Entries by JW

Education & Training: The Downfall of File-less Attacks (AVT)

Whilst we are all aware of the file-less or zero-footprint attack, the growth in their use has been alarming. With regular anti-virus tools less likely to detect them, how can the ‘savvy’ CIO ward against them? The answer lies squarely in the need for the education and training of employees, ensuring they fully understand exactly […]

GDPR Breach: Ready, Get-Set, Go!

So here we go, GPPR has been in force for just under two months and already two well known brands have been caught in its net. Luxury retailer, Fortnum & Mason, have detailed the loss of some 23,000 customer records, which include emails, telephone numbers and delivery addresses of customers who filled out a survey, […]

Implementing responsible AI from the start

Digital Pathways’ Colin Tankard looks at how we reap the rewards of AI while avoiding the risks. Artificial intelligence (AI) and machine learning (ML) are two very hot buzzwords right now and often seem to be used interchangeably. They are not quite the same thing, but the perception that they are can sometimes lead to […]

Tesla Feel The Heat Of An Insider Threat

Tesla, the luxury electric car maker, seem to have fallen foul of an insider threat episode, with Elon Musk, warning that a disgruntled staff member had altered the company’s IT system code, harvesting highly sensitive information and giving it to others. Traditionally, the term ‘Insider Threat’ does indeed invoke images of malicious employees lurking in the […]

How are Word-based fileless attacks targeting aid organisations?

Imagine you have opened a Word file that was emailed to you by a prominent organisation in your field. On the surface, nothing else happens. You notice no changes and your antivirus system doesn’t detect anything suspicious. Would you (or your employees) expect to be spied on by hackers? This March, McAfee identified a new […]

Streamlining data discovery

Understanding what unstructured data exists in the enterprise is not easy. Massive volumes of documents, spreadsheets, presentations and emails are typically scattered about an organisation. With no real tools to manage it based on business value, it accumulates with no end in sight. The easy option is to buy more storage but that doesn’t fix […]

Building trust: what GDPR can do for your council

In 2017, Basildon Council was fined £150,000 for failing to store personal data securely. Because there was no adequate data protection policy in place, details of a family’s disabilities, including mental health issues, were published online. They remained publicly accessible for weeks. This incident had huge reputational and financial repercussions for the Council. The £150,000 […]

Private Schools and Parents Face Cyber Threat

Cybercriminals are always seeking new targets. Organisations receiving large payments, and with poorly secured IT systems are a treasure trove for hackers. Their latest campaign attacks private schools, with the aim of tricking parents into paying thousands of pounds of school fees to fraudsters’ accounts. Unfortunately, many private schools lack adequate digital security. Cybercriminals are […]

GDPR: Is Your Law Firm in the 75%?

In November 2017, it was reported that 75% of UK law firms aren’t ready for the General Data Protection Regulation (GDPR). With less than three months to go until the compliance deadline of 25th May 2018, it is more important than ever for law firms to be prepared. The legal sector is already highly regulated, […]