How intrusion prevention systems (IPS) can be used with a 'honeynet' to gather intelligence on cyber attacks
By: TechTarget ComputerWeekly.com View more from TechTarget ComputerWeekly.com >>
Download this next:
Royal Holloway: An enhanced approach for USB security management
By: TechTarget ComputerWeekly.com
Type: Resource
USB flash drives and other USB-connected data storage devices offer a simple way of making data more portable and more easily transferrable. However, their use presents security risks that must be addressed. Apart from increasing the risk of data theft, they have often been used to transfer malware, sometimes with disastrous results. Tracing flash drive-assisted data theft or malware to the culprit can pose a challenge to cyber security professionals and managers, but the problem can be addressed with the aid of a novel USB monitoring system. This article outlines such a strategy, identifies what security attributes such a system must have, and compares the new strategy with established methods.
These are also closely related to: "How intrusion prevention systems (IPS) can be used with a 'honeynet' to gather intelligence on cyber attacks"
-
Cyber Security 2016 and beyond
By: TechTarget ComputerWeekly.com
Type: eGuide
Traditional security approaches and technologies are no longer enough to tackle new threats that are designed to hold companies’ data to ransom or bypass security controls to steal data. However, many companies are still relying on traditional defences like antivirus systems and firewalls rather than deploying encryption and endpoint security, and are pursuing reactive security strategies rather than investing in systems to be more proactive in protecting data. Many organisations still lack the ability to detect and respond quickly to malicious activity on their networks and are failing to train employees effectively in cyber defence. Yet surveys indicate high levels of confidence by CIOs about their security posture, indicating a worrying disconnect between perception and reality in the face of increasingly stealthy cyber threats.
-
Email security: Never more important
By: TechTarget ComputerWeekly.com
Type: eGuide
Email security remains as important as ever, with the majority of cyber-attacks, including ransomware attacks, still being launched through email using a combination of social engineering, phishing, malicious links and weaponised email attachments.
Email remains the easiest and most effective channel of attack with the number of emails being sent on a daily basis expected to surpass 293 billion by the end of 2019. Despite this, email is the weakest link in most organisations’ security strategies, with many failing to address vulnerabilities in popular email platforms such as Office 365.
With the reliance on email and associated threats likely to continue to grow, businesses need to address this threat with a combination of security awareness training and automated tools to reduce the likelihood of infection and speed up the detection of and response to email borne threats. Underlining the importance of email security, it is a core component of the UK National Cyber Security Centre’s Active Cyber Defence (ACD) initiative.
Find more content like what you just read:
-
Focus: IT Security in the Middle East
By: TechTarget ComputerWeekly.com
Type: eGuide
In this issue, we look at the challenges facing organisations in the Middle East as they increasingly rely on digital technologies to engage with customers and citizens.We also analyse specific risks to enterprises, such as malware sneaking into networks under the guise of encryption.
-
The great IAM - time to modernise?
By: TechTarget ComputerWeekly.com
Type: eGuide
In this e-guide, we offer a refresher in Identity and Access Management and highlight some of the trends that have an impact on it. Take a look at why IAM is a core building block for GDPR compliance and at the same time, a vital business concern. Is IAM really the way forward? And if so, is it time to modernise your strategy?
-
Focus: Securing new technology
By: TechTarget ComputerWeekly.com
Type: eGuide
The scarcity of information security professionals with the required depth and breadth of experience is one of the biggest challenges facing businesses. As businesses seek to gain competitive edge through digital transformation, they are increasingly exposing themselves to increasing risk of cyber attack.
-
Royal Holloway: The Computer Misuse Act and the characteristics of convicted hackers
By: TechTarget ComputerWeekly.com
Type: Research Content
In this Royal Holloway article, the authors go beyond the perpetuated stereotypes often found in media surrounding hackers by analysing the characteristics of real-life convicted hackers in the UK, who were charged under the Computer Misuse Act
-
Royal Holloway: Cloud-native honeypot deployment
By: TechTarget ComputerWeekly.com
Type: Research Content
Exploring open problems facing cloud infrastructure, this article in our Royal Holloway security series describes the implementation, feasibility and benefits of cloud-native honeypots.
-
How long does it take to get owned?
By: TechTarget ComputerWeekly.com
Type: Research Content
A study to investigatethe amount of time that it takes for stolen credentials to be used by a hacker.
-
Analysis of the Linux Audit System
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security Series identifies serious flaws due to architectural limitations of the Linux kernel which cast doubts on its ability to provide forensically sound audit records and discusses possible mitigation techniques.
-
Royal Holloway: Purple team playbook – threat modeling for security testing
By: TechTarget ComputerWeekly.com
Type: Research Content
The reality of information security is that it is impossible to completely ensure that an attacker cannot get into the corporate network. Instead, companies should look at how they prepare and react to security attacks by gaining an understanding of how cyber criminals work by combining the talents of red teams and blue teams
-
Royal Holloway: Rowhammer – From DRAM faults to escalating privileges
By: TechTarget ComputerWeekly.com
Type: Research Content
Discover how Rowhammer attacks, created from a side effect in dynamic random-access memory (DRAM) that occurs due to increased density, can affect your company's cyber security and how best to protect against them
-
The Devil's Right Hand: An Investigation on Malware-oriented Obfuscation Techniques
By: TechTarget ComputerWeekly.com
Type: eGuide
This article in our Royal Holloway Security Series evaluates the role that obfuscation techniques play in malware and the importance of understanding their effectiveness.
-
Royal Holloway: Testing antivirus efficacy in Linux
By: TechTarget ComputerWeekly.com
Type: Ezine
Antivirus software plays an important part in protecting users and networks from malware, so installing and keeping it up-to-date is essential in securing computing devices. Yet Linux users believe this OS can only be marginally affected by malicious software. In this Royal Holloway article, we evaluate the effectiveness of some antivirus products.
-
Royal Holloway: Driverless vehicle security for military applications
By: TechTarget ComputerWeekly.com
Type: Research Content
Existing attacks and risk assessment frameworks within civilian autonomous vehicles (AVs) can be used to review security of military AVs deployed for logistics purposes in a desert warzone environment.
-
Proving ownership of IPv6 addresses
By: TechTarget ComputerWeekly.com
Type: Research Content
In this article in our Royal Holloway security series, we examine the mechanisms that have been invented to allow Internet Protocol version 6 (IPv6), which replaces IPv4, users to prove their rightful ownership of an address, preventing others from using it falsely, as well as showing some of the ways in which these measures are incomplete.
-
GDPR: Risk, opportunity and what it means for security professionals
By: TechTarget ComputerWeekly.com
Type: Research Content
This article in our Royal Holloway information security series explains why GDPR is necessary, what it means for security professionals, and how they can approach GDPR in a positive way.
-
Towards an Autonomous Vehicle Enabled Society: Cyber Attacks and Countermeasures
By: TechTarget ComputerWeekly.com
Type: Essential Guide
Cyber-attacks against autonomous vehicles could have grave implications for safety, privacy, reputation of manufacturers, and public perception.
-
Cyber risks in maritime container terminals: Analysis of threats and simulation of impacts - updated
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security series explains why container terminals are vulnerable to cyber attacks, and recommends a technique for identifying and prioritising those vulnerabilities.
-
Deep learning for countering energy theft – a hybrid long-short term memory approach
By: TechTarget ComputerWeekly.com
Type: Research Content
Energy theft is a critical issue for power system operators and billions of pounds are lost to it every year. This article in our Royal Holloway security series describes a convolutional long short-term memory-based energy theft detection model to identify electricity thieves.
-
The exploitation of flaws in the HTTPS protocol
By: TechTarget ComputerWeekly.com
Type: Research Content
For both technical and non-technical users, the presence of "HTTPS" in a website URL will provide confidence to consider entering sensitive information such as bank or credit card details. However, even websites owned by the most reputable organisations may be exposed to attack if HTTPS is not properly implemented.
-
Mobile Payments Using Host Card Emulation with NFC
By: TechTarget ComputerWeekly.com
Type: Research Content
In this article from our Royal Holloway security series, we present a set of risks associated with using smartphones for contactless payment transactions.
-
Royal Holloway: Lessons on catastrophe - differences and similarities between cyber and other forms of risk
By: TechTarget ComputerWeekly.com
Type: Resource
Cyber insurance is still in its infancy but has shown significant growth, with evidence for further expansion. However, a lack of past information and some idiosyncrasies make pricing difficult, as well as potentially amplifying risk exposure. This article summarises findings from a practical model that could be used in lieu of actuarial data.
-
Royal Holloway: Security evaluation of network traffic mirroring in public cloud
By: TechTarget ComputerWeekly.com
Type: Research Content
This article in our Royal Holloway security series examines network traffic mirroring, demonstrating how the technique is being implemented in public cloud and the challenges it faces due to the inherent characteristics of the public cloud – security challenges that, if not addressed, can be detrimental to the security posture of an enterprise.
-
A Security Assessment of Android Full-disk Encryption
By: TechTarget ComputerWeekly.com
Type: eGuide
This article in our Royal Holloway Security Series describes an attack on Android 5.0 full disk encryption and discusses potential countermeasures.
-
Royal Holloway: A novel approach to clustering malware behaviour to improve malware detection
By: TechTarget ComputerWeekly.com
Type: Research Content
Clustering malware behaviour can be very useful, but it is unknown how accurate clustering algorithms are when dealing with malware
-
Royal Holloway: Secure connected and autonomous vehicles - the long road ahead
By: TechTarget ComputerWeekly.com
Type: Research Content
Advances in technology have led to safety and comfort features being added to vehicles, with ambitious plans for driverless cars and other connected and autonomous vehicle (CAV) systems being developed. This article looks at some of the requirements, constraints and challenges, including two areas of uncertainty: data and software updates.
-
Royal Holloway: Protecting investors from cyber threats
By: TechTarget ComputerWeekly.com
Type: Research Content
The cyber security of personal investors who use UK investment platforms to manage their pensions or savings is not well understood and not often discussed. In this Royal Holloway security article, we identify the principal cyber threats to investors' assets on UK investment platforms and what can be done to prevent or mitigate these threats.
-
Insuring the uninsurable: Is cyber insurance worth its salt?
By: TechTarget ComputerWeekly.com
Type: Research Content
This article in our Royal Holloway Information Security Thesis series discusses the risks and benefits of cyber insurance and outlines steps businesses can take to make better informed risk mitigation decisions.
-
Understanding behavioural detection of antivirus
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security Series analyses the effectiveness and behavior of 32-bit and 64-bit antivirus software in Windows 7.
-
The Investigatory Powers Act 2016 and Internet Connections Records
By: TechTarget ComputerWeekly.com
Type: Research Content
This article in our Royal Holloway Information Security series examines the implication of the state's collection of Internet Connection Records under the Investigatory Powers Act 2016.
-
Secure Voting
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This report from WebRoots Democracy, a pressure group for e-voting, aims to answer the key questions surrounding online voting security and the potential e-voting systems.
-
Royal Holloway: Information security of the 2016 Philippine automated elections
By: TechTarget ComputerWeekly.com
Type: Research Content
We analysed 426 log files provided by the Philippines' Commission on Elections to objectively recreate what transpired during the 2016 elections. These log files were used to gauge the integrity of the Philippine AES using an AES Trust Model developed by this research.
-
Security analytics: Enabling organisations to get ahead of attackers
By: TechTarget ComputerWeekly.com
Type: eGuide
In the face of an ever-increasing number of cyber-attacks, many organisations are turning to security analytics, which is the use of data to measure and detect potential breaches. In this e-guide we provide 6 case studies on when and when not to use security analytics.
-
Sandnet++ – A framework for analysing and visualising network traffic from malware
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security Series looks at Sandnet++, a framework for analysing and visualising network traffic from malware
-
Royal Holloway: Secure multiparty computation and its application to digital asset custody
By: TechTarget ComputerWeekly.com
Type: Research Content
For this article in our Royal Holloway security series, the authors provide a brief overview of multiparty computation (MPC) and highlight the benefits of MPC-based bitcoin custody over traditional approaches.
-
Infosec culture: A former helicopter pilot's perspective
By: TechTarget ComputerWeekly.com
Type: Research Content
In this article in our Royal Holloway security series, former helicopter pilot Ashley Bye explains how the UK Military Aviation Authority's model for an engaged air safety culture could be used to reduce the prevalence and severity of cyber security incidents.
-
A Computer Weekly buyer's guide to Threat Management
By: TechTarget ComputerWeekly.com
Type: eGuide
Threat management has become a vital component in the cyber security strategy of many businesses. In this19-page buyer's guide, Computer Weekly looks at why threat management should be tailored to your company's needs, the strength in combining it with other security systems and how cloud-based security can reduce costs.
-
Threat management: Essential guide
By: TechTarget ComputerWeekly.com
Type: eGuide
Security is about reducing risk, while assessing risk is all about understanding the cyber threats facing the enterprise, which in turn is about recognising that not all threats are external and that threat intelligence is a key element of threat management.
-
Policing cyber crime
By: TechTarget ComputerWeekly.com
Type: Essential Guide
This article in our Royal Holloway Security series considers the duties of the police in the UK and asks whether these roles remain realistic and achievable in cyber space
-
12 essential features of advanced endpoint security tools
By: TechTarget ComputerWeekly.com
Type: eGuide
Endpoint protection of enterprise systems is an efficient method of managing software deployment and enforcing security policies. IT administrators can use endpoint security for a number of operation monitoring functions and data backup strategies. Here are 12 key features endpoint security products should include.
-
In 2017, the insider threat epidemic begins
By: TechTarget ComputerWeekly.com
Type: Essential Guide
Cyber security resiliency depends on detecting, deterring and mitigating insider threats. This report from the Institute for Critical Infrastructure Technology assesses the risks and potential solutions.
-
Security Think Tank: Critical National Infrastructure
By: TechTarget ComputerWeekly.com
Type: eGuide
We asked our regular panel of cyber experts, the Computer Weekly Security Think Tank, to consider and highlight the risks posed to industrial control systems (ICS) and other elements of operational technology (OT), and advise on what steps CNI operators should be taking to address them.
-
SWG: Answering FAQs
By: Nomios
Type: eBook
To battle proliferating web-based threats, many organizations have adopted a secure web gateway (SWG) in order to filter malicious content. For leaders interested in augmenting their SWG knowledge, this e-book can serve as a comprehensive guide. Tap into the book to unlock answers to FAQs about SWGs.
-
CW ASEAN: Defend against disruption
By: TechTarget ComputerWeekly.com
Type: Ezine
In this month's issue of CW ASEAN, we take a closer look at how industrial control systems operators are improving the visibility of ICS environments without jeopardizing operations, addressing security vulnerabilities and enhancing cooperation between IT and operational technology teams. Read the issue now.
-
BlackCat emerges as one of the top ransomware threats
By: TechTarget ComputerWeekly.com
Type: eBook
After several notable ransomware attacks against major enterprises, the BlackCat gang is drawing the attention of security researchers who have connected it to other groups.
-
Top 10 IT security stories of 2018
By: TechTarget ComputerWeekly.com
Type: eGuide
The discovery of the Meltdown and Spectre microprocessor vulnerabilities, and several similar vulnerabilities in the months that followed, were probably the single most challenging developments for enterprise IT security teams in 2018. Here's a look back over Computer Weekly's top 10 IT Security stories of 2018.
-
Computer Weekly – 15 November 2022: How to protect against ransomware attacks
By: TechTarget ComputerWeekly.com
Type: Ezine
In this week's Computer Weekly, we look at how to prepare for and protect against ransomware, and what to do if you're hit by an attack. We gauge industry reaction to Ofcom's plan to investigate the big three cloud providers. And we find out how travel giant TUI is implementing self-service analytics. Read the issue now.
-
7 risk mitigation strategies to protect business operations
By: TechTarget ComputerWeekly.com
Type: Infographic
Risk mitigation strategies must not only identify risks and threats, but also stress the importance of identifying vulnerabilities that could open the door to risk events. In this infographic, we put together the seven most widely used risk mitigation strategies with to help business keep their data safe.
-
Security Think Tank Pt.1 - 2020 bought us universal remote working. So what next?...
By: TechTarget ComputerWeekly.com
Type: eGuide
In this e-guide: Each month Computer Weekly poses a question to its Security Think Tank, a panel of cyber security experts comprising industry insiders, technologists, analysts, legal experts and educators, to share their years of collective cyber security wisdom with the security community.
-
Tips for securing and utilizing Big Data to your advantage
By: TechTarget Security
Type: eGuide
This expert guide examines the reasons why Big Data security is so important, providing helpful tips for adapting and utilizing it to your business' advantage.
-
Vishing attacks increasing, but AI's role still unclear
By: TechTarget ComputerWeekly.com
Type: eGuide
According to cybersecurity company Trellix, the number of vishing attacks in Q4 2022 increased by 142% from Q3 2022. Although the volume of vishing attacks continues to rise, threat researchers say that the role of AI technology in these attacks may have been overestimated.
-
Computer Weekly - 26 July 2022: Inside Russia's Ukraine information operations
By: TechTarget ComputerWeekly.com
Type: Ezine
In this week's Computer Weekly, we get the inside track on Russia's disinformation operations attempting to spread propaganda and cyber threats about the invasion of Ukraine. Our new buyer's guide looks at customer and employee experience management. And we assess 10 top Kubernetes backup suppliers. Read the issue now.
-
Hacking the Human Operating System
By: TechTarget ComputerWeekly.com
Type: Essential Guide
Cyber attackers often bypass the consciousness of their targets and attempt to manipulate victims through subconscious influences. This report from Intel Security offers advice on how to mitigate these risks.
-
Digital identity strategies to enhance data privacy and protect networks
By: TechTarget ComputerWeekly.com
Type: eGuide
The rise of digital transformation, cloud adoption and remote work has spurred an evolution of identity in the workplace. In this e-guide, read more about the convergence of identity management and security, how to identify the main access management risks, and how cloud adoption is shaping digital identity trends.
-
Top 10 cyber security stories of 2021
By: TechTarget ComputerWeekly.com
Type: eBook
Cyber security was once again top of the agenda for IT leaders in 2021, with a barrage of news and analysis making it hard to separate the wheat from the chaff and the genuine insight from the self-promotional nonsense. However, there were some stand-out cyber security stories in the past 12 months that were indubitably worthy of attention.