Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

BCS ITNow 201503 - Lessons Learned

97 views

Published on

When it comes to dealing with hacks such as the one Sony suffered, Gareth Niblett, Chairman of the BCS Information Security Specialist Group says we should all learn from others mistakes.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

BCS ITNow 201503 - Lessons Learned

  1. 1. We are all susceptible to being hacked and our private records compromised. The trick to defending yourself or your organisation is to learn from the experiences of others and understand who might wish to target you. Avoiding the mistakes of others is a low-cost method of improving your security posture. One of the big attacks of 2014 was against Sony, which was comprehensively taken over by hackers. Other than the debate as to who perpetrated the hack, it was apparent that Sony has not learned from previous compromises, that it and others had suffered, as it continued to operate with lax security controls. Observers might wonder how a large organisation, more than able to afford capable professionals, administering appropriate security policies and procedures, and underpinned by technology could allow many terabytes of data to be exfiltrated without anyone or anything noticing something was awry. The practice of keeping a directory of static passwords for corporate accounts shows how even a large business struggles to find a way to balance security with usability. Attacks leveraging zero-day vulnerabilities can crack open even the strongest layers of defence, so you still need to also be checking on the inside. INFORMATION SECURITY All of us rely on software and many of us rely on it being robust and secure. It is impossible for functional software to have no bugs or vulnerabilities, but many can be squashed during the software development lifecycle, with code analysis / testing. Secure software development can make our digital environment safer. When it comes to dealing with hacks such as the one Sony suffered, Gareth Niblett,Chairman of the BCS Information Security Specialist Group says we should all learn from others mistakes. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION doi:10.1093/itnow/bwv008©2015TheBritishComputerSocietyImage:iStock/476346099 22 ITNOW March 2015 LESSONS LEARNED Sponsored by: In partnership with www.servicedesk360.com Supported by: Register for FREE entry Quote priority code 104SITS and save £35 on the day www.ITSMshow.com The UK’s largest exhibition & conference dedicated to ITSM EXHIBITION | KEYNOTES | NETWORKING | SEMINARS | EXPERT ADVICE

×