1
Security and privacy have been in the media a lot recently, be it exposés of national intelligence agencies intruding on privacy and undermining security, vulnerabilities in critical software, compromises of companies that we trusted with our data, or emerging technologies that may bring new risks. Panopticon Although not all communications activity around the globe can be monitored at all times, certain nation states still capture wholesale communications data without probable cause, to trawl and analyse, as well as undermine encryption and other legitimate technologies that may provide security and privacy. Bugs on the loose Vulnerabilities may exist in software for years before being publicly discovered. Be it Heartbleed, OpenSSL or a new vulnerability that causes the proverbial sky to fall, flaws are unavoidable; although we may try our best to engineer out, test or mitigate them. A person who never made a mistake never tried anything new. Data exposed Data breaches rarely exploit unknown, or 0-day, vulnerabilities. Companies need to remain vigilant, ensuring systems are configured and codes correctly tested and patched regularly. eBay suered one of the largest data losses this year and, worldwide, the average number of records exposed per incident is on the rise. INFORMATION SECURITY Internet of things From fridges that can connect to the internet, to light bulbs with Wi-Fi, the internet of things (IoT) oers us the dream, or nightmare, of our homes, bodies and places of work being always connected, measured and responsive. BCS has established an IoT Community of Expertise to look at IoT implications. www.bcs.org/security Gareth Niblett, Chairman of the BCS Information Security Specialist Group, says there will always be errors - it’s how you deal with them. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION WHAT’S doi:10.1093/itnow/bwu071 ©2014 The British Computer Society Image: iStock/493204407 28 ITNOW September 2014 GOING ON?

BCS ITNow 201409 - What's Going On

Embed Size (px)

Citation preview

Page 1: BCS ITNow 201409 - What's Going On

Security and privacy have been in the media a lot recently, be it exposés of national intelligence agencies intruding on privacy and undermining security, vulnerabilities in critical software, compromises of companies that we trusted with our data, or emerging technologies that may bring new risks.

PanopticonAlthough not all communications activity around the globe can be monitored at all times, certain nation states still capture wholesale communications data without

probable cause, to trawl and analyse, as well as undermine encryption and other legitimate technologies that may provide security and privacy.

Bugs on the looseVulnerabilities may exist in software for years before being publicly discovered. Be it Heartbleed, OpenSSL or a new vulnerability that causes the proverbial sky to fall, flaws are unavoidable; although we may try our best to engineer out, test or mitigate them. A person who never made a mistake never tried anything new.

Data exposedData breaches rarely exploit unknown, or 0-day, vulnerabilities.

Companies need to remain vigilant, ensuring systems are configured and codes correctly tested and patched regularly. eBay suffered one of the largest data losses this year and, worldwide, the average number of records exposed per incident is on the rise.

INFORMATION SECURITY

Internet of thingsFrom fridges that can connect to the internet, to light bulbs with Wi-Fi, the internet of things (IoT) offers us the dream, or nightmare, of our homes, bodies and places of work being always connected, measured and responsive. BCS has established an IoT Community of Expertise to look at IoT implications.

www.bcs.org/security

Gareth Niblett, Chairman of the BCS Information Security Specialist Group, says there will always be errors - it’s how you deal with them.

Information Security Specialist Group (ISSG):www.bcs-issg.org.uk

Information Risk Management and Assurance Specialist Group:www.bcs.org/groups/irma

BCS Security Community of Expertise (SCoE):www.bcs.org/securitycommunity

FURTHER INFORMATION

WHAT’S

doi:1

0.10

93/i

tnow

/bw

u071

©20

14 T

he B

ritis

h Co

mpu

ter

Soci

ety

Imag

e: iS

tock

/493

2044

07

28 ITNOW September 2014

GOING ON?

Where is your career going?Map it out with our free personal

development plan

BCS, The Chartered Institute for IT, First Floor Block D North Star House North Star Avenue Swindon SN2 1FAT +44 (0) 1793 417 424 Online enquiries www.bcs.org/contact www.bcs.org

© The British Computer Society (Registered charity no. 292786) 2014

If you require this document in accessible format please call +44 (0) 1793 417 600

pdp.bcs.org

Where is your career going_A4_1.0.indd 1 06/08/2014 16:58

http://www.bcs.org/security
http://www.bcs-issg.org.uk
http://www.bcs.org/groups/irma
http://www.bcs.org/securitycommunity

201409 TAMK Art, Music and Media 7th International Week International Networking

201409 TAMK Art, Music and Media 7th International Week International Networking

Education
201409 - EZ Cutter - SMRIl

201409 - EZ Cutter - SMRIl

Documents
201409 tic-valley-innovation day-ux - copy

201409 tic-valley-innovation day-ux - copy

Design
Parkson PPPC - CBRE Presentation 201409

Parkson PPPC - CBRE Presentation 201409

Retail
Sbc newsletter 201409

Sbc newsletter 201409

Documents
Chile Workshop Tour 201409

Chile Workshop Tour 201409

Education
Stmg vmsd 201409

Stmg vmsd 201409

Documents
201409-ana-maria (1)

201409-ana-maria (1)

Documents
201409 Online Tuesday - Jeroen Elfferich

201409 Online Tuesday - Jeroen Elfferich

Technology
201409 School Infection Control and Reporting

201409 School Infection Control and Reporting

Documents
201409 Newsletter

201409 Newsletter

Documents
BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

BUSINESS ANALYSIS TECHNIQUES - BCS - BCS - The Chartered Institute

Documents
CMN 201409 eBook - CMAMAS

CMN 201409 eBook - CMAMAS

Documents
Puerto Rico Workshop Tour 201409

Puerto Rico Workshop Tour 201409

Education
Revista ITNow Nov 2015

Revista ITNow Nov 2015

Documents
201409 Pap

201409 Pap

Documents
201409 APC Article - Great Job Ads Attract The Right People

201409 APC Article - Great Job Ads Attract The Right People

Documents
201409 Tennis Industry magazine

201409 Tennis Industry magazine

Documents
201409 HixNews

201409 HixNews

Documents
ITNOW magazine: June 2014 (sample)

ITNOW magazine: June 2014 (sample)

Leadership & Management
Loddon Valley Link 201409 - September 2014

Loddon Valley Link 201409 - September 2014

Documents
201409 HixNews REV1

201409 HixNews REV1

Documents
Mexico Workshop Tour 201409

Mexico Workshop Tour 201409

Education
Estados Financieros (PDF)89862200 201409

Estados Financieros (PDF)89862200 201409

Documents
Presentation - Rural and Remote Mental Health Symposium - COMMERCIAL IN CONFIDENCE 201409

Presentation - Rural and Remote Mental Health Symposium - COMMERCIAL IN CONFIDENCE 201409

Documents
Overload Relays 01+XTOG 201409.eps

Overload Relays 01+XTOG 201409.eps

Documents
Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Pension plans and the writing of fully-covered exchange ... · -2-BasedonregulationsforclarifyingERISA'sprudencerequirement whichwereproposedbytheDepartmentofLaborinApril1978,itnow

Documents
A fun dive into manufacture eric pan 201409 ohs

A fun dive into manufacture eric pan 201409 ohs

Presentations & Public Speaking
PipeWIZARD EN LTR 201409

PipeWIZARD EN LTR 201409

Documents
CBRE Cambodia Retail Services 201409

CBRE Cambodia Retail Services 201409

Retail