For Security & Protection Specialists
Luckily when you make the pickup, you confirm with them. They’re surprised at the request as they don’t recall calling, and so you don’t make the route change.
Later investigation reveals that the call was made from a spoofed phone, using a real-time generated video and audio stream of the principal mapped to the live movements of some unknown adversary.
Technical debt is what you are adding to every time you choose an easy or quick solution now, rather than looking at longer-term strategies. It is the technical expression of ‘failing to plan is planning to fail.’ And it has consequences.
From microblogs to what Google and Amazon says, China knows full well that unlimited, unaccountable and unsubstantiated news reports on the nation is simply not in its best interests, or pointedly its cultural interest! That may also mean news reports that are factually correct.
Whether you’re a seasoned cybersecurity professional or are looking to transition into the industry, it’s hard to know how to grab the attention of hiring managers and ultimately improve your chances of making it to the next stage.
Here are eight top tips from Renana Friedlich-Barsky, Director and Global Head of Cybersecurity Operations at PayPal, a proven leader in this space who’s reviewed more than her fair share of applications over the years.
Especially while many people are still remote, technology has become more and more central to people’s lives, and we are talking about ways that things will or will not return to normal. As we hear about more and more cyber security incidents, each supposedly carried out by ‘sophisticated threat actors with unprecedented capabilities’, it’s time to talk about the mystique of cyber security and the problem it has with public perception.
Planning and considerations to take into account when putting together a quote for providing TSCM services. The ability to accurately quote for a TSCM inspection has many permutations, and each TSCM provider has its own formula for quoting. This article looks at the main criteria you need to take into consideration.
All the techniques of steganography share one core concept, trying to hide a message. When children draw stick figures as secret messages to each other, they are practicing steganography. Modern steganography is usually a lot more malicious. It is used in malware command and control and the exchange of illicit information and material. If you do not know where to look it is frighteningly hard to detect.
Maybe you’re a close protection officer, trying to arrange a safe route through a dangerous location, or a surveillance specialist trying to communicate with others in your team.
Perhaps you just don’t trust the local government. Whatever the situation, it’ll almost certainly be easier to focus on the task at hand if you aren’t worrying about whether your messages were possibly subject to being intercepted.
In this article, I’ll take a look at artificial intelligence, particularly the machine learning area, a basic overview of how it works, and the dangers of over-reliance on an algorithmic approach to analysis.
In the world of protective services, we are often charged with the responsibility of having to manage and reconcile between safety and access for our protectees.
As business owners, employees, independent contractors or just private citizens we too are challenged with the dichotomy of managing our personal and professional lives on social media.
The report showed a growing awareness amongst CSOs about the increasing importance of cyber security, with 54% describing it as a ‘strategic priority.’ But a lack of available talent is preventing many businesses from implementing their cyber security strategies.
It often comes as a surprise just how much is available, and the nefarious uses it can be put to. OSINT can be applied towards defensive purposes, but we will be looking only at malicious purposes. One of the biggest challenges of OSINT is not merely recognising it as a threat, but encouraging the behavioural change needed to protect against it widely enough. It is not enough simply for a principal to stop posting Instagram pictures of their travels in order to hide them – their colleagues, friends, family, and employees also need to be aware of the need to take care with information which could be misused.
Signal uses phone numbers to identify contacts, however encrypted messages and calls use a data connection with a secure tunnel between participants. Intervening servers or infrastructure do not have access to the encryption keys, and so cannot realistically eavesdrop on any communications even if compromised. On Android Signal can be set up to replace your default text message client, and will handle unencrypted SMS messages as well.
Connecting your device to the World Wide Web isn’t an issue when you’re at your place. It’s relatively safe, simple to do, and free of crowded traffic. When you leave the safety of your home to a public area, the story changes. When you connect to public Wi-Fi in different places, making certain you can still connect with people, read online news, and work remotely, are you aware of the risks?
The number of active cybersecurity firms in the UK has increased 44% – up from 846 in 2017 to over 1,200 at year-end 2019. This growth is the equivalent to a new cybersecurity business being set up in the UK every week
The hacking of Mr. Bezos is particularly sensitive because of his ownership of The Washington Post, which had published coverage critical of the kingdom and had retained Jamal Khashoggi
Welcome to a third article in the series looking at introductions to cyber security. We’ll be looking at a type of attack which most people will be familiar with in principle, if not in technical practice.
The basic idea is simple – an attacker sits between two trusting parties, intercepting their communication and impersonating each to the other. Obviously this is somewhat harder in practice where people are, for example, sitting in a room together, but even a phone call gives potential for an eavesdropper or impersonator.
We’ll be looking at a collection of tactics used by attackers to bypass security technology by targeting the weakest link – the human in the chain.
Social engineering is really just an overly technical term for knowing how to persuade people to do something against their best interests or against their better judgment.
The best protection against such SIM swapping methods is simple. Buy a dual SIM phone with a second pay-as-you-go number on a separate provider, which is used only for these authentication purposes. Since nothing is tying the number directly to you, it becomes much more challenging for an attacker to carry out a SIM swap.
When the Data Protection Act 1998 was implemented nearly two decades ago, fewer than 10% of UK households had internet access. The technological world has moved on at an exponential pace since then, and a new law was required to reflect and address the current and foreseeable trends in technology and the use and misuse of personal data by organisations. Massive data breaches seem to be in the news every day now – and it was clear that the security of personal data was not being given a high enough priority.
The attack cycle is evolving, and as protectors, we must evolve too. The “Iron Box” is outdated, and we need advanced surveillance and countersurveillance strategies to stay ahead. Learn how to identify and exploit surveillance vulnerabilities to protect your high-profile clients effectively. Get Issue 68 and equip yourself with the latest knowledge to anticipate and counter sophisticated threats and elevate your protection game!
