Threat Modelling: Understanding The Business Impact Of A Successful Attack

August 18th, 2017|Data Protection|

The overwhelming number of potential threats to your organization from cyber criminals, hackers and insider actors, is a challenge for even for the most experienced IT Security Professionals. Monitoring the threat landscape is becoming unmanageable, sapping budgets and using up resources on threats that may never materialize. However, we know that these threats are very [...]

GDPR – Are you thinking “What’s All The Fuss About?”

August 8th, 2017|Data Protection|

We are all increasingly concerned about how our personal data is used and what measures are in place to protect it from falling into the wrong hands. As seen extensively in the media the EU has new legislation coming into force on 25th May 2018 called the General Data Protection Regulation, commonly known as GDPR. [...]

How To Reduce Breach Detection Times

June 30th, 2017|Data Protection|

The Invisible Enemy? By Peter Boyle, CTO, Burning Tree Two weeks before WannaCry crippled the NHS, halted car production in Japan, and disrupted rail systems in Germany; IDT had been attacked with a degree of sophistication not seen before. Golan Ben-Oni, Global CIO for IDT – recently featured in a very thought-provoking article in the [...]

How to Automate Governance, Risk and Compliance (GRC) to Reduce Costs

December 13th, 2016|Data Protection|

IT Governance, Risk Management discipline, Information Security Policy and legal compliance requirements all place a burden on companies to ensure their governance, risk and compliance (GRC) policies protect customers, staff and stakeholders. Reducing risks whilst keeping costs low is becoming a key challenge for businesses, especially when the number of cyber-attacks keeps rising. Small businesses, [...]

Core Principles Of Building A Secure Network Architecture

November 22nd, 2016|Data Protection|

In many organisations IT projects are designed to address business objectives or as operational solutions without any thought about security. The security ‘solution’ is often bolted on at a late stage of development, or even after launch when security risks are identified. Sometimes security is overlooked entirely, until something goes wrong. This approach results in [...]

Lessons from Snowden: The Unmanaged SSH Key Time Bomb

October 12th, 2016|Data Protection|

Last month Snowden (the movie) was released in the US. While the film has received mixed reviews, the story behind the movie has played out very publicly over the last three years providing a salutary lesson for all charged with organisational security. Whether you approve of Edward Snowden’s actions by exposing the NSA’s surveillance operations [...]

Can Your IT Systems Heal Themselves? Automation and Cyber security

September 22nd, 2016|Data Protection|

The idea of self-healing networks is very attractive to any IT Director who wants to use valuable resources - IT staff and budget - on more strategic activities. Rather than using people to deal with business operational activities such as for detecting and fixing common network issues, let the computers do it for us. [...]

Insider Threats: Who Is The Biggest IT Security Threat In Your Organisation?

August 8th, 2016|Data Protection|

It is an undeniable fact that in today's digital world, we are all pretty much reliant on information technology and the Internet to run our businesses. It is also a fact that it is not 'if' - but 'when' will our IT Infrastructure and Business Applications be under attack? Before you even begin to [...]

What Does Brexit Mean For EU Data Protection Laws?

July 24th, 2016|Data Protection|

As far as the Data Protection Landscape is concerned, Brexit couldn't have come at a more challenging time - some might say fortuitous time. In this article, I will examine all the implications and deal with some of the arising issues. Earlier this year, the EU regulators adopted a new EU data protection framework, [...]

burningtree.co.uk