BA’s massive cyber fine sends out a clear signal, but does it drive home a point?

The UK’s Information Commissioner’s Office (ICO) intends to levy a record fine of GBP 183 million (US$ 230 million) on British Airways (BA) for a data breach that occurred last year, which compromised the data up to 500,000 customers. The sanction is a bold expression of the sweeping new powers assumed by cyber watchdogs across Europe as a result of the enactment of the General Data Protection Regulation (GDPR) last May.

The “big stick” approach to regulation has its place, though it should also be on lawmakers’ minds that not every breach will be a direct result of negligence or “poor security arrangements”

Continue reading →

Kaspersky places “cyber immunity” at the heart of its rebrand

Kaspersky Lab recently announced its rebranding to plain Kaspersky, with an accompanying evolution of its corporate logo. The firm says the revamp reflects the transformation occurring in cyber security as the Fourth Industrial Revolution sets in, and it was accompanied by the adoption of a new mission of “building a safer world.”

Refreshing a business’ mission and branding to better suit evolving circumstances is all well-and-good, though the proof of how effective it is will only be known in the months and years to come

Continue reading →

Hailing a heightened level of cyber resilience

While the Middle East region continues to assess the positive impact of the announced US$3.1 billion acquisition of UAE-based ride-hailing company Careem by global rival Uber, it is worth pausing for a moment to consider the implications of such a deal from a cyber security perspective.

Careem’s US$3.1 billion acquisition by Uber is a fantastic endorsement of digital services entrepreneurship in the Middle East, though cyber security must remain front-and-centre of the company’s ongoing evolution

Continue reading →

Proactive trusted transparency

Trust is not necessarily synonymous with cyber security, and this has been reiterated through the plethora of cyber breaches and data leakages that have been publicised in recent years. The lack of trust as it relates to allegations that organisations have wantonly sold, misappropriated or misdirected customers’ data without their knowledge or consent only exacerbates an already chronic issue.

In much the same way that realisation of the awesome and horrifying power of nuclear weapons preceded the establishment and ratification of the Non-Proliferation Treaty in the late 60s, so too must the dire consequences of a lacklustre and piecemeal approach to cyber security prompt an international move towards universal and heightened cyber security transparency

Continue reading →

No more tears?

It has been almost two years now since the world was gripped by a string of pervasive and damaging ransomware attacks, which fuelled mass paranoia and concern over the cost of technological advancement. Such levels of panic and speculation hadn’t been seen since the turn of the millennium and the Y2K system failure predictions and panic. From Petya to WannaCry and the creatively named NotPetya ransomware attacks, individuals, organisations, and nation states were awed and rightly fearful of the pace of dissemination and destructive capabilities wrought by the attacks.

What is the key to never shedding a tear over an incident like WannaCry again?

Continue reading →