Expert analysis
Why DNS shouldn’t be used for data transport
Malicious DNS tunnelling is a big problem in cybersecurity. The technique involves the use of the Domain Name System (DNS) protocol to smuggle sensitive corporate or personal …
Can an automated defence network protect Britain from low-level threats?
A recent Freedom of Information request found that the number of breaches reported to the ICO in the last 12 months has nearly doubled from the previous year, so something …
Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
Artificial intelligence in cybersecurity: Snake oil or salvation?
So what is machine learning? Machine learning in an integral part of the “umbrella term” artificial intelligence. Put simply, it is the science of enabling computers to learn …
Automation isn’t one-size fits all
It’s no secret that security teams are understaffed despite increased pressure to deliver. Firewall engineers face an additional challenge when it comes to access request …
Can biometrics and the FIDO Alliance save us from password overload?
All the available evidence indicates our password-based security system is broken. The human brain can only remember so much and its memory capacity is being pushed to the …
What is access governance? A brief deep dive
Access governance is the evolution, the next great step if you will, in the identity and access management world. Access governance is a more robust, holistic approach to …
Best practices for using military grade security
Governments and militaries around the world have long recognised that their lines of communications were often their weakest links and required some of the strongest …
Risk and the Pareto Principle: Applying the 80/20 rule to your risk management strategy
Enterprises these days are putting more resources into monitoring and managing business risk. And with good reason – in light of a growing number of vulnerabilities and …
DNSSEC: Don’t throw the baby out with the bath water
A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS …
Cyber attacks: Hindsight is 20/20, GDPR is even better
The dust is beginning to settle on the EU referendum result. But, while the UK’s departure from the union is set to shake things up for many businesses nationwide, there’s at …
Shadow Brokers, digital attacks, and the escalation of geopolitical conflict
Last week’s data dump by the Shadow Brokers has left many wondering how the US will respond. This is just the latest in a series of politically motivated data breaches often …