Things I Hearted this Week, 13th July 2018

July 13, 2018 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

AT&T To Acquire Alienault

I've covered and speculated, and even advised on security M&A over the years, but it's the first time I've been working in a technology company that has been acquired. It's exciting times, and glad to be part of the journey.

In other M&A news, 

Cybersecurity - Why You're Doing It All Wrong

A thought-provoking opinion piece by Ed Tuckeron why a lot of security controls in companies don't work. There are some broad generalisations - but it's worth it.

"For too long, security teams have lived the lie that what they have delivered has been effective, but so often they approach it from a viewpoint divorced from the customers they affect. To be fair to most security teams, they are generally blissfully unaware of the inefficiencies of their controls – or ignorant."

Timehop Shows How Incident Response Is Done

On July 4th Timehop announced a breach. A breach itself isn't really big news these days - often it's just the cost of doing business online.

However, the response from Timehop has been nothing short of stellar! It has published perhaps one of the most detailed updates on the incident I've ever seen - that includes internal breach notifications. They've also provided a technical timeline and even broken down the total number of records and which ones of them are under GDPR.

The company may have shown us all how seriously they take security, not in the fact that they got breached, but in the manner with which they have responded. 

Seriously, I think every company should look at their internal processes and ask, if they were breached today, could they produce something similar within a week? 

Facebook Fined £500K Ffrom UK Data Watchdog

These were some of the findings of the UK's Information Commissioner's Office – the nation's privacy watchdog – which this morning issued a set of reports detailing the progress made on its 18-month investigation into data analytics and political campaigning in the country.

Although the headlines have focused on the fact the regulator is poised to slap a £500,000 fine on Facebook (the most it can dish out, since the Cambridge Analytica scandal happened before GDPR), there's plenty more dirt to dig.

UK Implements EU Cybersecurity Rules

The UK recently adopted the EU Cybersecurity Directive into UK law, called the Network and Information Systems Regulations 2018 (the NIS regime), which are now in force and can be found here.

Physcial Attacks For Cryptocoin

23 physical attacks targeted against crypto currency owners catalogued so far. It looks like a worrying trend that is on the rise. 

Fitness App Polar Exposed Locations Of Spies And Military Personnel

A popular fitness app that tracks the activity data on millions of users has inadvertently revealed the locations of personnel working at military bases and intelligence services.
The app, Polar Flow, built by its eponymous company Polar, a Finnish-based fitness tracking giant with offices in New York, allowed anyone to access a user's fitness activities over several years -- simply by modifying the browser's web address.

Randomness

A few other stories I enjoyed reading recently.

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL