

Joseph Carson
Thycoticfeature_status*/ ?>
Chief Security Scientist
Comments Dotted :
13
October 19, 2020
Our job in cybersecurity is to make it difficult for criminals to protect the business and customers data.
The recent news recording another huge ICO (Information Commissioners Office) fine of £20m this time against British Airways for failing to protect the personal and financial details of more than 400,000 of its customers is another reminder to protect and secure privileged access as cybercriminals will allow look to gain privileged access as it allows them to move around the network and gain access to sensitive files or databases including employee and customers personal data.
The.....Read More

July 22, 2020
it is important that political efforts are prioritized and countries must work together to reduce the safe havens
No one country can win a cyberwar alone and this means it is critical to have international cooperation to defend and respond offensively to aggressive cyberattacks. The UK must adopt a cyber defence league similar to what Estonia introduced after the 2007 cyberattacks and CV19 which involved Cyber Volunteers helping defend the Healthcare services during COVID-19.
The UK must bring together both public and industry expertise to defend democracy when under cyberattack and at the same time,.....Read More

June 10, 2020
While the risk was limited, it is a scary thought that sensitive patient data via video consultations could be accidently disclosed.
While the risk was limited, it is a scary thought that sensitive patient data via video consultations could be accidently disclosed. This is a reminder of how important the principle of least privilege is along with strong access controls that reduce accidental data disclosures.
This has become an all too common occurrence, as highlighted in the recent 2020 Verizon Data Breach Investigations Report which revealed that human error and misconfigurations are on the rise and contributing to many .....Read More

May 14, 2020
The value of credit card data alone being sold on the dark markets is at an all-time low.
Organised cybercrime is on the increase and financial details continue to be a top target. Criminals will always try to gain unauthorized access to where the money is and the global stock markets and FX market surely has a lot of it, making it a very attractive target. However, stealing the numbers alone are no longer sufficient value and it means cybercriminals are more coordinated in their attacks to steal as much data as possible to increase the rewards of the crime.
Digital Insider.....Read More

May 12, 2020
Unfortunately for this attack, there is no easy fix and any vendor’s hardware exposed by this attack.
The Thunderbolt flaw exposed on millions of computers is a serious issue as it allows an attacker only a matter of minutes to bypass the device security that keeps unauthorized users out. Though luckily for this attack, it does require physical access and requires visible tampering so it can only happen when an attacker is alone for several minutes with your computer.
This means leaving your computer for only a few minutes gives an attacker the ability to gain access to your data, activity.....Read More

May 07, 2020
Ensure that you have started to use passphrases to help make your password long and include some complexity as well.
World Password Day is a day to review your password hygiene to ensure you are up to date with the latest best practices. It is always important to review your current password habits and one of the most important topics this year is which of your passwords is the only thing protection your accounts, meaning you have not combined it with another security control such as two-factor authentication. Passwords are usually the only security protecting most people’s sensitive information and this.....Read More

February 20, 2020
A strong incident response plan and business continuity should be a top priority.
Cyber security of critical infrastructure is absolutely crucial, as the consequences of an attack can be severe and widespread with the potential on having a cascading effect on other facilities or suppliers. Cyberattacks against the energy sector can have rippling effects to other critical infrastructure that depends heavily on energy such as hospitals without power, logistics on hold and transportation delays such as road, rail and flights, meaning that major cities within 24 to 48 hours can.....Read More

January 29, 2020
However, they did commit to improving security by committing to invest $2 Billion.
The latest news emerging that Huawei will have a limited role in the UK’s deployment of the UK 5G network, excluded from the core network and capped at 35% is surely going to cause some disagreement between the Five Eyes Intelligence Alliance. Irrespective of which vendors are chosen for the UK 5G network they should all be going through a serious Risk and Threat Assessment to determine how to deal with the future cyber-attacks and threats, so this should not be including only Huawei but all .....Read More

January 28, 2020
If you sacrifice privacy you are also sacrificing security and ultimately ends in a lack of trust.
It can be argued that the end of privacy as we know it is closer than you may think. In essence, privacy allows citizens to be free and when you take away or constrain privacy, you take away citizens freedom.
The reality today is that almost everyone is being tracked and monitored 24/7 with thousands of cameras recording your expressions, fashion, interactions and speech to determine what you need, what you might be thinking and who you are meeting. Algorithms can even determine what your.....Read More

December 17, 2019
While the actions of the New Orleans city government appear extreme they have done the right thing as preventing data from being destroyed is better than having to recreate it.
The recent actions by the New Orleans city government’s declaration of a state of emergency shows the effect that a cyber-attack can have on a city. In my experience, sometimes it is better to shut things down to prevent systems from becoming encrypted by ransomware as well as to prevent employees from clicking on phishing attempts that could see accounts becoming compromised. It is better to have a temporary loss of service rather than deal with recovering from a ransomware attack......Read More
