Connecting your device to the World Wide Web isn’t an issue when you’re at your place. It’s relatively safe, simple to do, and free of crowded traffic. When you leave the safety of your home to a public area, the story changes. When you connect to public Wi-Fi in different places, making certain you can still connect with people, read online news, and work remotely, are you aware of the risks?
The Man in the Middle – Intro to Cybersecurity
Welcome to a third article in the series looking at introductions to cyber security. We’ll be looking at a type of attack which most people will be familiar with in principle, if not in technical practice.
The basic idea is simple – an attacker sits between two trusting parties, intercepting their communication and impersonating each to the other. Obviously this is somewhat harder in practice where people are, for example, sitting in a room together, but even a phone call gives potential for an eavesdropper or impersonator.
Social Engineering and Cybersecurity
We’ll be looking at a collection of tactics used by attackers to bypass security technology by targeting the weakest link – the human in the chain.
Social engineering is really just an overly technical term for knowing how to persuade people to do something against their best interests or against their better judgment.
Preparing for the General Data Protection
When the Data Protection Act 1998 was implemented nearly two decades ago, fewer than 10% of UK households had internet access. The technological world has moved on at an exponential pace since then, and a new law was required to reflect and address the current and foreseeable trends in technology and the use and misuse of personal data by organisations. Massive data breaches seem to be in the news every day now – and it was clear that the security of personal data was not being given a high enough priority.
Intelligence 2.0
Although the underlying principle of understanding ‘capability and intention’ and the objective of ‘forewarned is forearmed’ have not dramatically altered overtime, the sheer scale of intelligence available in the Open Source environment means that the greatest risk today is information overload rather than information scarcity.
It is in this context that in order to acquire and analyse asymmetric and potentially outcome-defining intelligence, analysts are required to think more laterally than ever and be able to draw both strategic and tactical conclusions from intelligence which may be independent and accurate as much as it may be deliberately misleading or presented through an emotional prism. SOCial Media INTelligence (SOCMINT) is one such instance of lateral thinking. FINancial INTelligence is another.
Introduction to Cybersecurity
Cybersecurity is often seen as a niche area which requires a lot of specialist knowledge to apply. This is partly true – in order to configure a web application firewall someone needs to understand how to work with the technology at a very low level. What is often missed, as the technologists take over, is that cyber is still security and the same fundamental principles apply to designing and building effective protections.
