Author: David Higgins

We’ve all become better at spotting phishing attacks, especially when they hit our inboxes. In fact, only 2.9% of employees click on phishing emails now. Yet, news of successful cyber attacks is still making headlines – highlighting how sophisticated some multi-pronged phishing schemes have become. Five commonalities major phishing attacks share Phishing can be approached from a variety of directions, employing an ever-growing range of attack tactics, techniques, and procedures (TTP), similar to a choose-your-own-adventure book. Layered protections are essential since what deters a phishing attempt one day, might not deter it the next. Cyber defenders will be at an…

Hybrid work was, up until recently, billed as the future. However, post-Covid it has quickly been embraced by organisations and their employees who are wanting and demanding more flexibility. Work is no longer about place, and ‘more about people’s potential’ according to a recent Accenture study, which also found that 63% of high-growth companies have already adopted ‘productivity anywhere’. While this has had a hugely positive impact on the work-life balance of many people across the globe, the move puts employees workstations at the edge, far beyond the ‘walls’ of the traditional corporate network. This makes them one of the…

Organisations, industry observers and vendors have all talked a lot about the pace of change in recent months. We have seen how services provision has been transformed, how rapidly new apps are rolled out, how new workflows are developed, and new ways of serving our customers. Our sheer ability to adapt to changing conditions has been hugely impressive. And yet this incredible advance will demand a payoff. In fact, it has already created a payoff, in the shape of an identity-related security debt that is big, getting bigger, and must be repaid…or called in. The pivot to digital has been…

One thing that is certain in security: at any given time, there is always someone accessing their sensitive assets without crossing the traditional network boundary. It’s taken them time – and some a lot longer than others – but most organisations have now woken up to this reality. Whether it’s a remote employee using a personal device for work, a marketing consultant logging into a shared social media account, or even a customer authenticating to use a SaaS app, in the digital age, information is constantly at risk. Because of this and the changes to working life over the past…

We’re all guilty of it. Finder.com estimates that Americans spend nearly two hours a day shopping online while at work, presumably using work machines. Whether scoping out springtime sales or putting that tax refund to use, this habit effectively makes each bargain-hunting employee a potential insider threat to their organization. The hard reality is corporate workstations typically aren’t isolated devices, but rather gateways to lucrative data and assets like intellectual property, sensitive PII for millions of employees or customers, access to partner or third-party networks, and the ability to hold an organization or city ransom. This latter threat, tied to…

Connectivity as a concept has become an essential part of life, as opposed to just a luxury. The Internet of Things (IoT) has already become commonplace in our lives, thanks to all the connected devices and smart technologies we own, interacting with one another to create a fully connected network. With the global number of IoT devices projected to triple by 2025 and 5G technologies very soon to become a cohesive part of the UK’s telecoms infrastructure, as a country we will soon be more connected than ever. Constant connectivity provides opportunities for innovation and modernisation. Conversely though, it also…

It’s been almost a year since the EU General Data Protection Regulation (GDPR) was passed into law. And although European Elections and Brexit are continuing to dominate the news agenda, this anniversary is not one to be overlooked. DLA Piper recently put together a report uncovering fresh insight on GDPR. At the heart of this report is the issue of how GDPR-era breaches were reported across the EU over the past year, the types of fines that were implemented, and how breaches were spread amongst EU members. 59,000 incidents were reported to “Data Commissioners” across the EU between the introduction…

Just a few days have passed since Black Friday – the busiest discount shopping day of the year where retailers are competing to offer the best possible deals and bargains. But this is also the time of year where savvy cyber criminals see an opportunity. Last year, the Carbon Black Threat Analysis Unit reported that organisations saw a 20.5 percent increase in attempted cyber attacks between November and December 2016. This seasonal period is a goldmine for the latest generation of hackers to steal customer credentials as well as being the cause of damage to a retailer’s reputation. So, how…

The acceleration of electronic personal health information (ePHI), coupled with an increase in healthcare technology – from cloud-based applications to IoT-enabled devices to telemedicine – has paved the way for complicated healthcare delivery networks that are goldmines for savvy cyber criminals. More exposed networks have shed light on the vulnerabilities of a healthcare service in urgent need of more robust cyber security The NHS in particular is often bogged down with antiquated and unsupported software, and a concerning cyber security skills shortage, which makes it increasingly challenging to safeguard against ransomware and internal threats to ePHI – both malicious and those…

David Higgins, CyberArk offers his tips and recommendations to mitigate insider threat this Halloween… As Halloween looms, it would certainly feel like the right time to think of our favourite horror stories. From an enterprise IT perspective, there are too many to keep up with these days. From the constant threat of cyber attacks from external hackers, to the rise of new forms of cyber-crime such as cryptojacking – the threats are constant, rapidly evolving and real. But, often the most terrifying of all threats to a company’s IT network, is that posed by the insider. According to a Ponemon…