Comment on Government announcement of £17m fines for cyber breaches

AlixPartners comments on Government announcement of £17m fines for cyber breaches. Jon Rigby is Director of Cyber at AlixPartners, the global advisory firm.  He is a former Air Vice-Marshal whose last role was Director for Cyber, Intelligence and Information Integration at the MoD’s Joint Forces Command

Jon Rigby, Director of Cyber at AlixPartners says,


“This should be another wake-up call to UK businesses. Whilst larger corporates have the resources and expertise to mitigate the threat of a major data breach, senior executives must recognise that investment in cybersecurity is business critical, not simply a discretionary spend.   With GDPR implementation just months away, CEOs must be prepared to respond to a potential data-privacy breach, at a time when wider operating budgets are under pressure.

“The threats posed to an organisation’s reputation and balance sheet are very real.  Over the last 12 months we’ve seen greater understanding and engagement from Board executives around the issue of information security and data privacy.  This period ahead of GDPR implementation is an opportunity to broaden awareness to more of the senior team and for them to demonstrate strong top-down leadership around the issue of cybersecurity.

“Experience shows that strong security governance, controls and culture cannot be built overnight. If Firms have not taken strong steps already, they will be vulnerable for months or even years, and need to take interim measures, such as compromise assessments, response training or increased insurance to manage this risk in the interim.”



The evolving payments landscape: Increasing competitiveness and upcoming regulatory deadlines

By the Center for Financial Professionals  

In recent years the payments landscape has evolved and transformed, in the near future it seems likely to continue to do so. 2018 is being seen as a watershed year in terms of regulatory implementation deadlines across the financial services space and the payments industry is testament to this. With the implementation of SEPA instant payments officially set for November 2017, PSD2 for January 2018 and the GDPR for May 2018 there is no doubting that payment professionals face a barrage of deadlines and challenges over the coming year. Couple this with technological advances that are constantly reinventing payments and simplifying payment processes and the continuation of digital players and FinTechs entering an already competitive market, then it is no surprise that the next 12 months will be an important one for payment professionals across the financial industry. 

Due to the clear challenges, but also opportunities that payment experts face in the next year and beyond, The Center for Financial Professionals conducted extensive research with senior industry professionals to unearth the most pertinent areas facing an industry that is now worth £81 trillion in the UK alone. Many of these will be addressed at the upcoming Payments Forum 2018, taking place on February 27-28 in London ( This piece will assess three of the key areas that emerged from this research as upcoming focus areas for payment professionals from financial institutions. These include the overall payments landscape, SEPA instant payments implementation and the interaction between payment and data protection laws. 

What became apparent from the research is that the payments landscape is constantly evolving at a rapid pace. Payments is an area that is becoming increasingly competitive, with new digital and tech players entering the space with new innovative ideas and products. In fact, the payments space has received the largest investment as a category and is dominating the FinTech landscape, with new technologies reinventing payments, payment infrastructure and simplifying the end-to-end payment process. 

The appearance of FinTechs, challenger banks and tech giants has meant we have seen a move to a more digital landscape and a general push to develop mobile banking. There is likely to continue to be less and less interaction between banks and their customers as everything is done in a remote environment. Similarly, new apps and challenger banks such as Starling Bank, Atom Bank, Revolute and Curve are entering the market as competitive forces against banks, with new products that are easy to navigate. Banks will therefore have to continue to come up with innovative ideas to maintain the trust and loyalty from their customers and retain their customer base. How banks go about competing against these new players and the new tech giants such as Apple and Amazon will be an interesting development. This is particularly challenging for banks when the regulatory environment is considered. Many suggested that there is a need for more of a level playing field. Banks have an arbitrage of regulatory guidelines to adhere to and governing bodies that they need to go through before decisions can be made. Therefore, they struggle to be as agile as FinTech companies who do not necessarily need to meet these regulations and ultimately have a competitive advantage in the payments market. It is unsurprising therefore that in order to buck this trend, banks are moving to partnering with or purchasing these FinTech companies to combat the increased competition. Many banks and fintechs are beginning to find the mutual benefits of collaborating with each other in the payments space and it seems this trend may continue over the coming years. As a whole, the payments landscape has rapidly evolved and with new players consistently entering the market banks have to navigate this competitive environment. 

Whilst the payments landscape will no doubt continue to evolve over the coming years, over the next 12 months there are a number of regulatory initiatives within the payments industry that banks are understandably placing a large focus on. One such initiative is SEPA instant payments, which will be rolled out in November of this year. SEPA instant payments is the ability to make payments instantly, with transactions clearing in sub-10 seconds. Whilst instant payments are already in place in the UK and others European countries including Sweden and Denmark, November 2017 will theoretically be the first time there will be instant payments across the whole of the EU. However, there is still much for financial institutions to do and questions will arise as to the implementation uptake and initial teething problems. Brexit has thrown up a big question mark, as the UK have to negotiate a SEPA deal. With negotiations continuing into next year financial institutions will have to prepare knowing that only if the UK manages to negotiate a SEPA deal can the UK participate in SEPA instant payments cross border. Most UK and European banks have their SEPA operations in the UK, so if SEPA suddenly does not work out banks will have to migrate clients and accounts to mainland Europe, which is a potentially extensive undertaking with huge resource implications. An additional challenge for European banks in terms of SEPA instant payments implementation is having the infrastructure to operate in real time mode. Banks traditionally have legacy systems and payment engines that are batch or process driven. Therefore, moving into a new world where payments are processed in real time is a challenge for banks infrastructure to ensure systems are updated to operate in real time. In short, the industry is looking towards SEPA instant payments implementation with bated breath. 

Two other regulatory initiatives due for implementation and seen as key focus areas for payment professionals and those working within data protection over the coming months are PSD2 and the GDPR. With PSD2 and GDPR implementation set for January 13th and May 25th 2018 respectively, banks continue to ensure they are ready for technical and operational implementation. However, whilst PSD2 and the GDPR pose individual challenges for the teams working on them, one area that came out of the research was around the interaction between data privacy & protection laws and payment laws. How do teams ensure they work together on the two projects and how do banks ensure the siloed teams are integrated so that the two competing projects are working with each other? Both PSD2 and the GDPR are extensive projects that require a significant amount of time, banks need to ensure they are both managed and ‘completed’ effectively. For this to be the case there has to be effective communication and interaction between teams. Additionally, it has been suggested that there are various overlaps and conflicts between the payment laws and data privacy laws, which leave some unanswered questions. For instance, how do banks monitor customer consent and who does the liability fall on if something goes wrong? The current PSD2 allows customers to give consent to a third party and not tell the banks, therefore banks need to ensure they have enough information on what their clients have consented to so that they know what type of transaction they should be vigilant about or should be blocked. Banks can get fined up to 4% of global turnover in the simple event that they continue to give their clients’ data to a third party when the client has taken away consent without the bank knowing. So there are questions around customer consent. Therefore, the identification of obstacles in the interaction between data privacy & protection and payments laws and overcoming these obstacles is an area the industry will be focusing on over the next 12 months. 

In its entirety, there has been a rapid evolution in the payments landscape and with new players continuing to enter the market, the industry seems set for further competitive pressures. Coupled with the regulatory requirements imposed on banks over the next year, there is no doubting payment professionals will be kept busy in the near future. 

These are only a snapshot of some of the challenges within the payments industry. The findings of this research will be illustrated on February 27-28, 2018 at The Center for Financial Professionals Payments Forum in London. We invite you to join your peers for two days to discuss upcoming payment trends, technologies and regulatory requirements, including SEPA instant payments, PSD2 and the GDPR. 

The agenda can be viewed at: 

For further information, please get in touch with a member of the team on +44 (0) 207 164 6582 




Improve collaboration to overcome cyber-attack security issues, say transportation security leaders

One of the keys to averting cyber-attacks on critical US transportation infrastructure, such as 2016’s ransomware attack on San Francisco’s transit network, lies in industry-wide collaboration, according to security experts working for some of North America’s most well-known transit organisations.

Transport Security World canvassed the opinion of executives, all of whom agreed that working together could put the brakes on the sort of attacks that can bring transportation to its knees.

Among those contacted by Transport Security World include Stephen Covey, chief of police and chief security officer of Canadian National Railway, CN Railway, who said that the success or failure of keeping North America’s critical transportation infrastructure secure largely depended upon “the level of collaboration and shared responsibility of government, industry and the public. All three contributors,” maintained Covey, “are equally important and only by working together can they really make a difference.”

Concerning maritime security, David Espie, director of security at Maryland Port Administration in Baltimore, US, said “sound maritime security requires local, State and federal assets and cooperation to ensure a strong landside and waterside security defense mechanism.” Echoing this point, Bob Gauvin, director of counter piracy policy office of commercial vessel compliance at the United States Coast Guard, said: “Layered security and coordinated governance in the maritime domain allows for the most effective abilities of states to work in alliance against ever-changing maritime threats.”

With the rapid digitisation of the industry, what is clear is that security shouldn’t just be a priority for CISO’s – it should also be on the minds of all heads of departments. Deborah Wheeler, chief information security officer at Delta Airlines, was clear over her employer’s priorities. “Working across Delta as we face the challenges of a highly connected airline and highly connected customers. It’s bigger than one team,” she told Transport Security World.

In addition to aiding collaboration between the transportation industry and government, company and customer and internal departments, Transport Security World are also trying to foster partnerships between different transportation verticals. That’s why they’re organising Transport Security and Safety Expo Washington D.C. this summer.

Taking place June 11-12, in the US capital the event will bring together under one roof security and safety professionals across aviation, maritime, rail, highway, haulage and industry suppliers to share best practice and improve the overall standard of security across the board. It’s a packed agenda and will offer the invaluable opportunity to hear from, and meet, some of the big players in the transportation industry. For more information about the show, visit the Transport Security and Safety Expo website.



Cyberbit to Demonstrate an Integrated IT/OT/IoT Detection and Response Solution at Cybertech 2018

Cyberbit Ltd., a provider of cybersecurity simulation and IT/OT detection and response platforms is participating in Cybertech 2018  conference and exhibition, 29-31 January, in Tel Aviv.

With the attack surface expanding across IT OT and IoT networks, alerts volumes growing, and cybersecurity skill staff more limited than ever, security organizations are challenged with multiple solutions addressing niche challenges. However, attackers now traverse from IT to OT and IoT networks to penetrate into critical systems. During Cybertech 2018, Cyberbit will demonstrate, for the first time an integrated solution which addresses the entire attack surface including IT to OT attacks. This solution combines several best-of-breed technologies which are also available as standalone products:

SOC 3D: Incident Response Automation, Orchestration and is a single pane of glass for automating and orchestrating the security operations center (SOC), powered by big-data. SOC 3D addresses the growing volume of alerts and the cyber security skill shortage by accelerating incident response and automating manual work.


SCADAShield: ICS/SCADA Security for Operational Technology (OT) Networks is the world leading OT security platform chosen by sensitive, critical infrastructure organizations to protect ICS/SCADA networks, electric grids, transportation networks, manufacturing lines, smart buildings and data centers. SCADAShield provides unprecedented OT asset discovery and visibility, detects known OT threats, unknown OT threats and anomalies, as well as deviations from operational restrictions, by using 7-layer deep packet inspection (DPI).


Cyberbit EDR: Endpoint Detection and Response is a behavioral analysis platform for detecting stealthy threats that evade conventional endpoint security systems. Cyberbit EDR uses behavioral analysis to detect unknown, signature-less and IoC-less threats without depending on external sources, IoCs, threat intelligence or connectivity.

Cyberbit Range: Hyper-Realistic Training and Simulation: is a “flight simulator” for information security professionals that enables organizations to establish and manage a hands-on training center, proven to increase the incident response teams’ performance. The Range uses hyper-realistic simulated training disciplines similar to those of combat flight simulation. It is used by service providers, universities, enterprises, governments and military organizations to train and certify cybersecurity professionals. Cyberbit is the leading provider of Cyber Range simulation platforms, with 11 new training facilities announced in the last 6 months.



Mind the GDPR gap: Board members at odds with management on level of GDPR compliance

New research by data security company Clearswift has shown that board members are more confident than management about their organisation’s ability to comply with the General Data Protection Regulation (GDPR), in time for the May 25th deadline.

The research, which surveyed 600 senior business decision makers and 1,200 employees across the UK, US, Germany and Australia, revealed that 41% of board level respondents think they have all of the necessary processes in place to be GDPR compliant, yet, only a quarter of senior management and even fewer middle management respondents (21%) thought the same.

It is important that the board understands the true state of GDPR compliance in order to address any issues in time for the May 25th deadline, and also to identify ways of growing their business through better information governance.

When it came to the right to be forgotten (RTBF), which entitles EU citizens to request that an organisation deletes all references to them that it holds, over half (56%) of board level respondents think that their organisation could handle hundreds of requests at once. Yet, only a third (36%) of middle management agree.

Not only did the research show a differing opinion between the board and management level respondents, but it also revealed insights into the extent of data duplication that exists within organisations. For example, 49% of board level respondents, and 31% of middle management, thought their organisation definitely duplicated customer data.

Two thirds (66%) of board level respondents and 70% of senior management thought employees in their organisation have downloaded work documents to their personal devices (such as a laptop, smartphone or tablet) that they have not subsequently deleted (unintentionally or otherwise).

Dr Guy Bunker, SVP Products at Clearswift, said: “Board level respondents may have a misplaced confidence when it comes to their organisation’s level of GDPR compliance. However, once a board becomes aware that its confidence may be misplaced, then it is immediately one-step closer to compliance. By engaging closely with management, the board will have a much clearer and more accurate view of the state of compliance, and will be able to put measures in place to address any issues.”

“Middle management is more likely to have a better view of the data that their organisation holds – where it is saved and how it is being used – because they are more familiar with the day-to-day operations and challenges that staff may encounter. For example, if a company doesn’t have its own private file sharing service, then this may drive employees to use third party sites or download data onto a USB. Management should be encouraged by the board not to filter out ‘bad’ information. For example, if data duplication is rife then the board needs to know so it can address the issue in time for the GDPR deadline.”

Bunker added, “GDPR can be the first step towards better information governance: GDPR compliance is about being able to recognise a particular data set and protect it accordingly. The same processes and technology can be used to protect other types of information that are valuable to your organisation. For example, product design documents, price lists, patent applications and even information around service pricing and contract bids.”

Clearswift has published a whitepaper, The GDPR Divide: Board Views vs Middle-Management, which is available for download here:



Why Auditing and Reporting are Vital to Cloud-Based Systems

Without a doubt, cloud storage empowers enterprises by allowing them to increase the speed, convenience and productivity they need in order to rapidly advance in today’s competitive business world. But, in the process of switching to a cloud vendor, an enterprise also relinquishes full control of its data sets, both its own and that of its customers. This poses enormous challenges for modern enterprises in terms of cyber security, confidentiality and regulatory compliance, as the loss of sensitive data can be disastrous for a company’s financial stability, brand reputation and business continuity.

“The shift to cloud computing has essentially extended the boundaries of the traditional computer processing environment to include multiple service providers,” Deloitte & Touche LLP director, Khalid Wasti, says. “This brings a complex set of risks to an organization’s data as it travels through the cloud.” Rather than an entire IT infrastructure being managed in-house, which is easier to secure, data is now being passed back and forth via multiple high-demand networks.

Fortunately, it does not have to be a case of choosing one or the other, between traditional and secure data storage or rapid, potentially insecure cloud systems. You can enjoy the economies of scale, flexibility and efficiency offered by the cloud and manage the threat landscape in order to secure your data effectively. The key to this is auditing and reporting. You need to know exactly where your data resides and whether it is fully compliant with your industry’s laws and regulations. An audit is typically a review of a third party vendor’s policies, procedures and technical solutions to ensure that it is currently protected and will continue to be secure in the future.

Even though a vendor may be storing your data, you are still the data controller and need to cover the technical, policy and usage aspects of all data handling to maximise security and meet compliance. This is covered in the UK Data Protection Act, a legal requirement for all enterprises. Auditing and reporting feed into this as it will allow you to monitor the security and compliance of your data solutions in real time and on an ongoing basis. This should not be a singular process, but something that improves and evolves over time.

An internal audit should cover aspects such as infrastructure security, identity and access management, in addition to data management. Data loss is just one of many cloud security threats capable of causing disasters and long-lasting damage. These threats include denial of service, insecure interfaces and APIs, and account hijacking. As a data controller, you need to verify whether security patches are rolled out in a quick and timely manner, consider how authorisation and access models will integrate with new cloud systems, and whether the complexity of cloud data storage may compromise data retention. You may also want to talk with a cloud provider about the ability to perform penetration tests on systems where your data resides.

Cloud vendors are now building security auditing and reporting into their products to help businesses to secure data and navigate the threat landscape on a daily basis. Microsoft can work with you to employ an effective risk management model. The vendor ensures the cloud service they provide meets the security, privacy and compliance that dovetails with your business goals and objectives, while also offering access to the tools, controls and advice so that you can configure and implement a robust security system which is tailored to your specific needs.

Microsoft Dynamics 365 provides extensive online auditing functionality with a centralised log and other invaluable reporting features. Dynamics 365 uses role-based, record-based and field-level security to help you define a robust and detailed system for determining who has access to your company’s data. The ERP product not only ensures that each user only has access to the information they need for their roles, reducing the risk of insider threats, but also supports data sharing for collaboration so that employees can still work together for the benefit of your business. This model combines all the benefits that a cloud system can offer, with a laser-like focus on cyber security and precise attention to detail. Dynamics 365 also has audit logs to increase transparency by providing a complete overview of every interaction with your data sets. It allows you to see who accessed the system and when, what they updated and whether they deleted any records. This information can all be used to inform your auditing security compliance and reporting processes.

The cloud is transforming nearly every facet of modern business, and you can embrace all of its benefits while creating a culture centred around security with extensive auditing and reporting activities. In a world linked by the cloud, it’s finally possible to stay connected while still staying secure.






Cyber Vulnerability tool launched to protect UK businesses

A unique digital self-assessment tool has been launched to help businesses better understand and manage their susceptibility to cyberattacks.

Developed by national audit, tax and advisory firm Crowe Clark Whitehill, in collaboration with the Centre for Counter Fraud Studies at University of Portsmouth, the free-to-use Cyber Vulnerability Scorecard allows businesses of all sizes to complete an online questionnaire and receive a bespoke risk report, identifying weaknesses in their systems and offering pre-emptive solutions.

Cybercrime and fraud are among the nation’s most common criminal offences, with new threats to businesses emerging and evolving all the time. Where they do occur, breaches can be exceptionally costly, not only in terms of the financial impact, but also in terms of reputation, where sensitive data is concerned. In many cases, losses from fraud have been irrecoverable, putting organisations at serious risk of bankruptcy.

The Cyber Vulnerability Scorecard consists of 23 self-assessment questions and can be accessed via:

Jim Gee, Partner and Head of Forensic, Cyber and Counter Fraud Services at Crowe Clark Whitehill LLP comments:

“Fraud and cybercrime can and does affect businesses of all sizes. Indeed, one of the most common mistakes that business owners make is believing that they are not of a significant enough size to be attractive to cyber criminals. But it is often the case that smaller enterprises are at greater risk of being targeted, especially where their systems might not be as secure as they could be.

“Cyber criminals target businesses to steal and extort money and also to steal personal and financial information about employees, clients and suppliers. An organisation’s vulnerability to cybercrime depends on its attractiveness to cyber criminals, potential damage a breach would cause, and its level of cyber security and resilience. A business that understands its cyber vulnerabilities is better equipped to protect itself.”



Cyber firm brings industry national attention

C3IA Solutions, the cyber-security company, featured on Sky News talking about its Technical Surveillance Counter-Measures (TSCM) capability.

Matt Horan, security director of the business that is headquartered in Poole, Dorset, believes publicising the industry is crucial in the fight against cyber-crime.

The Sky team was following up an article in the Times in which C3IA Solutions spoke about the increasing demand for its TSCM work – known in the vernacular as ‘bug-sweeping’.

Filmed just before Christmas, the item demonstrated how a job of this nature is carried out.

Matt Horan said: “When the National Cyber Security Centre (NCSC) became an open and transparent body we made a decision to assist by publicising the sector.

“While TSCM work is a small part of the business the information in the Times and on Sky News will hopefully have altered people to the dangers and risks that are always present in the cyber sphere.

“We filmed for a few hours and while the specifics of a job were not relayed in huge detail due to filming practicalities and the need for our own security, it certainly gave a flavour of what we do.

“We are doing more TSCM work for businesses, organisations both in the public and private area, as well as for high net worth individuals.

“Listening devices are of such good quality, so cheap, small and easy to hide that gaining intelligence on a competitor, business rival or even a spouse has never been easier.

“I was interviewed about the types of devices that we find and more generally about the business.

“James Moos, our Technical Security Group lead, was also interviewed and gave an overview of how we approach a TSCM job.

“And Gaz Watkins, who was trained by the Foreign and Commonwealth Office in this area of detection, explained the detail of how a sweep takes place.

“From the feedback I’ve received, the item that ran throughout the day really did help alert people to dangers they had previously dismissed or were unaware of.

“Obviously the Cyber Essentials certification and General Data Protection Regulation are things that businesses are now dealing with so they are becoming aware of the need for cyber security.

“But the more we can do to highlight risks – from phishing scams to state-sponsored attacks – the better for everyone.”

To view the Sky report watch here



Cyber Security Challenge UK appoints new CEO to expand and diversify its offering

Cyber Security Challenge UK announces the appointment of a new Chief Executive, Colin Lobley, who joins the team from DXC Technology’s (formerly Hewlett Packard Enterprise), Security Services division where he was general manager, UK, Ireland, Middle East.

Colin brings with him expertise in working with both public and private sector organisations. He spent several years working in the civil service, taking up various roles within the defence research and technology and national resilience programmes developing key skills in innovation and strategy, before entering the world of commercial security and defence a decade ago.

About the cyber security industry, Mr Lobley said: “In short, cyber security is a very exciting, fast moving market, full of opportunities and risks. I fully believe that the UK cyber industry can go from strength to strength to become ever more prominent on the world stage. But to achieve this, it is essential that we nurture new talent, so we can meet the evolving market demands.”

As well as DXC/HPE, Colin’s CV includes roles at Defence Strategy & Solutions, Templar Executives and Manigent (now Ascendore). He also has a proven track record of overseeing organisational growth; a key requirement for the future evolution of Cyber Security Challenge UK.

About his appointment, Mr Lobley said: “There are lots of exciting possibilities to diversify and expand this national initiative, so we can enhance the positive impact we have on the UK’s cyber resilience. It would be fantastic if we could achieve such a utopian vision as having eradicated all security weaknesses in the cyber world… but realistically, if I go home every day knowing I have done something, directly or indirectly, to encourage people into the field of cyber, to enhance the knowledge of those in or entering the field, or to educate someone about cyber security and start to close those gaps; I’ll be happy. That’s exactly why I am delighted to be joining the fantastic, passionate team at Cyber Security Challenge UK; helping to make a real difference and building upon the wonderful efforts of the late Stephanie Daman.”

Colin came through a robust selection process that saw over 70 candidates apply for the unique job role and very strong competition in the final-stage interviews.

Dr Robert Nowill, Chairman of Cyber Security Challenge UK said: “We were looking for someone who can provide inspirational leadership, and who can work enthusiastically with key Government and industry stakeholders; driving the development of The Challenge’s sponsorship programme and seeking new opportunities for growth within the organisation. With his background, Colin fits the role very well as we forge the way ahead for our organisation; developing our offering further whilst scaling up what we do to seek out as much new talent and staying as inclusive as possible. The Board and I also are extremely grateful for the work Nigel Harrison has done as Acting CEO for much of last year. We are pleased that Nigel continues as an Executive Director of The Challenge to help drive this exciting future”

With a 40% increase in staff numbers in the past year, a new team dedicated to outreach and communications and a place within the consortium delivering the UK Government’s new Cyber Discovery schools programme, Cyber Security Challenge UK is set to keep on growing with the new CEO at the heart of its development.



ICO fines Carphone Warehouse – PhishMe comments

The ICO has confirmed that it has fined Carphone Warehouse £400,000 for its data breach in 2015 that compromised the personal details of more than 3 million customers and 1,000 employees.  Information at risk included names, addresses, phone numbers, dates of birth, historical payment card details and car registrations.  The breach occurred after one of the company’s computer systems was compromised and the investigation also found that Carphone Warehouse’s technical security measures were inadequate; with software out of data and routine security testing not happening.

Aaron Higbee, CTO and co-founder of PhishMe offers the following comment on why this proves that cyber security requires more than plug-and-play technology:

“By issuing one of the largest fines for a data breach, the ICO has maintained its strong stance against companies failing to take security seriously.  While, in this case, there were basic technical security measures overlooked, it goes to show how important it is to secure an organisation from multiple angles. We know no singular technology solution can guarantee data breach prevention, which reinforces why technology alone isn’t enough to defend against today’s top threats. It’s time to improve our human focused defences, alongside optimising our technology stacks, in order to stay ahead of evolving attacks and improve defence postures.

“With the right tools and training, a company’s employees should be able to identify and report potentially suspicious activity on a company’s network and can, in fact, become a strong line of defence. By encouraging employees to regularly report emails, for example, susceptibility rates to phishing emails drop significantly, while increasing speeds on incident response efforts. Too often firms look at their employees as the weakest link, however when conditioned and empowered effectively, they’re transformed into one of the enterprise’s strongest defence.  After all, as was the case with Carphone Warehouse, it is often the staff that bear the brunt of breach.”