Month: October 2016

Consider yourself the next Kojima? Ready to become the next Rocksteady? Maybe you’ve got the skills to become a future Meier?

UK games developers could be in with a chance of securing up to £25,000 of government funding, as the hunt begins to find the UK’s next big video game.

The UK Games Fund is inviting developers to apply for the grants in a bid to support video games projects and help develop new talent.

The fund, which in now its third round, has so far helped 50 developers from across the nation see their gaming dreams transformed into reality thanks to more than £1.3m in government grants.

Minister of State for Digital and Culture Matt Hancock MP said:

“The UK is a world leader when it comes to making video games, and we’re determined to make sure this continues long into the future.

“Our UK Games Fund has already helped many young games companies turn prototypes into a reality. Together with the Government’s video games tax reliefs this shows how we’re supporting this dynamic sector to attract further investment and new talent.”

The UK’s video games sector plays a vital role in the country’s thriving creative industries, which contributes £84 billion to the economy.

Video games developer Sensible Object, who successfully applied for funding from the first round of the UK Games Fund, have brought their game “Beasts of Balance” to life thanks to the government grant. About to be launched in retailers including John Lewis, “Beasts of Balance” is an ambitious mixture of a physical tabletop and digital game in which players stack beast-shaped pieces into a balancing tower that’s scanned by a connected smartphone or tablet.

On a visit to the Sensible Object studios in Somerset House, the Minister was shown how the developers have developed their designs and are now bringing them to market.

Alex Fleetwood, Sensible Object founder, said:

“Launching any venture is fraught with risks, but creative businesses like game companies come with even more challenges and the UK Games Fund is a very timely form of support for those that hope to grow and succeed in that area.

“The fund is well-run, straightforward to apply for, and clear in its decision-making, making it a valuable asset to game companies like ours and the industry as a whole.”

The Government’s UK Games Fund is aimed at supporting new video games businesses, encouraging talent, accelerating growth in regional games clusters and complements UK’s video games tax relief. Many small businesses lack the capital to help develop their ideas and attract private investment. The Fund has been created to help bridge that gap and help developers take their ideas from the drawing board and into production.

Paul Durrant, head of the UK Games Fund, said: “We’re really excited about this funding round, given the high demand and the quality of projects we’ve seen so far. It’s also good to see the success stories arising from our support. Sensible Object’s rapid progress shows just what we can achieve when we assist the UK’s top games development talent.”

Dr Jo Twist OBE, CEO of Ukie, said: “The UK is home to some of the world’s best and brightest creative games talent, and support from the UK Games Fund has already helped many projects get a much needed boost towards development and funding. The fantastic games that have already emerged from previous rounds shows what a huge asset this fund is to the games sector in the UK, and Ukie is proud to continue supporting the project through this next round.”

To apply for funding visit: ukgamesfund.com

(88)

IoT Investors Day will take place on 9th of December in Sheraton Bangalore Hotel, Bangalore, India.
The leading industry professionals of IoT industry where invited to share their knowledge and experience with our attendees. During the one-day conference speakers will reveal a variety of topics in different sectors of IoT Industry.
At the conference will be presented topics in the following areas:
-IoT market and IoT start ups;
-IoT and smart cities;
-IoT and Energy Management in Retail;
-IoT and Agrobusiness;
-IoT and smart manufacture and other.
Among speakers of IoT Investors Day you will find Syam Madanapalli, IoT Engineer in Dell Company, Sanjeev Malhotra, CEO at NASSCOM, Manisha Sharma Kohli and Sougata Mukherjea, IoT experts in IBM and many others.
You could find more information in the official website: www.iot-investorsday.com
Get your ticket today and meet with greaters at IoT Investors Day!

(75)

Part one: More than passwords
By François Amigorena, CEO, IS Decisions

It’s a fact… passwords are part of our lives. Most of us use them multiple times a day to access our emails and computers both at home and at work. But over time, there has been a need for passwords to become more complex in order to counter growing security issues. While overly complex passwords coupled with frequent prompts to re-enter them can be frustrating, they play an all important part when it comes to security. But nowadays, merely having secure passwords is not enough, especially if they fall into the wrong hands.
One way of adding a further security layer is multi-factor authentication (MFA) which combines something users have, like a token, with something they know, as in a password. However, as well as adding to overcomplicated procedures MFA can also still not be secure enough. For example, the National Institute of Standards and Technology (NIST) recently stated that organisations should not use SMS for MFA if they are to remain FISMA compliant, because SMS messages can be too easily “intercepted and redirected”.

This could be one of the main reasons why organisations are turning to context-aware security — where authorisation is given once the user has been successfully authenticated – offering the security benefits of MFA but without the drawbacks. Context-aware security uses supplemental information when someone attempts to connect to decide whether access is genuine or not. This supplemental information includes what device the user is logging in on, what geographical location they’re logging in from, what the time of day is, and many other factors that build up a profile of the person logging in. So if an outsider somehow gets a hold of an employee’s login details and tries to login at an unusual time from an unauthorised device – they would simply be denied access.

Ultimately, it does not matter when or how credentials were compromised and you may never find out. Context-aware monitoring identifies user behaviour that goes against the rules mentioned above and will automatically protect the network. Additionally, real-time monitoring will raise red flags if there are suspicious activities, that could be seen as potential security risks, creating an opportunity for you to act quickly. It is the simple answer to creating a more secure environment that does not have a negative impact on users.

In our recent guide  UX versus User Security, we found that there are a number of organisations both in the US and UK that guard against compromised credentials by using additional methods like real-time monitoring of accounts, setting up alerts for abnormal logon activity and contextual access restrictions. This ultimately strikes the right balance between user experience and user behaviour because the security is there – but it does not impede the user.

Learn more about Customising your security by implementing and managing transparent access controls to not impede user productivity.

(190)

For many of us, modern-day Halloween triggers an endless loop of zombie movies, creepy ghost stories, spider nets and dreadful costumes (okay, and an avalanche of overpriced candy). However, alongside our rational fears lies another, less popular one, that is frequently ignored, yet terribly dangerous- the fear of being exposed to a cyber attack.

In his latest blog post, Richard Patterson, director of security and privacy comparison and advice website, Comparitech.com talks about some of the most popular cyber security nightmares and shares useful tips on how to fix them .Highlights include:

• The rise of IoT based attacks – hacked smart phone devices, TVs and cars
• The big brother privacy nightmare (including some original data from Comparitech.com’s latest survey)
• The future of AI – The brain hacking nightmare

The full blog post can be found here: https://www.comparitech.com/blog/information-security/halloween-cyber-security-nightmares-and-how-to-avoid-them/

(78)

Early Warning, the industry leader in real-time payments, authentication and risk mitigation and NuData Security, an award winning behavioural analytics company, today announced a strategic alliance that will enable Early Warning to utilise behavioural analytics and risk decisioning as part of the company’s comprehensive authentication platform providing trust, safety and soundness for real-time payments.

Core to the Federal Reserve’s strategies for improving the U.S. Payment System is the safety and security of faster payments solutions. As data breaches and cyber-crime continue to become more prevalent, the ability to deliver the convenience and increased functionality of faster payments while balancing evolving and complex fraud mitigation strategies is of top concern. For online and mobile environments, financial institutions and merchants are focused on gaining continuous visibility into digital identities across the account lifecycle to positively identify good users and detect automation/non-human behaviour, coordinated activity (fraud groups/bot nets), and anomalous account creation and transactions.

Early Warning has simplified and unified how authentication is administered for a broad array of payments use cases to enable greater flexibility and customisation of risk strategies while decreasing the operational inefficiencies that typically accompany individual authentication point solution implementations.

“Early Warning has taken yet another fundamental step in securing and optimising real-time payments,” said Eric Woodward, group president of Risk Solutions for Early Warning. “Integrating NuData’s behavioral analytics and risk decisioning within our robust authentication offering provides financial institutions a unique and powerful ability to secure a variety of faster payments use cases while still offering a great experience.”

“In our new alliance with Early Warning, we’re addressing the overwhelming need of financial institutions to provide better and more accurate verification of customers in real-time. By integrating our behavioural analytics, passive biometrics and decisioning with their authentication platform, FI’s will have powerful new abilities to truly understand their users while providing great experiences for trusted users,” said Michel Giasson, CEO of NuData Security. “We’re looking forward to providing improved authentication and meeting the needs of Early Warning customers with our integrated platform.”

About Early Warning

Early Warning is creating the future of payments by delivering innovative payment and risk solutions to financial institutions nationwide. For over 25 years, Early Warning has been a leader in financial technology that advances the financial system. Learn more at earlywarning.com

About NuData

NuData Security is an award winning behaviour analytics and behavioural biometrics company. The company’s flagship product, NuDetectTM, helps companies identify users based on their natural behaviours online. NuDetect monitors over 80 billion online interactions yearly. It’s used by some of the biggest brands in the world to stop fraud, prevent attacks and continuously verify good users. Learn more at  nudatasecurity.com

(75)

The UK public has expressed that it would like to see the data deemed by the Investigatory Powers Tribunal (IPT) to be unlawfully collected by GCHQ and MI5 on UK citizens for over a decade deleted. This is according to a OnePoll survey conducted on behalf of security and privacy advice and comparison site Comparitech.com. According to the study carried out on 1,000 members of the UK public, 70% said they would like to see their illegally gathered data deleted – something which the IPT ruling failed to stipulate in its ruling. A further 45% of respondents felt that compensation was also in order.

“While almost half of those surveyed said they should be compensated for any nefarious activity they may have been subjected to, a far healthier 70% thought that the UK government should now delete all personal data it has acquired through illegal means,” said Lee Munson, security researcher for Comparitech.com. “Whether or not that happens remains to be seen – or not, as the case may be – but what is clear is that the British public still do not have a grasp on data privacy and wiretapping laws.”

One third of the UK public said the case had decreased their trust in the UK Government, while a whopping 68% said it had decreased their trust in online platforms such as social media and email. When asked if they were more concerned about hackers stealing or the government illegally collecting their private information, 51% were more concerned about hackers, 14% were most concerned with the government and almost a third (31%) said they were equally concerned about both.

“These stats clearly show that public is constantly fighting a battle of who to trust in regards to their privacy,” continued Munson. “For now, the best advice for the public is to trust no one when it comes to leaving a trail of personal information online and to arm themselves with the tools and knowledge to help keep their personal information safe. For the powers that be who have yet to decide what to do with the data that has been illegally collected so far: the public has spoken – delete it.”

In fact, 38% of the public felt so strongly about privacy, that they would consider paying for products that increase their online privacy. To find out more and for further analysis, please see Lee’s blog on Comparitech.com.

(58)

This week, people all over the UK have been receiving messages from friends or family over WhatsApp telling them to click on a link to receive £100 worth of gift cards. This is in fact one of the latest scams to target WhatsApp users, as the messages will likely come from trusted contacts. Commenting, Lee Munson, security researcher for Comparitech.com said:

“So, you received a message from ‘Sainsbury’ via WhatsApp, offering you the chance to win a gift card in return for answering a survey.

“Exciting, huh?

“Before you click on that link, however, stop and think for a moment.

“While it is unlikely you will win any competition you enter in the first place, messages such as these are often far darker than they first appear.

“Firstly, they are almost never affiliated with the company mentioned in the tagline – they are sent by ‘chancers’ hoping you’ll complete a survey and earn them a few pennies in the process.

“Secondly, you have no idea which website the link will be taking you to.

“Will the site you land on collect your personal information, install invasive cookies on your machine, add an annoying extension to your browser so it can pepper you with advertising in the future? Or will it be old-school and just infect you with a virus or some other nasty type of malware?

“The thing is, you just don’t know.

“To protect yourself from this type of ruse, you could install security software – never a bad idea – or, better yet, just employ some good judgement and never click on links to these types of sites, especially if asked to do so by someone who just sent you an unsolicited message.”

(193)

It has emerged that a number of popular sites and services are down right now for many users, including Twitter, SoundCloud, Spotify and Shopify. The cause appears to be a sweeping outage of DNS provider Dyn, as a result of a DDOS attack according to a post on Hacker News. Other sites experiencing issues include Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties.

Commenting on this, Richard Meeus, VP technology EMEA at NSFOCUS, a DDoS mitigation company, said “DNS has often been neglected in terms of its security and availability from an enterprise perspective – it is treated as if it will always be there in the same way that water comes out of the tap and electricity is there when you switch it on. This attack highlights how critical DNS is to maintaining a stable and secure internet presence, and that the DDOS mitigation processes businesses have in place are just as relevant to their DNS service as it is to the web servers and datacentres.”

(86)

The Guardian has reported that consumer group, Which?, says five of the UK’s biggest banks and building societies consistently scored poorly in its security test, including Lloyds and Santander.

Commenting on this, Mike Ahmadi, Global Director – Critical Systems Security at Synopsys, said: “The world of security issues that can be enumerated represents the results of an infinite space problem. Systems are designed and deployed with specific functional requirements, or use cases. Most cybersecurity issues represent non-functional issues, or misuse cases. As it turns out, there are an infinite number of ways to misuse a system, and that makes cybersecurity a very challenging problem to solve. Organisations need to deploy automated testing tools in order to quickly enumerate vulnerabilities and “shrink” the infinite space of issues down to a manageable size of the most common or likely issues, so security teams and developers can better prioritise what needs to be addressed.”

(109)

A cybersecurity audit of the US Secret Service found unacceptable vulnerabilities that leave the possibility of insider-threat activity and privacy violations.

According to this article, the Office of the Inspector General performed a cybersecurity audit after the Secret Service improperly accessed and disclosed information about Rep. Jason Chaffetz (R-Utah), chairman of the House Committee on Oversight and Government Reform, which monitors U.S. Secret Service (USSS) operations. A number of weaknesses were found, including inadequate system security plans (SSP), systems with expired authorities to operate, inadequate access and audit controls, noncompliance with logical access requirements, inadequate privacy protections and over-retention of records.

Commenting on this, Stephen Gates, chief research intelligence analyst at NSFOCUS, said “Mandated by Congress, the role of United States Secret Service (USSS) is to protect our leaders, visiting dignitaries, and designated sites and events in the U.S. In addition, they’re tasked with safeguarding the nation’s critical financial infrastructure and payment systems. In other words, they’re responsible for protecting the “stability” of our nation.

Secrecy is in their name; however, that secrecy may be at risk due to the poor state of information security within their organisation that was recently exposed. According to reports, their latest cybersecurity audit points to numerous flaws in their approach to securing themselves, and our national interests. This situation highlights a serious lack of leadership and overall responsibility.

Being tasked with protecting our nation’s critical financial infrastructure and payment systems, how can we expect the nation’s financial organisations to clean up their own acts and harden their cyber defences when the agency who has oversight does not do the same. The USSS is also designated to protect our leaders and visiting dignitaries. Hackers and miscreants gaining inside information about USSS protection plans put our leaders and dignitaries at serious risk as well.

Being unsure what it’s going to take to clean up their internal operations, the first step they need to take is shoring up their cyber-defensive posture. Hackers gaining access to “secret” information within their organisation makes us all more vulnerable. An intelligent hybrid security strategy combined with global cyber-threat intelligence, cloud defences, and on-premises defence will reduce their risk; while they take steps to implement good policies and procedures to defend themselves and our national interests.”

(99)