Authenticate Smarter, Not Harder: Part 4

In the first part of this series, we decried the overreliance on passwords for authentication. In the second, we discussed the full range of means at one’s disposal. In the third, we described the advantages of using multiple means in conjunction with one another. In this fourth and final part, we detail how, when no other option is presented, one can use single-factor, password-based authentication (PBA) at its most securely.

Authenticate Smarter, Not Harder: Part 4 Read More »

Authenticate Smarter, Not Harder: Part 3

In the first part of this series, we held an intervention over the widespread use of passwords, complete with the ever-widening list of arduous hoops to jump through that are imposed on users in the name of security. In the second, we revealed just how expansive the field of authentication methods really is, but with the caveat that no single method is without its flaws. In this third part, the gold standard of authentication—multi-factor authentication (MFA)—is presented.

Authenticate Smarter, Not Harder: Part 3 Read More »

Authenticate Smarter, Not Harder: Part 2

In the previous part of this series, we discussed the many shortcoming of passwords as a means of authentication—the process of verifying that a given person is someone you want to be able to do something, such as use a piece of software, log in to an online account or access an area of a building. In this part, a range of authentication alternatives to passwords will be presented, along with their pros and cons.

Authenticate Smarter, Not Harder: Part 2 Read More »

Authenticate Smarter, Not Harder: Part 1

Passwords are ubiquitous and have been for decades, despite repeated predications over the years of their impending death. They have remained popular for a range of reasons, primarily their simplicity and familiarity, backed up by how widespread technological support for them has traditionally been. As a result, the status quo is often not challenged, despite expert consensus that passwords are—well—a bit naff.

Authenticate Smarter, Not Harder: Part 1 Read More »

Supply Chain Security: Part 3

In the first part of this series, we covered the threat posed to your business by attacks on your supply chain. In the second, we detailed a number of ways of properly vetting potential suppliers, both obvious and non-obvious. In this third and final part of this series, we will detail a range of tactics you can use to protect yourself in the event of an upstream company being compromised.

Supply Chain Security: Part 3 Read More »

Supply Chain Security: Part 2

In the first part of this series, we explained how you are ‘only as secure as the company you keep’ and detailed the threat posed by supply chain attacks such as the 2017 NotPetya attack and contemporary activities of Magecart cybercriminal groups. However, for most people, using a supply chain is not optional. Here, we will go through ways of vetting your supply chain.

Supply Chain Security: Part 2 Read More »

Supply Chain Security: Part 1

You are only as secure as the company you keep, and in the modern technological ecosystem the company a company keeps is increasingly becoming a crowd. Particularly in the retail industry, but by no means exclusive to them, companies ‘rely on armies of third-party services to boost engagement and optimize the customer experience on their websites’.

Supply Chain Security: Part 1 Read More »

Who Are Magecart?

You may have heard talk about a shadowy entity called ‘Magecart’. You may know that whatever or whoever this ‘Magecart’ is, it’s not good, but you may have other questions: who or what are they, what do they do, and how can you defend against them? This article shall attempt to answer those questions.

Who Are Magecart? Read More »

Automated Security Tools Are No Substitute for Educated Employees

As in every industry—particularly technology-centric ones—the history of the cyber security industry has been one of task automation. From the early days (some may say Gen I days) of firewalls and pattern-matching antiviruses to modern techniques of machine learning-based malware detection and traffic analysis, the tools available to a security-minded business are constantly growing in complexity, in an arms race with cybercriminals whose malware has been doing the same.

Automated Security Tools Are No Substitute for Educated Employees Read More »

Privacy By Design is Here to Stay

One of the most seismic events in information security last year was undoubtedly the entry into force of the EU’s General Data Protection Regulation (GDPR), perhaps the most radical shift in data protection thinking since people started to require secret passwords to access a person’s account. The GDPR hysteria has settled down somewhat since May, but it has become clear that the Regulation represents a wider shift in approach to data protection and consumer privacy, and things will not end here.

Privacy By Design is Here to Stay Read More »

SMEs and Cyber Security: A case study

With data breaches of major tech. firms—your Googles and your Facebooks, for example—eating up all of the news coverage throughout the year, it’s easy for owners and employees of smaller to medium-sized enterprises (SMEs) to grow complacent. ‘They wouldn’t bother to attack little old me’, you might be thinking, but security through obscurity is no security at all.

SMEs and Cyber Security: A case study Read More »

Scroll to Top