Expert(s):
Head of Product Management feature_status*/ ?>
Huntsman Security

Comments Dotted : 5
December 14, 2020

SolarWinds Supply Chain Cyberattack – Experts Insight
A holistic approach to cyber-security is vital to ensure defences are as effective as possible.
A successful, nation-state supply-chain attack isn’t a surprise, but it should be a serious wake-up call. Many organisations have fortified their own cybersecurity defences, but as we have seen, a single partner or supplier being breached can undermine any positive action already taken. The fact that a supplier was so successfully breached, putting core US government organisations at risk, highlights the huge importance of a secure supply chain. A holistic approach to cyber-security is.....Read More
A successful, nation-state supply-chain attack isn’t a surprise, but it should be a serious wake-up call. Many organisations have fortified their own cybersecurity defences, but as we have seen, a single partner or supplier being breached can undermine any positive action already taken. The fact that a supplier was so successfully breached, putting core US government organisations at risk, highlights the huge importance of a secure supply chain. A holistic approach to cyber-security is vital to ensure defences are as effective as possible. Having the latest and greatest technologies to secure your own network is only a partial solution if your suppliers are not doing the same. Businesses often carry out due diligence on the financial viability of core partners to ensure they are not a risk. The same has to be true for cybersecurity. Regular assessment or monitoring of all partners’ and suppliers’ cybersecurity practices must become commonplace, alongside a robust cybersecurity program to minimise the risk of falling victim to similar attacks. There is no doubt that as this attack is investigated we will see many more victims come to light. Organisations must act now if they aren’t sure their supply-chain is secure, as waiting will just increase the chances of becoming the next headline.  Read Less
October 19, 2020

Experts Reacted On News: British Airways Fined £20m For Data Breach
In a highly interconnected world, it's also not enough to have confidence in your own security.
£20m might seem a big fine and a major consequence of failing to secure data under GDPR, but it is much less than the ICO's original intended fine of £183m. Whether this was a result of clever bargaining by BA, the investigation process uncovering mitigating factors, an acknowledgment of the ravages of Covid-19 on the airline industry, or the ICO deliberately setting a high initial target with a more realistic goal in mind, it could give the message that fines will not be as severe as.....Read More
£20m might seem a big fine and a major consequence of failing to secure data under GDPR, but it is much less than the ICO's original intended fine of £183m. Whether this was a result of clever bargaining by BA, the investigation process uncovering mitigating factors, an acknowledgment of the ravages of Covid-19 on the airline industry, or the ICO deliberately setting a high initial target with a more realistic goal in mind, it could give the message that fines will not be as severe as businesses and some in the security and privacy industry expect. However, what ICO investigators did stress was that BA should have identified weaknesses in advance. This should come as a timely reminder that many cyber-attacks are preventable with standard cybersecurity controls - as long as they are working effectively. Whether following something like the NCSC’s Cyber Essential guidance or the Australian Government’s Essential 8 risk mitigation framework, organisations need to rigidly maintain these foundations, from simple patching and access controls to actively searching for and fixing vulnerabilities. In a highly interconnected world, it's also not enough to have confidence in your own security. What about your partners up and down the entire supply chain, especially as organisations have had to react so quickly to Covid? The risks are great – not only in terms of fines, but in loss of customer confidence in an already highly fragile economy – so regularly taking stock of cyber risk, and obliging partners to do the same, needs to be standard practice.  Read Less
February 26, 2020

FCA Admits Revealing Customers’ Details
No matter what an organisation does, or how much experience it has in security and privacy mistakes can happen.
To see the FCA having to refer itself to the ICO shows how easy data can be exposed through human error. In this case it is the inadvertent sharing of a FOI response with personal data contained within it, but it can also happen through deliberate or careless sharing of spreadsheets, data sets or documents, or the transmission of emails to wrongly addressed recipients. No matter what an organisation does, or how much experience it has in security and privacy mistakes can happen. These can be.....Read More
To see the FCA having to refer itself to the ICO shows how easy data can be exposed through human error. In this case it is the inadvertent sharing of a FOI response with personal data contained within it, but it can also happen through deliberate or careless sharing of spreadsheets, data sets or documents, or the transmission of emails to wrongly addressed recipients. No matter what an organisation does, or how much experience it has in security and privacy mistakes can happen. These can be when information is intended to be shared but hasn't been sanitised, or when information stored, transmitted or shared in other ways.  Read Less
December 10, 2019

2020 Cybersecurity Landscape: 100+ Experts’ Predictions
So while boards might perceive cyber security impacts like the loss of data, forensics costs or GDPR fines.
Looking forward to 2020, one of the biggest risks to organisations is that they fail to understand the link between cyber security and reputation. Nowadays, we see a public much less inclined to stand for mistakes and social media channels that can quickly become filled with indignation, vitriol, complaints and dissatisfaction. So while boards might perceive cyber security impacts like the loss of data, forensics costs or GDPR fines - a breach that hits the headlines AND captures the public on .....Read More
Looking forward to 2020, one of the biggest risks to organisations is that they fail to understand the link between cyber security and reputation. Nowadays, we see a public much less inclined to stand for mistakes and social media channels that can quickly become filled with indignation, vitriol, complaints and dissatisfaction. So while boards might perceive cyber security impacts like the loss of data, forensics costs or GDPR fines - a breach that hits the headlines AND captures the public on a negative wave could well lead to the kind of repetitional damage and consumer activism we have already seen around labour practices boardroom inequality, sexual harassment tax affairs and environmental practices. If people are ready to organise boycotts and on-line protests with hashtags around - say - the treatment of female employees or single use plastics, then we could easily see #boycottpoorsecurity #saynotodatasharing or #nobreachofmydata.  Read Less
November 20, 2019

Experts Comments On Macy’s Customer Payment Info Stolen In Magecart Breach
Retailers should be extra mindful of security this holiday season
“Consumers trust companies to keep their data secure and with the holiday season around the corner, this is at the top of mind. Cybercriminals are continuously looking for gaps in security defenses and vulnerabilities to turn a quick profit. In this incident, valuable financial information was stolen including credit card numbers, security codes and expiration dates. During peak holiday shopping season, it is imperative companies continuously validate their security controls to make sure they .....Read More
“Consumers trust companies to keep their data secure and with the holiday season around the corner, this is at the top of mind. Cybercriminals are continuously looking for gaps in security defenses and vulnerabilities to turn a quick profit. In this incident, valuable financial information was stolen including credit card numbers, security codes and expiration dates. During peak holiday shopping season, it is imperative companies continuously validate their security controls to make sure they are enabled, configured correctly and operating effectively. What’s more, companies should proactively test and evaluate their cybersecurity posture to find vulnerabilities and remediate them before they can be exploited by bad actors.”  Read Less