Uber Disaster: Here We Go Again

The revelation that the data of some 57 million Uber customers and drivers has been leaked, with the company then paying the hackers $100,000 to delete the data and keep quiet about it, has come as yet another ‘nail in the coffin’ to the data security strategies employed by business – both large and small.

Not only did Uber’s systems allow such a hack, they failed to disclose the breach.

Says Colin Tankard, Managing Director of data security company, Digital Pathways, “ Well, here we go again! This seems to be some kind of ransom attack and of course, under the forthcoming GDPR regulations (due to take effect in 2018) such a breach would cost the company dear, some 4% of their global turnover.

Read more

BYOE: New kid on the block

The cloud has opened up incredible opportunities and efficiency for businesses. However, with these opportunities there is also an increase in security risks. How can you be sure your data is safe in the cloud?

traditional ways of protecting data, such as passwords, firewalls and other defensive strategies are no longer enough. For greater protection, encryption protects your data from being accessed by anyone without the corresponding key.

Cloud service and storage providers have been keen to demonstrate their commitment  to securing their customers’ data. This is why many offer cloud encryption as part of their service. Read more

Are you scared of the dark?

“The websites that operate on the dark web don’t look like the sort of thing you might normally access online, according to Colin Tankard, managing director at cyber-security consultancy Digital Pathways.”

Online Safety Special

Most teachers will have heard of it – and probably associate it with criminal activity – but, asks Simon Creasey, is the dark web really something that teachers need to worry about?

What do you know about the dark web? Most teachers will have at least heard of it. They’ve been told that it is a place to buy illegal items such as guns and drugs, as well as a means of accessing all kinds of nefarious banned imagery and information, from child pornography to terrorist training manuals. Read more

Who are the attackers?

The headlines surrounding the US Presidential Elections in 2016 often had talk of hacking and subsequent leaking of embarrassing data in an effort to discredit one or the other parties. But just who is doing this?

The finger is often pointed at Russia or China. For the Russians, while they remain committed to hacking business information that will assist their competitive standing in the world, their first priority is collecting military information. In comparison, the primary objective of China’s cyber collection capability is to enable their state-owned enterprises to dominate on a global economic level. But are are all nation-state hacks from these two players? Clearly not, as Colombian hacker Andres Sepulveda claims to have used a variety of ‘dirty tricks’ to influence elections in Nicaragua, Panama, Honduras, El Slavador, Colombia, Mexico,Costa Rica, Guatemala and Venezuela over the past 10 years.

Read more

Securing Email is Essential

Why mail by electronic must never let down its guard.

Ensuring emails are secure is a concern to anyone dealing with confidential information – which of course, includes both the law and finance sectors. However, today, more than ever, it is important, rather critical, to be aware of the dangers of using the usual email systems and ways email communications can be secured with the use of an encrypted system. We dwell on how this system works, the financing of it and, indeed, its benefits.

Email is an essential communication and collaboration tool for both employees and consumers. According to the Radicati Group, there are currently more than 3.7 billion people using email on a worldwide basis, which it estimates will grow to more than 4.1 billion by the end of 2021. Part of this growth is anticipated to come from the migration of premise-based mailboxes to those based in the cloud. Read more

How to improve security against email attacks and for GDPR compliance

About 200 billion emails are sent every day, but because of its importance email is constantly exploited by attackers, and yet is often overlooked in cyber security strategies

It is not unusual for emails to be used for arranging payments or for submitting identifying documents. “Legal services seem to do 40% of their work on their mobile phone,” observes Colin Tankard, managing director of Digital Pathways.

The General Data Protection Regulation (GDPR), set to come into force in May 2018, is designed to protect European Union (EU) citizens’ data, and organisations that want to operate within the EU will be expected to comply with it. Read more

PKWARE partners with Digital Pathways to further UK expansion

LONDON, July 18, 2017 /PRNewswire/ — PKWARE, a global leader in data security, and UK-based Digital Pathways, have announced a new value added partnership.

Digital Pathways, established in 1997, specialises in data protection and cyber security. The company works with some of the world’s leading companies to ensure the safety of their data and their compliance with applicable regulations.

Read more

Information Security and the Legal Sector

Safeguarding their interests against cyber-attacks should be top priority for law firms.

Financial loss is rarely the most detrimental issue for businesses where cyber attacks are concerned. The legal sector is an especially attractive target for cyber criminals due to the wealth of sensitive information held by law firms. a successful cyber-attack has the potential to cause long-term reputational damage, with severe implications for the future of the firm.

Information security is a substantial risk for legal sector. Law firms are an attractive target to cyber criminals due to the vast wealth of personal and private information in their possession. Read more

Are you ready for the General Data Protection Regulations?

Data holding is no longer something an organisation can take lightly, it needs serious thought and processes put in place.

The General Data Protection Regulation is the process by which the European Parliament intends to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside of the EU.

The primary objectives of the GDPR are to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It was adopted in April 2016 and applies from May 25, 2018, after a two-year transition period. Unlike a directive, it does not require any enabling legislation to be passed by national governments. Read more

Do you know if your emails are secure?

Of all the millions of emails sent each day, how many senders even think about whether their messages are secure? Traditional email has the confidentiality level of a postcard – anyone involved in its transport can easily read it. Lack of care becomes even more of a problem when the sender is attaching confidential or sensitive data. Is it being sent to the correct person? Should the attachment be allowed? Even if it is all right to send, how do you know it was received, when it was read and has it been forwarded? Current system notification is not good enough.

With the General Data Protection Regulation (GDPR) fines looming, now is the time to gain control of emails. Read more