Worldwide, just 46% of small and medium-sized enterprises (SMEs) have implemented recommended multifactor authentication (MFA) technology, and only 13% mandate its use for employee account or application use, with more than half... Read more »

Good cyber hygiene and a strong risk management culture is the obvious approach to take if you want to try to avoid being one of those “company X just got hacked” news... Read more »

Cyber security insurance is risk transference. It represents a purely reactive incident response activity and does not negate the need for investment in prevention and recovery, but it can be an important... Read more »

The National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) have joined forces to call on the legal profession to stop advising organisations to pay off ransomware demands. In a... Read more »

Sweden has a long history of data privacy. In fact, it was the first country in the world to adopt data privacy legislation, with the 1973 Data Act. Swedish data protection legislation... Read more »

Microsoft appears to have quietly, and without fanfare, reversed a February 2022 policy to block Visual Basic for Applications (VBA) macros by default across five of the most used Office applications, citing... Read more »

The purpose of cyber insurance is basically the same as any other form of insurance. Insurance provides protection if a rare but unaffordable event should occur, that could otherwise severely damage the... Read more »

Ken McCallum, director general of MI5, and Chris Wray, director of the US’s FBI, have warned of the growing threat posed by the ruling Chinese Communist Party (CCP) to UK and US... Read more »

Threat modelling is the process of visualising vulnerabilities in software from the design phase through the software development lifecycle. A relatively new software security practice, it has gathered significant traction over the... Read more »