ITsecurity
twitter facebook rss

PwC chooses ImmuniWeb for vulnerability and penetration testing

Posted by Kevin on July 14, 2015

PCI DSS mandates at least annual vulnerability scanning and penetration testing. But there are well known problems with both. Vulnerability scanning on its own is not ultimately enough; and traditional manual penetration testing is too expensive for all but the richer companies. Furthermore, a penetration test is simply a moment in time: just because you […]

Encryption in the Cloud

Posted by Kevin on April 4, 2015

The pressure to allow staff to use cloud storage is enormous. Not only are there strong economic arguments and business benefits, they’re going to do it anyway. So just saying No is not really an option — it’s better to have visibility into what is being used than to attempt to prevent it. But here’s […]

The Right-to-be-Forgotten, Sandeep Kumar and the Oxford Mail

Posted by Kevin on March 18, 2015

Following Tara’s article on the right-to-be-forgotten (The Right To Be Forgotten – EU and Elsewhere) there was an interesting comment on Twitter: The headline to this article in the Oxford Mail reads: Google wipes out stories about Asbo yob Sandeep Kumar under Right to be Forgotten ruling. That’s really sad for a newspaper with the […]

Cloudy assumptions

Posted by Rob Slade on March 16, 2015

The first surgeon wasn’t incompetent or careless.  In fact, when he ran into a problem, he took a lot of extra time to try and rectify the situation. He did the surgery laparoscopically.  There are very good reasons for this.  Laparoscopic surgery creates smaller incisions, and so creates less damage to the body.  Unfortunately, in […]

EU Data Centers are not safe from US Surveillance

Posted by Alexander Hanff on March 10, 2015

Over the past 12 months I have noticed an increasingly worrying trend which is developing in the global technology arena and it is one which in my mind amounts to nothing less than a deliberate attempt to mislead consumers and businesses alike on the legal powers available to US law enforcement and intelligence agencies. Late […]

Trusteer vs. Minded Security in fighting financial fraud

Posted by Kevin on February 16, 2015

We’re talking financial fraud – malware-instigated theft from your bank account… This will be sacrilege to many, but I’m no fan of two-factor authentication (2FA). In fact, I think it can be positively dangerous. There are two primary reasons: It’s not all that effective. Once the bad guys have rooted your PC or installed a […]

Putin bans Apple!

Posted by Kevin on November 6, 2014

Watch for the headlines in the western press over the next few days: Putin retaliates over western sanctions by banning Apple. That’s not quite what is happening. It is true that as things stand Russians will not be able to use iPhones and iPads from 1 January 2015 — but that’s not because Apple has […]

Microsoft Vs the US government

Posted by Kevin on June 16, 2014

Microsoft’s case to prevent the United States government from using search warrants to demand data that is not stored in the United States has picked up a number of high-profile backers, including the Electronic Frontier Foundation, Verizon, AT&T, and, recently, Apple and Cisco. Tech Giants Join Microsoft In Calling For US Gov To End Use […]

The tech giants’ letter to the Senate is just a load of fluff

Posted by Kevin on June 6, 2014

Nine US tech giants have written to the Senate requesting that the watered down Freedom Act be returned to its original strength. The Freedom Act’s original purpose was to curb the excesses of the NSA; but it was so weakened in its passage through the House of Representatives that many of its original supporters voted […]