Helping you Piece IT Together

 

Home Previous About Us Our Services Whitepapers Resources Links News Contact Us Search
 

Visit Our Blog

 


 

 

Issue September 2008

Welcome to the latest edition of BH Consulting's Security Watch Newsletter.   In this month's issue we provide some updates to what has been going on in BH Consulting, review the Global Security Week Cyber Crime conference and provide you with some updates on the latest news happening in the world of information security.

Focus Ireland

 

Support Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

BH CONSULTING NEWS

 "Managing Information Security with ISO 27001" Training Course
The next “Managing Information Security with the ISO 27001 Information Security Standard” is scheduled to take place in the Centre for Software Engineering on October the 20th and 21st. If you are interested in attending or require more information you can contact us or find details on the course on the Centre For Software Engineering’s website.

Brian Honan to Chair Roundtable Discussion on Security with Bruce Schneier.
Our Principal Consultant, Brian Honan, has been given the honour to chair an upcoming roundtable discussion hosted by the Institute of International and European Affairs on risk and security at which  Bruce Schneier, Chief Security Technology Officer of BT Group, will address.  Bruce Schneier is well regarded within the Information Security industry as a thought provoking analyst.  His Cryptogram newsletter and Blog  is subscribed to by many tens of thousands of readers around the world and he has produced a number of best selling insightful books on information security.

The Irish Web Awards Best Technology Website Shortlist
BH Consulting is sponsoring the Best Technology Website in the Moviestar.ie Irish Web Awards.  The finalists for the competition have been announced and those in the running for the award are;

  • Tech Central
  • Silicon Republic
  • ByteSurgery
  • Camara
  • Justin Mason

    The above are all excellent sites with some very valuable content.  Why not have a look at the sites yourself to see what has made them be the top 5 technology websites in Ireland.

    • Keeping Data safe at work
    The Sunday Independent on the 7th of September ran a piece in their business supplement on what companies should be doing to protect the data stored on various devices such as PCs and laptops.  Brian Honan is quoted in the article and highlight that companies need to develop their data classification and handling policy and educate their staff in same before rushing out to solve the problem using technology alone.  Brian highlighted that technology is only part of the solution and that people and processes are equally, if not, more important.

    Brian Honan to Address the Irish Computer Society's Privacy Forum
    The Irish Computer Society's Privacy Forum is a platform to enable IT professionals to learn about the latest best practises in data protection and privacy.  Our Principal Consultant, Brian Honan, will be addressing the forum on October the 16th on the topic of managing a data breach in your organisation. If you wish to register for the event you can do so here.

    Cyber Crime Seminar Held in Dublin
     Global Security Week, in conjunction with BH Consulting and Vigitrust, held a free seminar on the theme of “Cyber Crime – Don’t Become a Victim”  on the 10th of September 2008.

    The theme this year is intended to highlight how businesses and individuals can become victims of Cyber Crime and what steps they can take to protect themselves from this rapidly growing crime.  In light of recent criminal attacks against various organisations in Ireland, the timing of the seminar could not come at a more opportune time.

    Detective Sergeant John Finan from An Garda Siochana's Computer Crime Unit and Owen O'Connor from Security Careers provided two excellent presentations.  Some of the key messages from the talks were;

    • Cyber Crime is a real threat.  Don’t always assume that your stolen laptop was the result of someone looking to make a quick few Euro selling it to cover their drug habit.  Increasingly criminals are becoming more and more aware of the value of data held on laptops and mobile devices.  Even if your device is stolen by someone trying to get their next high, the device could pass into the hands of someone who appreciates the value of the data on the device.

    • There is no legal obligation in Ireland for you to report a cyber crime.  It is down to each individual company to do what they see as the right thing for their business. 

    • Keeping log files and audit trails of your key systems is essential in investigating any suspected breach.  So do you know what you are logging, how you are logging that information and how to handle that logging information in the event of an investigation?  If not you should look at remedying that situation as soon as possible.  BH Consulting has a presentation available on our whitepapers page on managing logs if you need some pointers. 

    • Finally ensure your information security incident response plan is up to date.  Don’t forget to test your information security incident response plan to ensure you can get the information you need from your logs and that you can deal with the event appropriately.  While you are at it you should also consider integrating your information security response plan into your Business Continuity Plan.  You may have to keep key systems offline during an incident, or those systems may be taken by the police as evidence, so can you keep your business going while you deal with the security incident.  If you need some pointers you can have a look at our whitepaper on “Incident Handling and Management“.

    Our thanks to all who took the time to attend and participate in the event to make it one of the most interesting events in a long time.

    BH CONSULTING WEBSITE UPDATE
         We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of free whitepapers available for download free from our white papers page.

    Don't forget to visit our Security Watch Blog to keep up to date with the latest information security news.

    LATEST THREAT LEVELS
    Get more information on the latest updates on current threats at our online resources page;

    FEATURES

    Cyber Crime is a Real Business Issue
    A recent report released by Finjan highlights that cyber crime is a growing concern for businesses of all sizes. Ninety one percent of the 1,387 IT managers surveyed consider cyber crime as a major risk to their business with 73% claiming data theft is more worrying than downtime or malware infection. What is even more interesting is that 25% of those surveyed admitted to having been the victims of cyber crime.

    Estonian Government Releases Cyber Strategy Paper
    The Estonian Government has released a strategy paper on enhancing cyber security.  This is a very good report as we can all learn from the lessons of the cyber attacks against Estonia last year.  The report makes for interesting reading and yet it is still sad to see that governments and many organisations only take computer security seriously after they have suffered a major attack.

    ENISA Publishes New White Paper On Security Awareness
    Over the summer Brian Honan worked on a project with the European Network and Information Security Agency (ENISA) to produce a white paper “Obtaining Support and Funding From Senior Management While Planning an Awareness Initiative“.  This is a very important paper as one of the most important things to ensure the success of any information security awareness programme is to have the appropriate support and funding from your senior management.  If you are considering rolling out an Information Security Awareness programme then you should have a look at this white paper to ensure that you get the appropriate support from your senior management.  The paper is now available on the ENISA website.

    Beware of internet registry scam
    A number of Irish businesses with registered .ie domains have received a letter from a company calling itself Internet Register Ireland asking that the company sign up for a listing in their directory.  A listing in the directory costs €958 per year for three years and has no affiliation with the Irish Domain Registry.  This has been identified as a scam and companies are warned to ignore the letter.  More details are available from the IEDR website.

    ENISA Updates Security Awareness Guide

    Two years ago ENISA published an excellent guide on how to raise information security awareness within your organisations.  A new version of the guide is now available and well worth the time taken to download and read it.  Security awareness can be one of the most effective defence measures you can invest in.  Once you have created a culture of security within your organisation and trained users on how to identify potential threats your greatly reduce the ability of attackers to breach your defences.

    FREE SECURITY SCAN
         In partnership with Qualys, BH Consulting are offering a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

    Alternatively contact us or visit our website to get more details on our risk assessment service.

    This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

    Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

    Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

    To update your subscription to our newsletter click here.  To unsubscribe click here

    Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
    Copyright © 2005 BH IT Consulting Ltd.