1
Security and privacy have been in the media a lot recently, be it exposés of national intelligence agencies intruding on privacy and undermining security, vulnerabilities in critical software, compromises of companies that we trusted with our data, or emerging technologies that may bring new risks. Panopticon Although not all communications activity around the globe can be monitored at all times, certain nation states still capture wholesale communications data without probable cause, to trawl and analyse, as well as undermine encryption and other legitimate technologies that may provide security and privacy. Bugs on the loose Vulnerabilities may exist in software for years before being publicly discovered. Be it Heartbleed, OpenSSL or a new vulnerability that causes the proverbial sky to fall, flaws are unavoidable; although we may try our best to engineer out, test or mitigate them. A person who never made a mistake never tried anything new. Data exposed Data breaches rarely exploit unknown, or 0-day, vulnerabilities. Companies need to remain vigilant, ensuring systems are configured and codes correctly tested and patched regularly. eBay suered one of the largest data losses this year and, worldwide, the average number of records exposed per incident is on the rise. INFORMATION SECURITY Internet of things From fridges that can connect to the internet, to light bulbs with Wi-Fi, the internet of things (IoT) oers us the dream, or nightmare, of our homes, bodies and places of work being always connected, measured and responsive. BCS has established an IoT Community of Expertise to look at IoT implications. www.bcs.org/security Gareth Niblett, Chairman of the BCS Information Security Specialist Group, says there will always be errors - it’s how you deal with them. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION WHAT’S doi:10.1093/itnow/bwu071 ©2014 The British Computer Society Image: iStock/493204407 28 ITNOW September 2014 GOING ON?

BCS ITNow 201409 - What's Going On

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201409 - What's Going On

Security and privacy have been in the media a lot recently, be it exposés of national intelligence agencies intruding on privacy and undermining security, vulnerabilities in critical software, compromises of companies that we trusted with our data, or emerging technologies that may bring new risks.

PanopticonAlthough not all communications activity around the globe can be monitored at all times, certain nation states still capture wholesale communications data without

probable cause, to trawl and analyse, as well as undermine encryption and other legitimate technologies that may provide security and privacy.

Bugs on the looseVulnerabilities may exist in software for years before being publicly discovered. Be it Heartbleed, OpenSSL or a new vulnerability that causes the proverbial sky to fall, flaws are unavoidable; although we may try our best to engineer out, test or mitigate them. A person who never made a mistake never tried anything new.

Data exposedData breaches rarely exploit unknown, or 0-day, vulnerabilities.

Companies need to remain vigilant, ensuring systems are configured and codes correctly tested and patched regularly. eBay suffered one of the largest data losses this year and, worldwide, the average number of records exposed per incident is on the rise.

INFORMATION SECURITY

Internet of thingsFrom fridges that can connect to the internet, to light bulbs with Wi-Fi, the internet of things (IoT) offers us the dream, or nightmare, of our homes, bodies and places of work being always connected, measured and responsive. BCS has established an IoT Community of Expertise to look at IoT implications.

www.bcs.org/security

Gareth Niblett, Chairman of the BCS Information Security Specialist Group, says there will always be errors - it’s how you deal with them.

Information Security Specialist Group (ISSG):www.bcs-issg.org.uk

Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma

BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity

FURTHER INFORMATION

WHAT’S

doi:1

0.10

93/i

tnow

/bw

u071

©20

14 T

he B

ritis

h Co

mpu

ter

Soci

ety

Imag

e: iS

tock

/493

2044

07

28 ITNOW September 2014

GOING ON?

Where is your career going?Map it out with our free personal

development plan

BCS, The Chartered Institute for IT, First Floor Block D North Star House North Star Avenue Swindon SN2 1FAT +44 (0) 1793 417 424 Online enquiries www.bcs.org/contact www.bcs.org

© The British Computer Society (Registered charity no. 292786) 2014

If you require this document in accessible format please call +44 (0) 1793 417 600

pdp.bcs.org

Where is your career going_A4_1.0.indd 1 06/08/2014 16:58