About stopandstare

Stop and Stare

How Artificial Intelligence Will Define Cyber Security Over The Coming Years

February 12th, 2018|Uncategorized|

There has been much excitement about Artificial Intelligence (AI) and it’s application in cyber security. Here at Burning Tree we are monitoring the technology closely to see where it can help our clients protect their business and data, and in what areas AI can improve information security. Many organisations already have some AI cyber security [...]

Major Chip Flaws: Protecting your IT from “Meltdown” and “Spectre”

January 26th, 2018|Uncategorized|

We started the New Year with yet another cyber security alert with the revelation of major flaws in computer chips. Known as ‘Meltdown’ and ‘Spectre’ these two bugs could allow your IT systems to be hacked. To clarify where the vulnerabilities lie: Meltdown affects laptops, desktop computers and Internet servers with Intel chips and ‘snoops’ [...]

How ISO 27001 Can Help Your Organisation Meet GDPR Requirements

December 6th, 2017|Data Protection, Uncategorized|

One of the challenges of GDPR (the General Data Protection Regulation that comes into force in May 2018) is that organisations are left to interpret how GDPR impacts on their business and how best to comply. Many of the articles in GDPR are sufficiently vague and currently there is no standard or framework that can [...]

GDPR: What’s All The Fuss About?

November 1st, 2017|Conference, Data Protection|

Burning Tree’s recent Breakfast Briefing “GDPR: What’s All The Fuss About?” was well attended by representatives from businesses keen to learn what they have to do to be compliant. Presentations from Burning Tree, Fimatix, Privacera, Beta Systems and Fujitsu showed delegates that compliance with General Data Protection Regulations (GDPR) by 25th May 2018 is relatively [...]

Get GDPR Ready – What You Need To Know

September 15th, 2017|Data Protection|

With less than 8 months to go, few CEOs and their CIOs can have failed to have heard of GDPR. However, we are still receiving calls from businesses that have yet to implement any measures to comply with the 25th May 2018 deadline. While GDPR is about protecting personal data – our employees, our customers, [...]

Threat Modelling

August 18th, 2017|Data Protection|

Understanding The Business Impact Of A Successful Attack The overwhelming number of potential threats to your organization from cyber criminals, hackers and insider actors, is a challenge for even the most experienced IT Security Professionals. Monitoring the threat landscape is becoming unmanageable, sapping budgets and using up resources on threats that may never materialize. However, [...]

RSA Conference USA 2017: 3 Reasons To Attend

January 18th, 2017|Conference|

Next month is the annual RSA Conference in San Francisco. Like many UK and European based organisations, we attend the RSA Conference event (#RSAC) every year. The RSA show is of huge value to us, we get to catch up with old friends, make new contacts, uncover new opportunities and tap into the latest technology [...]

How to Automate Governance, Risk and Compliance (GRC) to Reduce Costs

December 13th, 2016|Data Protection|

IT Governance, Risk Management discipline, Information Security Policy and legal compliance requirements all place a burden on companies to ensure their governance, risk and compliance (GRC) policies protect customers, staff and stakeholders. Reducing risks whilst keeping costs low is becoming a key challenge for businesses, especially when the number of cyber-attacks keeps rising. Small businesses, [...]

Core Principles Of Building A Secure Network Architecture

November 22nd, 2016|Data Protection|

In many organisations IT projects are designed to address business objectives or as operational solutions without any thought about security. The security ‘solution’ is often bolted on at a late stage of development, or even after launch when security risks are identified. Sometimes security is overlooked entirely, until something goes wrong. This approach results in [...]

Lessons from Snowden: The Unmanaged SSH Key Time Bomb

October 12th, 2016|Data Protection|

Last month Snowden (the movie) was released in the US. While the film has received mixed reviews, the story behind the movie has played out very publicly over the last three years providing a salutary lesson for all charged with organisational security. Whether you approve of Edward Snowden’s actions by exposing the NSA’s surveillance operations [...]

burningtree.co.uk