General interest

Is it time to realign, or even retire the role of the CISO?

For some time we have accepted that effective business security, data privacy and compliance requires a Chief Information Security Officer to act as the lynchpin between the IT security functions and the company board. It was the CISO that ensured that security was a “boardroom issue”, and this mantra has stuck. The concept started in […]

Why is cyber security so hard?

As we have noted before in our blogs, the cyber security skills shortage remains an enduring problem despite efforts by government and academia to address the issue with extra money and university training. If anything, the gap between supply and demand is widening further just as threat levels increase and compliance becomes more pressing for […]

Our digital society still needs to be protected by humans

Go to any major airport in the world and you will see the reassuring presence of the air traffic control tower in the distance. Inside will be the highly trained people we all put our trust in, surveying in 360 degrees everything happening out in the skies and on the ground. However, at London City […]

The people attacking your business couldn’t be better organised

We’ve said previously in our blogs that after an attack perhaps the last thing you worry about is who was behind the crime. Once it has happened most organisations worry about damage limitation than the unlikely prosecution of those responsible. One reason why cyber crime is so attractive to organised criminal groups (OCG) is they […]

Making the right MSSP choice is harder now but choosing well can pay dividends

This week sees the launch of a new piece of research sponsored by Reliance ascn and undertaken for us by the leading European IT research firm PAC-CXP. The study, “Managing Security in the Digital Era”, was conducted in February this year across the UK, France, Germany, Nordics, Ireland and Netherlands. Just over 200 senior IT […]

The problem with bug bounty programs is that they are quite buggy

So called bug bounty programs have become popular in recent years with many tech giants paying hackers – in some cases quite well – to find previously unknown vulnerabilities in their software and applications. Google, Facebook, Microsoft and others are increasingly willing to reward those who can find vulnerabilities before criminal hackers do. It’s not […]

Sharing the fallout from a cyber attack

A recent report claimed that cyber attacks have wiped around £42bn off the collective share value of UK businesses targeted. That large, and headline grabbing figure, was reached by research group Oxford Economics using data compiled from the Gemalto Breach Index – a register of publicly disclosed cyber security breaches. Altogether, it says 315 breach […]

Scientific study of link between Autism and cyber crime surely misses the point
News came this week of an academic study that plans to investigate links between cyber crime activities and autism, also known as Asperger’s syndrome. According to the report in the Independent, autism and traits of the condition appear to be more prevalent among cyber criminals than for other types of crime, but “the link remains [...]
The future of the Security Operations Centre is hybrid

It’s hard to think of something so fundamental to conventional cyber security management thinking as the Security Operations Centre (SOC). The model comes from a defence and national security mindset that by having a central command centre through which all communication flows, you are able to fully control the theatre of operations from a central […]

What can business learn from the security of social media?

For some of the older members of the Reliance acsn team, social media is a bit of a mystery, apart from our hipster like CEO – a notably keen user of Facebook. Jokes apart, it goes without saying that social media is a huge phenomenon, with user numbers in billions and no sign of slowing […]

Acquiring a new company means owning its security as well

Growth for many businesses is achieved through an organic process, slow but with minimal risk, or via merger and acquisitions which rapidly grows the value of the business but is more risky. Many companies have expanded only to increase the value of the business (even to facilitate its own acquisition) but in the end been […]

If you want to get ahead, get an apprentice

This week was National Apprentice Week. You may not have known that, it was not as widely publicised as International Women’s Day for example, but in terms of impact on the future prosperity of our country it is significant. The week was coordinated by the UK National Apprenticeship Service and, in the government’s word, it […]