importantly, organisations shouldn’t become disheartened. While confidence levels are not where we hoped, businesses are making positive strides and acting on the front-foot to fight back, which makes us optimistic for the future.”

Secure your place at next year’s Security IT Summit

 960 640 Stuart O'Brien
By:
0
0

It’s confirmed! The next Security IT Summit will take place on July 2nd 2019 at the Hilton London Canary Wharf – secure your place today!

The event will provide you with a rare full working day of networking, learning and connection building – plus cost-saving cybersecurity solutions.

In short, the Security IT Summit will enable you to lay the groundwork for your organisation’s cyber security strategy.

And what’s more, the Security IT Summit is completely FREE to attend as our VIP guest – benefits include:

– A personalised itinerary of meetings with solution providers who match your project requirements
– Attendance to a series of seminar sessions hosted by industry thought leaders
– Informal networking with peers
– Lunch and refreshments provided throughout the day

You’ll be joining 65+ other senior IT security professionals, and the the industry’s most trusted solution providers.

Among the delegates attending the last Security IT Summit were representatives from Arcadia, British Red Cross, Barclays PLC, Cancer Research, Fenwick, Financial Ombudsman Services, GE Capital, John Lewis, London Stock Exchange Group, Marshall Motor Group plc, Moonpig, Nationwide, O2 Telefonica, Pret A Manager, Prudential, The Guardian, Vodafone, Yorkshire Housing and more.

Register for your free place here.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

Home Office announces Government Counter Fraud Profession division

 960 640 Stuart O'Brien
By:
0
0

The Home Office has this week announced the Government Counter Fraud Profession (GCFP), which will create a new community of counter fraud specialists across government, with benefits for both individuals and organisations.

The GCFP will enhance the structure of the Government’s counter fraud capability and put the UK Government in a better position to find and fight fraud and economic crime.

The launch of the profession represents the culmination of two years work, with over 100 organisations having been involved in its development. It will provide counter fraud specialists across Government organisations with a common framework of Professional Standards and Competencies.

It will also introduce a Professional Skills Platform (PSP), a web-based tool through which members can register their knowledge, skills, and experience, and self-assess against a range of counter fraud roles.

According to the Home Office, by having common standards, organisations will be able to identify what skills they do, and do not, have and get those skills to the right areas. They will also be provided with the ability to improve access to counter fraud capability and help deliver better quality products, whether fraud investigations, risk assessments or data analytics. Working with a common framework of standards, organisations will also be able to share learning programmes and develop new initiatives together.

The Profession will move beyond a focus on investigation and will look more at preventing and understanding fraud. This is because the GCFP recognises that to build a world-class counter fraud capability in the public sector, the UK needs a professional structure that recognises the complexity of counter fraud activity.

“I am pleased to be announcing that the government will launch the new Counter Fraud Profession on the 9th October,” said Minister for the Constitution Chloe Smith.

“The launch of the GCFP will make the UK a global leader in the professionalisation of counter fraud and will give our specialist staff an excellent and well-deserved opportunity for career progression within the discipline.

“This government remains committed to tackling fraud in any capacity, including against the public purse, and this new Profession is one way we are enhancing our ability to do so.

“In recognition of our global lead in this field, our international partners have already asked us to lead an international working group in this area. The GCFP will continue to be flexible, evolving in line with the needs of its members, and the changing threat posed by fraud and economic crime.”

Don’t click if you receive any of these emails…

 960 640 Stuart O'Brien
By:
0
0

Hackers are getting smarter and now know how to leverage psychological triggers to get the attention of victims, according to a new report.

KnowBe4, a provider of security awareness training an simulated phishing platform has published its Top 10 Global Phishing Email Subject Lines for Q2 2018. The messages in the report, which were compiled from analysing KnowBe4 user data, are based on simulated phishing tests users received or real-world emails sent to users who then reported them to their IT departments.

Ironically, the top three messages for Q2 2018 show that hackers are playing into users’ commitment to security, all tricking users with clever subject lines that deal with passwords or security alerts.

Hackers continue to take advantage of the human psyche. A recent report from Webroot validates this notion with IT decision makers believing their organisations are most vulnerable to phishing attacks – more so than new forms of malware. Some 56 per cent of IT decision makers in the US believe their businesses will be most susceptible to phishing attacks, while 44 per cent of IT decision makers in the UK are most concerned with ransomware attacks. By playing into a person’s psyche to either feel wanted or alarmed, hackers continue to use email as a successful entry point for an attack.

“Hackers are smart and know how to leverage multiple psychological triggers to get the attention of an innocent victim,” said Perry Carpenter, chief evangelist and strategy officer at KnowBe4. “In today’s world, it’s imperative that businesses continually educate their employees about the tactics that hackers are using so they can be savvy and not take an email at face value. Hackers will continue to become more sophisticated with the tactics they use and advance their utilisation of social engineering in order to get what they want.”

The Top 10 Most-Clicked General Email Subject Lines Globally for Q2 2018 include:

  1. Password Check Required Immediately
  2. Security Alert
  3. Change of Password Required Immediately
  4. A Delivery Attempt was made
  5. Urgent press release to all employees
  6. De-activation of [[email]] in Process
  7. Revised Vacation & Sick Time Policy
  8. UPS Label Delivery, 1ZBE312TNY00015011
  9. Staff Review 2017
  10. Company Policies-Updates to our Fraternisation Policy