The overriding message from this year’s Cyber Breaches Survey is that little has changed. The headline figure of organisations experiencing a cyber breach or attack remains exactly the same as last year at 39%. As normal, phishing attacks remain the most prevalent for of attack (83%). Digging down into a bit more detail there is …
Little has Changed in Latest UK Government Cyber Breaches Survey Read More »
To their great credit, the Irish Health Service Executive (HSE) has published the full post-incident report into last year’s Conti ransomware attack. Prepared for them by PwC, the report is a fascinating read and allows us all to learn from the HSE’s unfortunate experience. The initial infection took place on 18th March 2021, when a …
What Lessons can we learn from the Conti Ransomware Attack on the Irish HSE? Read More »
Whilst discussions of information security tend to focus on high-tech cyber attacks; the reality is that many data breaches are down to human error. Generally the biggest single cause of data breaches reported to the Information Commissioner’s Office is simply people sending information to the wrong people. Loss or theft of devices is another significant …
Possible Decrease in Lost Devices by UK Government Departments Read More »
Never let it be said that we don’t celebrate good news! Since April 2018, UK banks have had to report “Operational and Security Incidents” affecting personal and business current accounts to the Financial Conduct Authority (FCA) if they reach any of the following thresholds: 10% of transaction affected; 5000 payment service users affected; and/or 2 …
Some Good News in Latest Figures from the Financial Conduct Authority Read More »
According to figures published recently by the International Standards Organisation (ISO), there was another steep rise in the number of certifications globally to both ISO 222301 and ISO 27001 last year. As of the end of 2020, there were: 44 486 valid ISO 27001 certificate (up 22% on 2019); and 2205 valid ISO 22301 certificates …
Another Big Rise in ISO 22301 and ISO 27001 Certifications Read More »
Databarracks have just published their 2021 Data Health Check. You may think “So what?” – we are constantly bombarded with surveys on different aspects of information security management. I would argue that the Data Health Check is interesting for two reasons: It is explicitly UK focused; and The survey has been carried out every year …
Why is the Databarracks Data Health Check Interesting? Read More »
There has been extensive coverage over the weekend of the massive ransomware attack, that began at the US-based IT firm Kaseya. The attackers managed to infect a software update for Kaseya’s VSA product that went out to customers on Friday with REvil ransomware. This not only affected these firms, but also their customers. One of …
Kaseya Ransomware Attack – Is this the new Face of Cyber Attacks? Read More »
So it’s the final day of Business Continuity Awareness Week (BCAW) 2021: what have we learnt this year? Undoubtedly, BCAW 2021 has been dominated by high-profile ransomware events, with a combination of: Continued fallout from the DarkSide attack on Colonial Pipeline earlier in the month; Ongoing disruption to the Irish Health Service following an attack …
Concerns are growing about the impact of a ransomware attack on one of the major oil pipeline networks in the US. The Colonial Pipeline, which carries 100 million gallons of refined oil products a day from Houston as far North as New York, has been closed since Friday following a ransomware attack. Emergency legislation has …
Will Ransomware Attack Lead to Fuel Shortages in the US? Read More »
