Possible Decrease in Lost Devices by UK Government Departments

Whilst discussions of information security tend to focus on high-tech cyber attacks; the reality is that many data breaches are down to human error. Generally the biggest single cause of data breaches reported to the Information Commissioner’s Office is simply people sending information to the wrong people. Loss or theft of devices is another significant […]

Why is the Databarracks Data Health Check Interesting?

Databarracks have just published their 2021 Data Health Check.  You may think “So what?” – we are constantly bombarded with surveys on different aspects of information security management.  I would argue that the Data Health Check is interesting for two reasons: It is explicitly UK focused; and The survey has been carried out every year […]

Kaseya Ransomware Attack – Is this the new Face of Cyber Attacks?

There has been extensive coverage over the weekend of the massive ransomware attack, that began at the US-based IT firm Kaseya.  The attackers managed to infect a software update for Kaseya’s VSA product that went out to customers on Friday with REvil ransomware.  This not only affected these firms, but also their customers.  One of […]

BCAW Day 4 – Colonial Pipeline Confirms Ransom Payment

In a very rare move, the CEO of Colonial Pipeline has confirmed that the company paid a $4.4m ransom to the criminal gang who targeted the company.  Whilst survey data suggests that many companies do pay ransoms, it is almost unprecedented for a business leader to be so candid about the issue.  Acknowledging that is […]

Business Continuity Awareness Week – Day 1

As ever, it has been a busy start to Business Continuity Awareness Week (BCAW) 2021… Over the weekend, Santander in the UK suffered major technical issues affecting branch, telephone, online, app and card services.  Sadly, according to figures compiled by the Financial Conduct Authority, this seems to be part of an ongoing problem, with Santander […]

Ransomware Attack on Irish Health Service and Update on Colonial Pipeline

In a chilling reminder of the Wannacry attack that hit the UK NHS in 2017; the Irish Health Service (HSE) is today dealing with a major ransomware attack .  The Health Service Executive has announced that it has closed down its IT systems in order assess the situation and to prevent any further damage. It […]

Will Ransomware Attack Lead to Fuel Shortages in the US?

Concerns are growing about the impact of a ransomware attack on one of the major oil pipeline networks in the US.  The Colonial Pipeline, which carries 100 million gallons of refined oil products a day from Houston as far North as New York, has been closed since Friday following a ransomware attack. Emergency legislation has […]

Will the Number of GDPR Fines Keep Rising?

The GDPR Enforcement Tracker website shows a dramatic increase in the number of fines being issued for data breaches in recent months.  Across Europe only 75 fines were levied in the first two years after GDPR came into force, or about 3 fines per month.  However, in the last 9 months a further 72 fines […]

How Bad is the Serco Ransomware Attack?

Nearly a week on from Sky News breaking the story that Serco had been the victim of a ransomware attack, details of the incident are still very sketchy.  From a UK perspective, we are being reassured that the attack has only affected systems on mainland Europe; so that the NHS Test and Trace programme is […]

How Long Will SEPA be Disrupted by Ransomware Attack?

More details have emerged in the last couple of weeks of the significant impact of the ransomware attack on the Scottish Environment Protection Agency (SEPA) that began on Xmas Eve.  Nearly 4 weeks on, it has emerged that the email system is still down and that emails submitted since the attack began cannot be accessed.  […]