CS Mar-Apr 2021

Computing
Security
Secure systems, secure data, secure people, secure business
Long-distance winners
Excellence shines through from afar
NEWS
OPINION
INDUSTRY
COMMENT
CASE STUDIES
PRODUCT REVIEWS
Where to now?
Inside this issue: expert
insights into what the
industry can expect
in the months ahead
Webcam perils
Be careful who may be spying on you!
Attacks hit record high
Deep concerns as cyber security
incidents exceed all previous levels
Computing Security March 2021

FULLSTACK VULNERABILITY MANAGEMENT
CONTINUOUS VULNERABILITY
INTELLIGENCE
Accurately identifies vulnerabilities
and exposures across the full stack.
All threats are verified by
cybersecurity experts, providing
exploitable risk and remediation
guidance.
“The expertise and
delivery of this service
has been outstanding...”
SECURITY AND RISK MANAGEMENT,
MEDIA INDUSTRY, 30B+ US
2020

comment
APPRENTICESHIPS: VITAL ROUTE INTO CYBERSECURITY
EDITOR: Brian Wall
(brian.wall@btc.co.uk)
LAYOUT/DESIGN: Ian Collis
(ian.collis@btc.co.uk)
SALES:
Edward O’Connor
(edward.oconnor@btc.co.uk)
+ 44 (0)1689 616 000
Abby Penn
(abby.penn@btc.co.uk)
+ 44 (0)1689 616 000
Apprenticeships are the solution to attracting more young people into cybersecurity,
according to 42.5% of respondents to a new Twitter poll run by Infosecurity Europe,
Europe's information security event. The poll set out to explore current issues around the
skills shortage within the sector, particularly within the context of the pandemic.
Responses also highlight the importance of proper support for remote workers - with more
than a third (37.2%) believing that sustaining motivation and well-being is the greatest skillsrelated
challenge faced by cybersecurity professionals right now. The information security sector
continues to suffer from a shortage of skilled professionals, with more than four million unfilled
roles worldwide, according to the Enterprise Strategy Group (ESG) and the Information Systems
Security Association (ISSA). Despite this, 35.9% of the respondents to Infosecurity Europe's poll
say their organisation currently has a hiring freeze on cybersecurity roles.
"We can definitely do more to open up apprenticeships or internships that encourage people
to see if information security is for them," suggests Steve Wright, CISO of Privacy Culture and
Former Interim DPO Bank of England, "but, as a permanent measure, we've got to look at what's
going to attract people at the right age. I think more could be done to make it part of the school
curriculum."
Behind apprenticeships in the poll was the need for a formal career path (27.1%), more role
models/mentors (17.1%) and greater diversity (13.4%). Troy Hunt, Microsoft regional director
and founder of 'Have I Been Pwned', indicates the need for greater inclusiveness: "Technology in
general is very male-dominated and there's a lot of women in particular feel excluded by that.
There's also much more introverted behaviour, and - in my experience at least - obnoxious
behaviour! We need to create an environment that people of all backgrounds want to be in;
that removes the barriers making them reticent about joining the industry."
PUBLISHER: John Jageurs
(john.jageurs@btc.co.uk)
Published by Barrow & Thompkins
Connexions Ltd (BTC)
35 Station Square,
Petts Wood, Kent, BR5 1LZ
Tel: +44 (0)1689 616 000
Fax: +44 (0)1689 82 66 22
SUBSCRIPTIONS:
UK: £35/year, £60/two years,
£80/three years;
Europe: £48/year, £85/two years,
£127/three years
R.O.W:£62/year, £115/two years,
£168/three years
Single copies can be bought for
£8.50 (includes postage & packaging).
Published 6 times a year.
© 2021 Barrow & Thompkins
Connexions Ltd. All rights reserved.
No part of the magazine may be
reproduced without prior consent,
in writing, from the publisher.
Brian Wall
Editor
Computing Security
brian.wall@btc.co.uk
www.computingsecurity.co.uk March 2021 computing security
@CSMagAndAwards
3

Secure systems, secure data, secure people, secure business
Computing Security March 2021
contents
CONTENTS
Computing
Security
NEWS
OPINION
INDUSTRY
COMMENT
CASE STUDIES
PRODUCT REVIEWS
Long-distance winners Where to now?
Excellence shines through from afar
Inside this issue: expert
insights into what the
industry can expect
in the months ahead
Webcam perils
Be careful who may be spying on you!
COMMENT 3
Apprenticeships’ route into cybersecurity
Attacks hit record high
Deep concerns as cyber security
incidents exceed all previous levels
ARTICLES
EDITOR’S FOCUS 6
How well are organisations and the
workforce surviving the WFH challenge?
DIGITAL ACCESS FOR ALL 7
Steve Mellings, founder of ADISA, looks
at the wider impact of COVID-19 - and
the digital divide this has triggered
DATA PROTECTION LAW AND
WORKING FROM HOME 8
Samad Miah, Xcina Consulting, looks at
the data security and privacy compliance
challenges remote working can bring
WINNERS, TAKE A BOW! 32
It wasn’t possible to celebrate the 2020
Computing Security Awards face to face, but
even the virus couldn't prevent them from
going ahead. Master of ceremonies Chris
Cowdrey and editor Brian Wall revealed the
winners by video link - and what an occasion
it still proved to be
SEIZING BACK CONTROL 18
THROUGH A GLASS DARKLY 10
How can organisations stop their data
We asked several industry commentators
falling into the wrong hands? Terry Greer-
for their views on where they believe 2021
King, SonicWall, offers his insights
will lead us, as we continue to grapple
with COVD-19 and a whole multitude of
ATTACKS HIT RECORD HIGH 22
The National Cyber Security Centre (NCSC)
other security challenges. Here's what they
handled a record total of incidents over
had to say
the last 12-month period accounted for -
with 200-plus related to the coronavirus
THE PATIENT APPROACH PAYS OFF 24
NHS Management has been adopting
a security-first mindset, with a helping
hand from AT&T Cybersecurity
BE CAREFUL WHO’S WATCHING! 16
Mark Zuckerberg (yes, Facebook raises its
YOU'VE GOT EMAIL... BREACHES 26
controversial head again!) posted a now
Misdirected emails have been identified as
infamous photo of his desk setup, showing
the UK's top cause of reported security
his laptop with a covered webcam and
incidents, leading to 44% more incidents
than phishing attacks
blocked mic. If even the creator of
Facebook does this, shouldn’t everyone?
CHANGE IS ON THE CARDS 28
Ever wondered if workplace security, no
matter where you are, might be possible?
Biometrics could offer a way forward
A GLIMPSE INTO THE ABYSS 20
CYBER STRATEGY’S CRITICAL POINT 30
Cyber security has never been more relevant
When your data leaks, it might well end up
and will no doubt continue in that vein for
for sale on the dark web, making you an
organisations throughout the year ahead
easy target for advanced attacks. As one
industry expert observes, “the market for
PRODUCT REVIEW 19
stolen data on the dark web has become
Wandera Private Access
a truly lucrative trade”.
computing security Jan/Feb 2021 @CSMagAndAwards www.computingsecurity.co.uk
4

My peace of
mind starts
with Neustar
Security.
Cloud Security Solutions that are
Always-on, Ultra Secure.
security.neustar

editor's focus
WORKING FROM HOME - ONE YEAR ON!
COVID-19 HAS BEEN WITH US NOW FOR ALMOST A YEAR - AT LEAST 'OFFICIALLY'. HOW ARE
ORGANISATIONS AND REMOTE WORKERS SURVIVING THE CHALLENGES?
One year on, it's clear that the
pandemic changed the way many
organisations operate, due to
huge numbers of staff being forced to
work from home. That reality is
something that resonates deeply with
Oliver Cronk, chief IT architect, EMEA at
Tanium. "This has caused digital
transformation to accelerate rapidly and
many organisations have put stop-gap IT
solutions in place to keep up," he states.
"This approach, which we believe is
especially prevalent in sectors hit hardest
by the pandemic, often creates
cybersecurity weaknesses."
Another key issue he highlights is that
many organisations are struggling with
reduced revenue or funding right now
and having to make cutbacks, yet
cybersecurity is not an area they can
afford to neglect, he warns. "As lockdown
continues and some teams are being
asked to do more with less resources, they
remain increasingly vulnerable to cyber
threats, due to distraction or fatigue,
which can cause employees to drop their
guard when it comes to clicking on
malicious links in emails."
OUT OF TOUCH
In addition, states Cronk, "IT audit
continues to fail many organisations, with
some of the recent security issues we've
seen being a direct result of IT audit and
governance processes being used, which
are out of touch with what is really going
on in modern organisations".
Businesses need to ensure they are
planning for the long-term by setting up a
security foundation which is flexible, datadriven
and efficient, he advises, while
equipping IT teams to respond to threats
immediately from wherever they are based.
"Whilst the pandemic has created
challenges for IT teams, this period should
also be seen as an opportunity to optimise
IT security and operations.
"Teams should consider embracing
technologies such as distributed cloud
architecture and endpoint management,
which will give businesses the visibility and
control they need to minimise the
likelihood of a damaging cyber-attack in
the age of lockdowns and mass remote
working."
06
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

industry insights
DIGITAL ACCESS FOR ALL - HELPING
TO BRIDGE THE TECHNOLOGY DIVIDE
STEVE MELLINGS, FOUNDER OF ADISA, LOOKS AT HOW COVID-19 HAS HELPED TO
ILLUMINATE A GAP IN SOCIETY WHERE TECHNOLOGY FOR MANY ISN'T A GIVEN
is essential for all children to achieve their
learning objectives not just in the COVID
world, but in the normal learning
environment. The partnership we have
formed with ADISA allows us access to the
leading IT asset disposal companies in the
UK, which means the programme is not only
professional, secure and compliant, but
sustainable."
In these challenging COVID days, many of
us are struggling to juggle homeworking
and our newfound role as home
educators. Those households that are lucky
enough to have access to technology and
connectivity are able to benefit from online
learning, but imagine trying to educate your
children with no technology?
This is a predicament affecting more than
1 million households in the UK and, far from
being a COVID creation, this digital divide is
ever present in society and reflects how a
disadvantaged group that needs support
has been overlooked.
The 'Digital Access for All' programme
(DAFA), run by the Learning Foundation
Charity, has been focusing on this area
for many years, but the COVID-driven
requirement for home learning has drawn
widespread focus (and angst) in how
developed nations can still have families
without access to technology at home.
DAFA is a programme that is NOT just for
today, but is tasked with helping to solve
this ongoing problem and, in 2020, they
partnered with ADISA to create a sustainable
programme for businesses to donate
redundant technology that can be
refurbished and donated to schools or resold
to help generate funds to purchase the type
of technology those without access need.
The programme has been designed by
ADISA to present a route where ANY retired
working technology can be processed to
leading industry standards, including a service
option for data sanitisation and compliance
to overcome security concerns. From that
point, any infrastructure that is not fit for
reuse is recycled appropriately and the rest
prepared for reuse.
With businesses having to provide devices
for homeworkers, the number of laptops
available for donation is very low, which
is why this programme accepts ANY
infrastructure, with the aim being to generate
much-needed funds to give the Learning
Foundation the ability to help schools either
by sourcing refurbished laptops or tablets,
OR to help with connectivity issues.
As Paul Finnis, chief executive of the
Learning Foundation, says: "Far from being
a luxury item, technology in the home really
POSITIVE EXPERIENCE
The programme has controls in place as
to which type of devices can be supplied
to schools to ensure the user experience
is a positive one and, in conjunction with
Microsoft, is able to ensure there is access
to correctly licensed software.
Since a soft launch in January, we have
had offers of over 100,000 assets from
organisations keen to help and we hope to
be able to turn that into direct help for over
25,000 children, BUT we cannot do it alone.
This is a real email received by us last
week…..
"I'm not sure if you can help but I have 2 daughters
who are home schooling and the laptop we have
has just failed. We can't afford to get it fixed and
the school says it can't help. Can you help us as I'm
so worried that my girls are going to fall behind."
Want to help?
If you are a business that has any redundant
equipment, you should consider donating it
to the 'Digital Access for All' programme
administered by ADISA.
To find out more, visit:
https://adisa.global/dafa
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
07

masterclass
DATA PROTECTION LAW AND WORKING FROM HOME
AS MORE PEOPLE WORK REMOTELY, THE DATA SECURITY AND PRIVACY COMPLIANCE CHALLENGES THIS CAN
BRING MUST NOT BE OVERLOOKED, SAYS SAMAD MIAH, DATA PROTECTION CONSULTANT, XCINA CONSULTING
confidentiality by keeping them locked
in a filing cabinet when not in use and
disposing of them securely when no
longer required. You may also wish to
return the papers to the office if you are
unable to securely store or dispose of
them at home. Lastly, try to maintain a
written log of records and files that you
have taken to ensure information is not
accidentally misplaced and that others
know its exact whereabouts.
Data protection law requires
companies to put in place
appropriate technical and
organisational measures to ensure the
security of processing, whether it be in
the office or in the comfort of your living
room. We understand that keeping in
touch and communicating with your
team is crucial and have therefore listed
our top five tips to ensure data
protection does not become a barrier
to productivity:
1. Only use technology that is approved
by your employer
Work-provided hardware or software will
have likely gone through some sort of
vetting process and is therefore a much
safer alternative then the use of personal
devices. Privacy settings and system
updates can also be applied at the
administrator level on a work device and
can therefore guarantee an optimal level
of data security. Unless specifically
authorised, avoid storing information
on your personal device. Also, where
possible, only use your employer's
trusted networks and cloud services
and ensure that data is backed up if
stored locally.
2. Use secure forms of communication
There are several video conferencing
software tools available on the market.
Ensure that the solution you use offers
end-to-end encryption on video calls, is
not sending data to third parties without
your approval and offers enhanced
security and privacy features as standard
(such as the use of a lobby or password
access to a meeting). For emails, make
sure you are sending it to the correct
recipient and that all attachments are
encrypted/password protected.
3. Be careful with paper records
It is important to note that data
protection law also applies to personal
information in manual form if it is
intended to be a part of a filing system.
If you are working remotely with
paper records, consider security and
4. Follow your organisation's policies
and procedures
If staff ignore procedures and policies,
then they risk breaching key data
protection principles. Your organisation
will have developed an approach to
ensure remote working is safe and
secure and policies act as a way to
communicate what is allowed and what
is not. Do not be tempted to circumvent
what is permitted by your employer
(eg, sending emails through a personal
account) simply because it is more
convenient.
5. Consider confidentiality and
unauthorised exposure
When working from home, try to ensure
personal data is not seen by family
members or those who you live with.
This can prove challenging if you are
sharing your home working space.
However, try to hold confidential
conversations somewhere where others
are less likely to overhear you and
position screens and papers, so they are
not visible to others. Data protection law
would consider family members to be
third parties and information must not
be shared with them as a result.
08
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

into the future
THROUGH A GLASS DARKLY
WE ASKED SEVERAL INDUSTRY COMMENTATORS FOR THEIR
VIEWS ON WHERE 2021 WILL LEAD US, AS WE GRAPPLE
WITH COVID-19 AND A MULTITUDE OF OTHER CHALLENGES.
HERE'S WHAT THEY HAD TO SAY
According to Verizon's Data Breach
Investigations Report for 2020, social
engineering has become a top attack
vector for hackers. DigiCert, for its part,
expects threat actors to leverage current
events to unprecedented levels in the current
year. Dean Coclin, DigiCert's senior director of
business development, points to various
influencing factors. "With unemployment
fraud at an all-time high, we will see an even
larger increase in 2021, as pandemicfocused
unemployment programmes from
governments have lowered the barriers to
collecting benefits and security methods
have not been able to keep up. Should we
see additional stimulus funding from
governments to provide relief for the effects
of the pandemic, this will only make this
a richer channel for fraudsters."
Coclin, along with Avesta Hojjati, head of
R&D, and Mike Nelson, VP of IoT security
at DigiCert, have come up with some joint
predictions for 2021, as life starts to return
to a semblance of how it was pre-COVID-19.
"We predict that individuals and businesses
alike will adjust to a new normal sometime
in 2021. As workers return to the office,
there will be a steady crescendo of
applications offered by threat actors, with
the promise of increased productivity tools to
ease the transition. Tools such as apps that
provide ambient sounds will be leveraged in
these attacks," they state.
They warn of new attack vectors emerging
not only for social engineering, but also
attacks targeting common home devices,
used at home for workers splitting time
working at home and the office that can be
used to compromise an individual and allow
for lateral movement into a business.
"Workers splitting time between the home
and the office will only exasperate this
transition period, causing confusion and an
increase in security risk for business."
Hojjati also sees 2021 bringing increased
focus on automation and efficiency solutions
in the security market. "As organisations
work to keep the lights on and scrutinise the
bottom line, there will be a resulting push
for efficiency in security technologies. 2021
will bring an emphasis on technologies that
allow organisations to do more with less and
automation will play a significant role, in
terms of security innovation in the New Year."
Worryingly, according to a 2020 SANS
Automation and Integration Survey, 12% of
respondents had no security automation in
2019. In 2020, that dropped to 5%. "We
predict the level of automation in 2021 will
increase exponentially," he advises.
Meanwhile, as security investments focus
on immediate value, quantum computing
will continue to move forward. "We will
see the effect of Moore's law on quantum
computing," says Tim Hollebeek, industry
and standards technical strategist at
DigiCert. "As quantum computing allows for
10
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

into the future
tasks to be more efficient, organisations will
prioritise its continued development.
Improvements and efficiency are recession
resistant."
Coclin has views, too, on the challenge of
staying safe online, stating that identity and
consumer accountability of an organisation's
permissions and controls over its data
will lead to a new interest in how to stay
safe online and with connected devices.
"Concerns over contact tracing and other
government invasions of personal privacy
will lead to a new desire by the public for
ways to identify organisations with which
they connect online," he states, "and for
better assurances of the security of the
connected devices in their everyday lives,
including connected cars, homes, buildings,
websites and emails."
WORKING REALITY
With the disruptions and restrictions the
pandemic brought to our lives in 2020,
it seems like 2021 will look similar with
regards to our new working reality, cautions
Robert Allen, director of marketing &
technical services at Kingston Technology
Europe. "This will bring new data security
challenges for IT managers, as cybersecurity
threats have increased massively during the
Covid-19 lockdown . Artificial Intelligence
will have a positive impact on security,
while businesses will be more reliant on
AI processes to implement cybersecurity
and data privacy measures.
"Working from home or a hybrid working
environment will continue to stay and, even
though the pandemic might gradually step
out of our lives, employees will be looking to
continue with the flexibility they now have."
A better work-life balance for employees
and savings on costs for businesses will be
the main motivators for this, but it will come
with additional challenges," he adds, "an
important one being how to improve
employees' equipment to increase efficiency.
This may be a memory or storage
improvement that will help all systems
operate better, or being able to make the
many video calls that are now part of our
lives".
Equally important is the need to improve
data security in this new working
environment. "IT managers might well
consider upgrading employees' laptops
by using encrypted drives to mitigate
cybersecurity attacks," adds Allen. "The use
of encrypted USBs would also add a layer
of security to mobile corporate data, as we
anticipate the shift from home working to
more mobile working. "
As the number of employees and
businesses that are operating remotely
has increased significantly, the need for
companies to provide specific training and
cybersecurity awareness programmes to
employees will be paramount. "AI will
play an important role in 2021, in order to
support the implementation of further data
security measures," he states. "With teams
physically spread out and with a need to
access corporate networks, businesses will
rely more on automation and machine
learning to prevent cyber-attacks. Businesses
are still adapting to this paradigm shift. The
impact caused by Covid-19 has completely
changed the landscape in organisations
worldwide and the tools that need to be
used will also need to continue to adapt to
this. Whatever happens in 2021 and
beyond, we will continue supporting
businesses as their needs evolve."
RE-INFECTING MACHINES
Kelvin Murray, senior threat research analyst
at Webroot, sees cyber-attackers increasingly
targeting home routers, insecure IoS devices
and VPN systems to infect corporate
machines connected to that network. "The
goal of this tactic is to take advantage of low
security home set-ups, so admins and users
need to factor these risks into account when
securing the growing number of work-fromhome
environments.
Avesta Hojjati, Digicert: increased focus
on automation and efficiency solutions in
the security market.
Dean Coclin, Digicert: even greater interest
will be shown in how to stay safe online and
with connected devices.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
11

into the future
Lisa Ventura, UK Cyber Security
Association: cloud computing and
security will be central to the postpandemic
world.
Jon Fielding, Apricorn: rise in endpoint
controls will enable employees to use their
own devices safely.
"MSPs and channel partners need to adapt
their businesses to respond to the evolving
threats that remote work presents. Some
MSPs, particularly those who were more
sophisticated before the pandemic, will be
better equipped to protect against these
types of threats. However, others will have to
adapt and change their services very rapidly
to keep up with these ongoing challenges,"
he adds.
"The amount of disruption and cost to
businesses and important services like
healthcare by ransomware groups has
grown too big to escape addressing by
world leaders," Murray concludes. "Expect
some major discussion and statements
about the threat by politicians in 2021."
GAPS IN SECURITY TRAINING
For his part, Matt Aldridge, Webroot's
principal solutions architect, believes there
is still not enough security training being
implemented across businesses, specifically
to address the increasingly remote
workforce. "In 2021, organisations need to
prioritise training schemes that are tailored
to remote workers, including how to spot
phishing scams and other types of social
engineering cyberattacks. With an increase
of distractions at home and fatigue around
email and virtual meetings, it's never been
more critical that training be engaging,
consistent and prioritised by business leaders
to ensure it's embedded into company
culture."
A key consideration for businesses this year
should be to monitor challenges around
employee's mental health and the security
issues that they can pose, he adds. "Many
workers are mentally exhausted and more
prone to making dangerous mistakes
that can lead to security issues. Without
a controlled network and onsite IT support
offered by a physical office, businesses need
to focus on implementing training that
specifically supports workers in the home
environment and that accounts for the
stressors caused by the semi-permanent shift
to WFH."
Aldridge also points out that any training
programme needs to have a feedback loop
"and phishing simulations can help to form
an important component of this, allowing
organisations to track improvement in clickthrough
rates from timely, realistic simulated
phishing emails as the training programme
progresses. Lessons can then be learned
from this, helping organisations to provide
just the right amount of regular training,
without overburdening their users and
without leaving it too long between sessions
to allow bad behaviours to slip back in".
The company's Nick Emanuel, senior
director of product, also warns of new forms
of exploitation, as we seek to emerge from
the ravages of COVID-19. "As 2021 brings
the first vaccines to fight Covid-19, cyber
criminals will exploit the lack of trusted
information and the widespread use of
phone-based medical appointments
[telemedicine] to target businesses and
consumers in phishing attacks and BEC
[Business Email Compromise] scams."
DEVASTATING ATTACKS
Lisa Ventura, CEO & founder, UK Cyber
Security Association (UKCSA), has been
highlighting some other areas she believes
will continue to be a challenge in 2021.
"Ransomware attacks can be devastating.
Demands can run into millions of pounds.
The number of such attacks has jumped
by 350% since 2018, as well as the average
ransom payment increasing by more than
100% in 2020. Downtime has also increased
to up to 200% and the average cost per
incident is rising exponentially.
Cloud computing and security will be
central to the post-pandemic world, she
adds. "Organisations that have migrated to
the cloud will need to focus on their cloud
security and understand the relationships
they have with their providers. Cloud services
12
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

into the future
were essential in 2020 for keeping the
economy and our lives from griding to
a total halt and, in 2021 and beyond,
there will be much more of a reliance on
clouds, along with smart sensors, remote
collaboration and streaming, even after we
emerge from the pandemic."
There will also be a greater reliance on
automation, artificial intelligence and
machine learning," Ventura states. "This
reliance may drive a trend of hyper
automation. This is a process in which
organisations automate as many business
and IT processes as possible, using AI,
machine learning and robotic process
automation. With the sheer number of
potential threats and security alerts rising
daily, it is often too much for humans to
handle alone."
ATTACKER SURFACE
As the pandemic hit, many companies were,
as we all now recall, forced to react really
quickly to keep themselves going and meet
customer needs. This move to digital opened
up a gateway for hackers, who have since
been seeking to take advantage of a great
attacker surface. "2021 will start to see
the trend towards efficiency over resilience
reversed, as companies realise the damage
that can be done, if these key services
go down," says Dr Alex Tarter, chief cyber
consultant and CTO at Thales UK. "This could
result in the security budget overtaking the
R&D budget next year."
The business-hacker relationship has largely
always been one way, with cyber criminals
attempting to break in and businesses
reacting to this. "However, 2021 will see that
relationship change, as businesses go on
the offensive and attempt to throw hackers
off their game. Companies will start using
deceptive techniques, such as deploying fake
high-attraction systems to divert attackers or
leave fake credentials [breadcrumbs] that
lead to a fake high-value target," he adds.
If 2020 is to be defined by the Coronavirus,
then 2021 will, hopefully, be the year of
the vaccine. "Scientists and the medical
professionals have been working against the
clock to produce a vaccine that will mitigate
the virus, but within that unfortunately are
threat actors looking to upset the process
and steal data. With medical and logistical
information at such a premium, the UK still
faces a cybersecurity talent shortage that
could leave its health industry exposed. In
2021, expect to see a greater effort from the
healthcare industry to access cybersecurity
expertise," concludes Tarter, "both from a
recruitment perspective and a partnership
viewpoint, in order to protect their systems
and against misinformation about the
vaccine process."
MAKE OR BREAK
It's security culture that will 'make or break'
hybrid working - not the technology, argues
Jon Fielding, Apricorn's managing director
EMEA. "Combined home and office working
will set in as a long-term model and doing
this safely will demand a major culture shift.
Lack of employee education was singled out
as the biggest cybersecurity weakness during
the first lockdown in a recent Apricorn poll.
Companies must make urgent changes to
improve awareness of the different security
risks associated with hybrid working and the
knowledge of how to control them."
Training employees in the 'practical stuff'
won't be sufficient, he adds. "Everyone is
accountable for protecting data in the new
working environment, which requires a
culture of information security best practice
across the entire dispersed workforce.
This isn't something that can be enforced;
employees need to buy in to it. This will
require IT teams to build deeper engagement
with staff and devolve greater responsibility
for security onto the individual. Education
programmes must therefore explain the
'why', as well as the 'what' and 'how': the
reasons data protection is important, and
the specific risks and consequences to their
company of a breach."
"Ultimately, businesses will want complete
confidence that employees are working
safely when they're out of the office," adds
Fielding. "Secure, encrypted storage devices
can be used to protect company data offline
or quickly deploy a secure desktop
environment to an entire workforce by preloading
them with the with the standard
corporate apps and security settings.
Employees can then boot this up on
whatever device they're using."
He also sees organisations moving beyond
the mindset of 'complete security', to focus
on strengthening their cyber resilience.
"Cyber resilience is an organisation's ability to
prepare for, respond to and recover quickly
from any digital disruption. We anticipate a
marked rise in criminal attacks in 2021, as
hackers take advantage of people continuing
to work remotely - in particular, ransomware,
malware and phishing. Recognising that no
business is immune, IT teams will shift focus
to ensuring they have all their ducks in a
row, in the event of a breach. They'll also
prioritise planning to mitigate the impact of
any future crisis that drives the workforce out
of the office!"
Apricorn also expects to see an increase
in encryption, to protect data as it's moved
from office to home - mitigating risks,
such as targeting in the cloud - and keep
information secure whatever's happening
around it. "There will also be a rise in
endpoint controls that enable employees to
use their own devices safely. These measures
give organisations the ability to demonstrate
transparency and due diligence, should a
breach occur. The use of secure, encrypted
storage devices as a straightforward way of
backing up data locally is likely to increase,
supporting the ability to get up and running
again fast."
STRAINING AT THE LEASH
According to Mike Campfield, VP, GM
International and Global Security Programs
at ExtraHop, this year will see new strains of
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
13

into the future
Mike Campfield, ExtraHop: new
ransomware gangs will enter the picture
and continue development of attack
tactics.
Maxine Holt, Omdia: COVID-19 accelerated
cloud journeys and security was at best an
afterthought.
ransomware as attackers continue to profit.
"We will also find new gangs entering the
picture and continued development of
attack tactics. Following the trend of recent
years, ransomware will set its sights on
ever higher value targets in healthcare,
institutions of education and financial
services. The more things change, the more
they stay the same - the essential threat of
ransomware is no different. Enterprises will
develop workarounds to resist paying the
ransom; ransomware continues to be the
greatest threat to enterprises. We expect
2021 to produce new victories in the long
ransom war," he states.
As for remote work, he believes that more
and more employees are going to demand
it from their employers. "In 2021, remote
work will cement its place as a standard
part of working life and create a new raft of
considerations for enterprise security. How
will an enterprise protect its network, if
endpoints are employee-owned constantly
on and off the corporate network, either
from home or in the office? How are
enterprises going to protect themselves,
without the benefit of enterprise security
controls? In 2021, the fact of long-term
remote work is going to force us to rethink
how we secure enterprise data and
infrastructure," he adds.
STRAINING AT THE LEASH
2021 will be a year for organisations to
reset and to fortify their cybersecurity
resilience, according to Infosecurity Europe's
community of security leaders. Europe's
leading information security event asked its
network of CISOs and analysts to comment
on the major trends and changes they
foresee shaping the next 12 months.
Overall, they expect companies to focus on
consolidating and reinforcing their security
posture, as the full consequences of last
year's rapid changes become apparent. This
is a world that Maxine Holt, senior research
director at Omdia, calls "the reset normal".
She says: "From a security perspective, it's
been difficult to maintain pace with the
speed of change. COVID-19 accelerated
cloud journeys, for instance,
and security was at best an afterthought.
Security functions applied temporary
measures, and they will now peel back the
sticking plaster and build more sustainable
security for new ways of working. This
should include upskilling staff in cloud
security expertise, and looking at technology
that can prevent, detect and respond to
security incidents in these evolved
environments."
The threat landscape will continue to
evolve at a speed that outpaces the
cybersecurity industry, according to Becky
Pinkard, CISO of Aldemore Bank. "I'd like
to see companies buckle down on the
'foundations of security', moving into an
era of never-before-seen strength on the
frontline fight against cyber threats," she
comments. "However, I predict we'll see
more of the same when it comes to security
awareness, patching and risk prioritisation.
The industry is maturing, but at a glacial
pace. Until we pick up that pace, the
current overall defensive posture will
persist."
When it comes to the threats that will
come to the fore in 2021, Heidi Shey,
principal analyst serving security and risk
professionals with Forrester Research,
believes insider incidents will be an area
of increased concern. "Pandemic-related
uncertainty and remote work environments
have collided to create the ideal conditions,"
she explains. "We expect one-third of
security breaches will be caused by insider
threats in the coming year, up from 25%
today. These may be due to accidental or
inadvertent data misuse, or malicious intent.
As part of their defence, firms should add
capabilities for detecting insider threats
and improve the employee experience."
Part 2 of our predictions for cybersecurity in 2021
will appear in the next issue.
14
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

Computing
Security
Secure systems, secure data, secure people, secure business
e-newsletter
Are you receiving the Computing Security
monthly e-newsletter?
Computing Security always aims to help its readers as much as possible to do
their increasingly demanding jobs. With this in mind, we've now launched a
Computing Security e-newsletter which is produced every month and is available
free of charge. This will enable us to provide you with more content, more
frequently than ever before.
If you are not already receiving this please send your request to
christina.willis@btc.co.uk and advise her of the best email address for the
newsletter to be sent to.

webcam perils
BE CAREFUL WHO'S WATCHING YOU!
JUST HOW SAFE ARE WEBCAMS - AND WHO'S MOST VULNERABLE
TO HACKERS?
As many parts of the world continue
with strict lockdown restrictions, Zoom
calls will remain the norm for some
time. All to the good in such challenging
times, but there are clear downsides, too.
The tech and webcam specialists over at
Reincubate have been analysing the real risks
of webcams and detailed what we should be
doing to protect ourselves as we let the world
into our home via our webcam. Here is the
company's take on where the greatest
dangers lie:
The rapid growth of remote and home
working has led to a lot of users getting
webcams or setting up Zoom equipment in
their own homes. Mark Zuckerberg
inadvertently brought attention to the risks of
users being covertly monitored through their
computer's webcams or mics when he posted
a now infamous photo of his desk setup,
showing his laptop with a covered webcam
and blocked mic. If even the creator of
Facebook blocks his, who else does?
Generally speaking, there are few video apps
where the host can remotely enable video if
the participant has turned it off after the start
of the call, and Zoom is safe in this regard. It
does, however, have a feature whereby the
host can remotely unmute a participant's
microphone. If you're in the habit of stepping
away from your computer on long calls to get
a cup of coffee whilst muted, beware that you
might be unmuted without knowing about it.
Similarly, if you're joining the call from a
room with other people around, their
unexpected presence in your background may
cause them embarrassment if they're not
expecting to be broadcast. These inadvertent
risks can be handled with a few simple
precautions: covering or physically
disconnecting a webcam makes things more
obvious and having a mic with a physical
mute button helps.
SECURING YOUR CAMERA AND MIC ON
AN IPHONE
iPhone and iPad users have the least to worry
about. So long as the device has not been
jailbroken, it is extremely unlikely that hackers
can remotely monitor the device's camera or
mic. Apple's release of iOS 14 has done even
more to safeguard users with its new orange
and green dots.
Of course, it's still possible for apps to access
an iOS device's camera and mic, but in order
for this to happen, users must first install an
app and grant it permission to record video
and audio. It's possible for apps to record
audio - but not video - whilst backgrounded,
but again, permissions must first be given by
the user. Broadly speaking, your iPhone and
iPad should be perfectly safe, so long as you
don't let them out of your sight and only
install apps that you trust.
SECURING YOUR WEBCAM AND MIC ON
A MAC
A Mac or a MacBook Pro is second only to an
iPhone in its security. Recent Macs include
something called a T2 chip, which includes a
number of hardware-based security features.
Most relevant of all, it uses hardware to
physically disable a Mac laptop's microphone
when the laptop is closed or suspended.
From a practical perspective, it's impossible
for Mac's webcam to be in use without the
16
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

webcam perils
accompanying green light being turned on. In
the past, there have been workarounds, but
the known exploits have been fixed on Macs.
However, the software on the Mac does not
trigger any sort of system-level security
prompt when accessing a webcam or mic, so
users must be careful to only use apps they
trust. Security-conscious Mac users may wish
to try OverSight (free) or Micro Snitch (paid),
popular security tools that run in the
background and alert users to any apps
accessing their camera or mic.
STAYING SECURE ON WINDOWS OR
ANDROID
Unfortunately, Windows and Android users
will have the hardest time of all staying
secure. Often the software and hardware for
these devices are made by different
companies, meaning there's plenty of room
for loopholes between the two. Google's Play
Store is infamous for including malware apps
on a regular basis, and many Android phones
suffer from not getting access to the latest
security patches or Android updates.
Theoretically, modern Android devices with
the latest security patches will be close to an
iPhone's security - at least, each app must
prompt for webcam or mic access, but a
status light won't be shown.
But the problem is it's hard to tell by looking
at an Android device if it's secure or up to
date; simply because your phone says it has
all of the latest security patches, doesn't mean
that the manufacturer of your Android phone
has made all of the security patches available.
From this perspective, Google Android devices
(such as the Pixel) are more trustworthy, as
Google makes both the software and
hardware together, and are ultimately
responsible for issuing the most important
security updates.
Staying secure on these platforms is hard.
The problem on Windows is so endemic that
both Lenovo and HP have started building
physical switches and covers into their
webcams to give users some peace of mind.
Without hardware control of the mic, it's
impossible to tell if a Windows laptop could
be recording in the background when open
or closed!
Blocking microphones isn't easy: you can't
cover them with a piece of tape like you can a
camera or at least, if you do, it won't be at all
effective.
Reincubate's advice, if running Android,
would be to only use Google devices such as
the Pixel and to avoid installing third-party
apps from the Google Play Store. The risk of
malware or app impersonation is not small.
Seriously, if you want apps, use an iPhone.
WHAT ABOUT ALEXA OR THE
HOMEPOD?
Plenty of users have an Alexa or HomePod
device in their home or other forms of smart
devices, like thermostats or security cameras.
These are all capable of broadcasting video or
audio captured within the home. It's very hard
to keep tabs on these and ultimately one
must either trust the company making them
or not.
"There are real risks to not covering a
webcam, but, for users with Macs and
iPhones, the greatest risk is most likely
accidentally broadcasting themselves or
unknowingly being unmuted by a meeting
host, rather than being surveilled by a hacker,"
says Aidan Fitzpatrick, Reincubate. "Webcam
covers and physical mute buttons on
microphones act as fail-safes and helpful
reminders to think about security, and a piece
of tape really is the best solution for use with
a MacBook. I recommend users keep devices
closed or powered off when not on use.
"It's worth thinking about using an external
webcam or, for better quality, a smartphone
webcam, as it can be physically unplugged
between calls. Being able to unplug one's
camera is the best way to stay secure."
Mark Zuckerberg, Facebook: in a recent
post, his laptop had a covered webcam
and blocked mic.
Aidan Fitzpatrick, Reincubate:
unplugging your camera is the best way
to stay secure.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
17

inside view
HOW CAN ORGANISATIONS STOP THEIR DATA FALLING INTO
THE WRONG HANDS? TERRY GREER-KING, VP EMEA, SONICWALL,
OFFERS HIS INSIGHTS
In an era where cybercriminals are
more sophisticated than ever, and
attacks are becoming more
commonplace by the day, the market
for stolen data on the dark web has
become a truly lucrative trade. Recent
years have seen the spoils of many
cyberattacks end up for sale on
underground marketplaces.
For instance, the recent attack on the
European Medicines Agency (EMA) saw
confidential information on the Pfizer
COVID-19 vaccine was leaked across
several hacking forums. The fact that
billions of private records are changing
hands poses a threat to businesses
everywhere.
The dark web is the term used for
web content that exists on darknets:
networks that require specific software
or authorisation to access. Through
the dark web, users can communicate
anonymously without divulging
identifying information. While not all
activity on the dark web is illegal, it is
often the preferred forum for criminals.
Ultimately, the variety of threats that
businesses could face from the dark web
is endless. Essentially, criminals are after
anything that can be traded for profit -
usernames, passwords, credit card
details, intellectual property, bank
details, or employee information. The
criminals will then leverage this data
for financial gain. While it's hard to give
concrete figures on the price data will
fetch on the dark web, recent examples
include the aftermath of 2018's British
Airways hack, where stolen logins sold
for as little as £7.
When factoring this is in with the fact
that it takes on average nine months to
discover a breach, the risks become even
clearer. Unfortunately, once the data is
out there, there's not a great deal to be
done to get it back. Therefore, the main
mode of defence for any organisation is
to prevent these breaches happening in
the first place. Businesses need to zero
in on ensuring they have a layered
cybersecurity posture. The idea behind
this is simple: The more barriers are
placed in front of criminals, the better
the chances to prevent them stealing
data. By looking at cybersecurity in this
way, companies can build an extremely
robust line of defence.
This will not only require a blend of
the best technology available, such as
strong identification and authorisation,
sandboxing, SSL encryption, and cloud
application security, but indeed also
a consistent emphasis on employee
education. Even with the finest
technology in the world, if workers
are not wise to the nature of threats,
a simple phishing attack could expose
all your data.
Ultimately, combining this approach
with a top-down focus on ensuring that
best practices are being adhered to is
the best way to prevent sensitive data
falling into the wrong hands.
18
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

product review
WANDERA PRIVATE ACCESS
The COVID-19 crisis will continue to
have a lasting impact on the way
businesses around the globe
collaborate and communicate, with
repeated lockdowns forcing them to
embrace remote working. In the rush to
provide secure access to remote workers,
enterprises are finding legacy VPNs (virtual
private networks) are not fit for purpose,
as their flawed trust models leave them
open to all kinds of attacks.
Zero Trust Network Access (ZTNA) is the
new normal for securely accessing today's
cloud and hybrid infrastructures and
Wandera's Private Access (WPA) cloud
service has a simple philosophy - trust no
one. It ensures only authorised users can
access business applications, and allows
organisations to create software-defined
network perimeters that surround and
protect all corporate resources on
premises, in data centres and the cloud.
Wandera takes a mobile-first approach;
but, along with support for iOS and
Android, WPA has Windows 10 and
macOS devices on its guest list. A key
differentiator with legacy VPNs is WPA
provides secure access to applications and
not the network, thus blocking infiltration
and lateral movement by hackers.
WPA creates connections up to four
times faster than legacy VPNs by
employing a non-IPsec protocol, which
uses single-packet authorisation in the
cloud. This fast micro-tunnel activation
provides seamless transitions between
mobile and wireless networks for remote
users on the move.
WPA integrates tightly with existing
identity providers (IdPs) and has Microsoft
Azure AD at the top of the list. It also
works with many others, including Okta,
OneLogin, IBM, Centrify and Ping Identity.
Deployment is a cinch as, from the
Private Access administrative console, we
defined Microsoft Azure as our IdP. After
providing our Microsoft 365 credentials,
WPA grabbed our Tenant ID and we were
ready to go - it's that simple.
Client deployment is equally easy, as
users installed the iOS app on their
mobiles, signed in with their Microsoft
365 credentials and a secure tunnel was
created in seconds. Likewise with our
Windows 10 clients as, after installing the
agent, they logged in using their Microsoft
accounts and were ready to go.
Wandera's admin console presents a
wealth of information on users, global
data usage, overall security ratings, the
top countries devices connect from and
much more. It provides quick access for
sending enrolment links to users and
creating activation profiles, which can
integrate with existing UEM (unified
endpoint management) solutions.
WPA provisions policy-based access
controls to SaaS apps in the public cloud
and enterprise apps hosted privately.
Policies are easy to create, as we selected
Microsoft 365, Box, Dropbox and GSuite
from the predefined list and requested
that all access to these services should be
encrypted and routed through the nearest
Wandera data centre.
From our user's perspective, there is
nothing to see, because the process is
completely transparent. They continued to
access their business apps as normal, with
the client handling tunnel creation and
encryption in the background.
Along with blocking users from accessing
specific web site categories and applying
data usage limits, you can assign riskaware
security policies. Wandera's
MI:RIAM (Mobile Intelligence: Real Time
Insights and Analyst Machine) engine
comes into play here, as it uses the data
gathered by advanced machine learning
techniques to determine if users are at risk
from compromised apps, web content or
devices and automatically blocks access.
Provisioning safe remote access in these
challenging times needn't be a headache
for enterprises, as Wandera's Private
Access provides an elegantly simple, yet
highly secure, ZTNA solution. We found it
remarkably easy to deploy, as it doesn't
require new certificates, accounts or IT
workflows to be created and its light
touch on end user devices ensures they
get the best possible experience.
Product: Private Access
Supplier: Wandera
Web site: www.wandera.com
Tel: +44 (0) 203 301 2660
Sales: sales@wandera.com
www.computingsecurity.co.uk @CSMagAndAwards March 2021 computing security
19

dark web
WHEN DARKNESS FALLS
SHOULD YOUR DATA LEAK, IT MIGHT WELL END UP FOR SALE ON THE DARK WEB,
MAKING YOU VULNERABLE AND AN EASY TARGET FOR ADVANCED ATTACKS
As the ever-vigilant SpyCloud has been
pointing out, there's been an awful
lot of buzz resulting from the recent
so-called 'superbreach', referred to in the
round as 'Collection #1'. "Containing over
772,904,991 unique email addresses and
more than 21 million passwords, this incident
already stands out in terms of its sheer
magnitude of exposure," it states. "It certainly
doesn't help that the data was reportedly
posted to a publicly accessible online forum."
SpyCloud is not so sure the frenzy that
seized the media when this breach erupted
is an accurate reflection of what actually
transpired in this instance. "The proliferation
of stolen or leaked databases has given rise to
credential stuffing, a fairly simple technique
in which criminals load lists of previously
breached credentials (from Linkedin,
MyFitnessPal, MySpace, etc.), called combo
lists, into automated brute-forcing tools to
test credentials en masse. These tools test
stolen passwords against thousands of
targeted websites and applications until there
is a match."
The reality is that, armed with your
credentials, online criminals can take over
your online accounts and start ordering
goods with your credit card. This might
happen before the news of the breach even
goes public. What are the likely consequences
for organisations that have been hit in this
way? What is the worst-case scenario likely
to be? And how can they fight back?
WIDENING AN ATTACK
"As an information security testing company,
we often get asked to assess the possibility
of a threat actor gaining access to an
organisation's critical information or control
of internal networks," says Paul Harris,
managing director, Pentest. "Leaked
credentials, whether they be from the dark
web or public forums, offer a potential entry
point for these engagements and, over the
years, have provided one of the most reliable
routes in."
However, using leaked credentials to gain
access to company accounts isn't necessarily
dangerous on its own, he points out - after
all, the account may have low-level privileges.
"You may get lucky and obtain access to an
account with entry to sensitive data straight
off the bat. It's more likely, though, that
the compromised account is just a starting
point for a wider attack. "Take a red team
engagement we conducted for a large
multinational tech company. They wanted to
know if we could gain domain admin on a
critical network. Our first step: check if leaked
credentials worked. Due to password reuse,
we were able to obtain access to the
company's VPN and gain a presence on their
internal network. From there, we were able
to escalate our privilege level, through further
vulnerabilities, until we had admin access on
a server. Once access to the server had been
obtained, we monitored traffic and, when a
domain admin logged in, we were able to
pull their credentials out of the server
memory, going from leaked user credentials
to complete control of the company's
Microsoft Windows Domain."
But how can you protect yourself against a
scenario such as the one above? "Sadly,
there's no silver bullet, but the more effective
security measures you have in place, the
harder it becomes for a threat actor," states
Harris. "Our broad advice?
Encourage employees to use long, unique,
but easy-to-remember passwords, such as
phrases, and enforce tight password policies.
Introduce 2FA [two-factor authentication]
around key access points, such as VPN, Email,
Office365 etc, and consider tighter user
privilege levels. People should only have
20
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

dark web
access to the information/networks they
truly need to do their job, no more." Finally,
he advises challenge your security posture as
often and as thoroughly as you can. "It's
always better to have an internal team, or
testing provider, find a vulnerability than a
malicious threat take advantage of it."
LUCRATIVE TRADE
As Terry Greer-King, VP EMEA, SonicWall,
points out, the market for stolen data on
the dark web has become a truly lucrative
trade. "Recent years have seen the spoils of
many cyberattacks end up for sale on
underground marketplaces."
He cites the December attack on the
European Medicines Agency (EMA),
confidential information on the Pfizer
COVID vaccine as one notable example of
date being leaked across several hacking
forums. "Needless to say, the fact that
billions of private records are changing
hands poses a threat to businesses
everywhere."
Ultimately, the variety of threats that
businesses could face from the dark web
is endless. "Essentially, criminals are after
anything that can be traded for profit -
usernames, passwords, credit card details,
intellectual property, bank details, or
employee information," adds Greer-King.
"The criminals will then leverage this data
for financial gain. While it's hard to give
concrete figures on the price data will fetch
on the Dark Web, examples include the
aftermath of 2018's British Airways hack,
where stolen logins sold for as little as £7."
It takes on average nine months to
discover a breach, so the risks involved
become even clearer. "Unfortunately, once
the data is out there, there's not a great deal
to be done to get it back. Therefore, the
main mode of defence for any organisation
is to prevent these breaches happening in
the first place. Businesses need to zero in on
ensuring they have a layered cybersecurity
posture. The idea behind this is simple:
the more barriers are placed in front of
criminals, the better the chances are to
prevent them stealing data. By looking at
cybersecurity in this way, companies can
build an extremely robust line of defence."
This will not only require a blend of the
best technology available, he adds, such
as strong identification and authorisation,
sandboxing, SSL encryption, and cloud
application security, but also a consistent
emphasis on employee education. "Even
with the finest technology in the world,
if workers are not wise to the nature of
threats, a simple phishing attack could
expose all your data. Ultimately, combining
this approach with a top-down focus on
ensuring that best practices are being
adhered to is the best way to prevent
sensitive data falling into the wrong hands."
Terry Greer-King, SonicWall: billions of
private records changing hands poses a
threat to businesses everywhere.
Paul Harris, managing director, Pentest:
challenge your security posture as often
and as thoroughly as you can.
UNLOCKING THE COMBINATIONS
Combo (combination) lists - see main text - are usually not that interesting, from
a security standpoint, because they are full of duplicate records, says SpyCloud
(www.spycloud.com). In many cases, duplicates of duplicates of duplicates.
SpyCloud analysts has published content on this subject, in light of the epidemic of
password reuse. "As increasingly more websites and applications require account
creation, people simply can't recall the many unique passwords they use between
accounts," it says. "To make things easier, they reuse passwords amongst multiple
sites, recycle old passwords and/or make only slight modifications to existing
passwords. For criminals, this makes account takeover easier than ever - especially
with the help of massive combo lists such as the one recently disclosed."
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
21

cyber incidents
ATTACKS HIT RECORD HIGH
CYBER SECURITY INCIDENTS ARE NOW OUTSTRIPPING ANYTHING THAT THE
UK'S NATIONAL CYBER SECURITY CENTRE HAS HAD TO DEAL WITH IN THE PAST
The UK's National Cyber Security Centre
(NCSC) handled a record number of
cyber security incidents over the last 12-
month period accounted for. The agency dealt
with 723 serious incidents between
September 2019 and the end of August
2020, a 20% increase on the 602 it handled
the year before. More than 200 of these
incidents were related to the coronavirus,
according to the NCSC's latest annual review.
The NCSC has been taking a series of decisive
actions against malicious actors in the UK and
abroad to combat this threat. We ask those in
the security industry what preventive
measures organisations can carry out, for their
part, to keep them from being victims of such
attacks in 2021.
"Cybercriminals keep a close eye on events
that are happening around the globe," says
Jelle Wieringa, technical evangelist, KnowBe4.
"To them, big events that attract a lot of media
attention are an opportunity around which to
build their attacks. COVID-19 is, unfortunately,
a perfect example of cybercriminals taking
advantage of world events."
Those scams started with information about
COVID-19 infection rates back in March last
year and escalated to contact tracing over the
summer. "With vaccines beginning to be
administered to front line personnel and
healthcare workers, cybercriminals are taking
advantage of this by creating new phishing
emails targeting users to click a malicious link
or open an attachment. And with the world
moving faster and faster, big things seemingly
happen every day. So, there is no shortage of
new events for cybercriminals to choose from.
"For organisations to be able to defend
themselves, they need to know where threats
are coming from and what to defend against.
Gathering security intelligence, whether it is
through open source, paid or otherwise
collected channels, is a great way for
organisations to have visibility into what is
happening, which allows cybercriminals to
predict and prepare." Unfortunately, not
everything can be clearly foreseen. "Therefore,
an organisation needs to be prepared to fend
off attacks, whether they are anticipated or
not," he advises. "And with the pandemic still
holding the world in its grasp, most
employees will be forced to work from home
for at least the foreseeable future. Even after
employees are allowed to return to the office,
it will be a while before everything goes back
to a state of somewhat normal. This leaves
employees particularly vulnerable to social
engineering attacks - something
cybercriminals are well aware of."
Wieringa also points to how social
engineering is a form of deception that is
22
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

cyber incidents
used to manipulate individuals into divulging
confidential or personal information that may
be used for fraudulent and malicious
purposes. "It is a popular tactic for today's
cybercriminals to target humans, which is
why it's so important to build up an
organisation's human firewall and to help
employees make smarter security decisions
every day. This means organisations need to
pay extra attention to the human side of
cybersecurity. Training employees, promoting
and rewarding secure behaviour, and
cultivating a positive security culture
throughout the organisation will be key to
help combat social engineering attacks now
and in the future."
RELENTLESS ATTACKS
Keith Driver, chief technical officer, Titania,
says the figures released by the National Cyber
Security Centre (NCSC) in its 2020 Annual
Review demonstrate the relentless increase in
cases whereby a cybersecurity attack has
resulted in an incident requiring the UK
national response team's attention -with, on
average, almost two serious incidents
occurring every day across the year.
"On a national scale, the NCSC Active Cyber
Defence programme has had incredible
results," he points out. "It continues to roll out
effective capabilities, like the Suspicious Email
Reporting Service [SERS - where you can
forward your suspicious email to
'report@phishing.gov.uk for investigation],
which received 2.3million emails in 2020,
Protected DNS and Exercise in a Box, as well
as a plethora of clear and concise advice
notes."
While these initiatives operate nationally on
behalf of the British public, the protection of
individuals and commercial enterprises
requires us all to take action, he adds. "After
all, as highlighted in the report, 'Cybersecurity
is a team sport' , the NCSC has consistently
promoted that the most effective cyber
defence starts with basic cyber hygiene. The
'10 Steps to cybersecurity' and 'Cyber
Essentials' initiatives have been instrumental in
helping to make the UK a safer place by
providing easy-to-understand and practical
advice on cyber policy and specific technical
protections."
When followed, the advice for endpoints,
the networks they attach to and the people
who use them provides a robust defence to
the most common attacks, eliminating
perhaps 99% of the threat, states Driver.
"Basic cyber hygiene is vital to protect against
the majority of attacks and it's something that
Titania has discussed in depth. That's because
it makes it so much harder for an attacker to
gain a foothold. Everything from password
strength and management, to device and
network node configuration [firewalls, for
example], is integral to operating a resilient
and robust network, and should be
considered."
However, this does not need to be a lengthy
process, he adds. "Much of basic cyber
hygiene assurance can be automated,
meaning it doesn't require human
intervention to check that device
configurations are secure or that policies have
not been breached. I believe that this is where
the value of technical solutions shines. By
providing certainty in understanding that your
policies and required configurations are being
adhered to, the chances of an attacker being
successful are much reduced and resources
can be focused elsewhere, preferably on value
creation."
DEFENDING THE UK
Since its inception in 2016, the NCSC has
done incredible work and continues to defend
the UK in an ever-changing threat landscape,
he continues. "However, organisations and
individuals now need to make the
organisation's job as easy as possible by taking
responsibility for our networks, devices and
actions. This means ensuring that we make it
as hard as possible for those that would do us
harm and be continually vigilant, checking
that this continues to be the case."
Jelle Wieringa, KnowBe4: COVID-19 is a
perfect example of cybercriminals taking
advantage of world events.
Keith Driver, Titania: the NCSC Active
Cyber Defence programme has had
incredible results.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
23

industry insights
THE PATIENT APPROACH PAYS OFF
NHS MANAGEMENT ADOPTS A SECURITY-FIRST MINDSET, WITH HELP FROM AT&T CYBERSECURITY
NHS Management provides
administrative and consulting services
the US southeast region. Naturally,
quality of care is the number one priority, as
is protecting patient data in such a highly
regulated environment. Stephen Locke, CIO
for NHS Management, explains: "There are a
lot of unique challenges in healthcare when
it comes to cybersecurity, particularly with
the increase of regulations over the past ten
years, as well as the complexities that
come with managing inpatient records, and
securing communications between vendors
and third parties."
Around three years ago, during a long
holiday weekend, NHS Management found
itself at the mercy of cyber-attackers, who
hit the company with ransomware at a time
when they knew most people would be
out of the office. Though no data was
compromised, it took about a week to get
the desktops back up and running again after
NHS Management paid the ransom. It was at
this time that Locke had been looking for a
security solution that would give his teams
the visibility into the network they needed to
detect and respond more quickly to security
incidents, such as ransomware.
The company had been using several point
security solutions, but, without a central
point of management combined with lack
of human resources, the logs piled up and
going through them all was a difficult task.
Locke chose to use AT&T Cybersecurity's
Managed Threat Detection and Response
service, instead of building out a dedicated
in-house security operations centre (SOC);
and so the company began its security-first
journey.
BUSINESS SUPPORT IS KEY
Cole Two Bears, systems architect at NHS
Management, expands further, noting that
"business support of what is transpiring
across the network is key, because you can
only secure what you can see, so there has
to be a strong focus on security from within
the organisation". The deployment also had
to be done in a way that didn't disrupt users'
workloads - something that is very important
in a healthcare setting.
And while Locke is not a fan of outsourcing
for outsourcing's sake, he also states: "In our
case, with limited personnel resources, it
made sense from a business perspective,
but also financially, as the AT&T Managed
Detection and Response service is less costly
than having to hire several new skilled
security team members."
The pandemic has brought about many
other challenges, as users have the strong
expectation that they will have access to the
data they need, regardless of their physical
location. And they fully expect to be able to
access it securely. "With more and more
people working outside of your perimeter
walls, you need to provide that line of
communication is highly secure, and people
can get to it all the time and make sure
you're able to submit all the information that
you need to the state government, national
government and the like," says Locke.
"With AT&T Managed Threat Detection and
Response, I'm confident the ransomware
issue we experienced previously wouldn't
have happened," Two Bears concludes.
"We've been delighted and impressed with
the service, which allows our small security
team the time to deliver on other important
projects. Not having enough human capital
is a problem many organisations face,
making a managed security service an ideal
option."
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
24

Computing
Security
Secure systems, secure data, secure people, secure business
Product Review Service
VENDORS – HAS YOUR SOLUTION BEEN
REVIEWED BY COMPUTING SECURITY YET?
The Computing Security review service has been praised by vendors and
readers alike. Each solution is tested by an independent expert whose findings
are published in the magazine along with a photo or screenshot.
Hardware, software and services can all be reviewed.
Many vendors organise a review to coincide with a new launch. However,
please don’t feel that the service is reserved exclusively for new solutions.
A review can also be a good way of introducing an established solution to
a new audience. Are the readers of Computing Security as familiar with
your solution(s) as you would like them to be?
Contact Edward O’Connor on 01689 616000 or email
edward.oconnor@btc.co.uk to make it happen.

email perils
YOU'VE GOT EMAIL... BREACHES
MISDIRECTED EMAILS HAVE BEEN IDENTIFIED AS THE UK'S TOP CAUSE OF REPORTED SECURITY INCIDENTS,
LEADING TO 44% MORE INCIDENTS THAN PHISHING ATTACKS. BRIAN WALL REPORTS
Steve Mulhearn, Fortinet: CISOs must
educate their employees about common
attacks.
During the pandemic, email volumes
have surged, with one-in-two IT
leaders seeing an increase of over
50%. Coupled with the finding that 70%
of IT leaders surveyed reported that they
felt sensitive data is at greater risk when
employees are working from home, the
pandemic has created a perfect storm for
email data breaches.
Will things be any better in 2021, even as
and when emerging vaccines enable us to
get to grips with COVID-19? Has the virus
actually served as a catalyst to ramp up
attacks and will this simply continue, should
the virus be brought under firm control?
Ultimately, can we only ever expect a 'least
worst case' with email and accept that we all
must suffer some level of collateral damage?
CORNERSTONE
As Mark Forrest, CEO, Cryptshare, comments,
email is likely to remain the cornerstone of
our communications for some time to come,
for the simple reason that it is universal,
effective and cheap. "There are a plethora of
point solutions for encrypting, scanning,
blocking, authenticating and protecting
against email-born threats. But, in the end,
we need to solve the puzzle of having all of
these things at a price that our very much
under-pressure budgets demand,” he states.
"Breadth and cost effectiveness have come
into sharp focus during the pandemic where
the promises of the biggest enterprise
software vendors are being found wanting.
This is not a time to drop your defences,"
he cautions, "but there are cost-effective
choices."
With the trend towards a remote
workforce continuing this year, the need to
keep the remote workforce secure will
continue, says Dean Coclin, senior director of
business development at DigiCert. "With
regard to emails, providing tools to warn
users of emails originating outside the
organisation, capabilities to encrypt email
and keeping email safe on mobile devices will
continue to be essential. VPN use will expand
as organisations see the security benefit."
With information about the pandemic
constantly being sought, hackers look to
entice people to click on email links
associated with COVID cures, virus testing
sites and similar topics. "These links can lead
to malicious sites, defective equipment (ie,
PPE) and phishing sites to get login/password
information," he adds. "Cybercriminals will
use whatever hot topic, be it the virus or
something else, to steal credentials from
unsuspecting users."
That said, organisations have become more
adept at increasing their email security, Coclin
points out. "Technologies such as DMARC,
which prevent unauthorised individuals from
sending emails using the company domain,
are becoming more popular. Also, digital
certificates to sign and encrypt email are
being increasingly rolled out at companies,
large and small. The CA/Browser Forum is
currently working on new standards for
email certificates, which are expected to be
released this year. All of these improvements
will help minimise 'collateral damage' and
improve email security for all."
MISDIRECTED MISSIVES
Misdirected emails cause the most incidents
and are, according to Egress CEO Tony
Pepper, "a revolving door" for data breaches,
especially with many organisations moving
26
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

email perils
to long-term remote working and email
becoming an even more vital tool for sharing
business information, particularly sensitive
data. "In fact, our recent Outbound Email
Security Report revealed that 94% of
organisations have seen increased volumes
in outbound email and one-in-two saw
growth of over 50%. With this surge in
email volumes came an increase in the
surface area for risk."
It means people are also more likely to
make errors. "Remote working has created
a challenging environment for many
employees, with a myriad of distractions
present - from providing childcare to
answering the door for deliveries. These
distractions easily lead to employees making
mistakes, such as sending an email to the
wrong person. It's no surprise, then, that
80% of organisations reported data being
put at risk for a reason as simple as the
wrong recipient being added to an email."
STRESS LEVELS SOAR
Employees are also experiencing higher levels
of stress, with the line between work and
home life more blurred than before,"
continues Pepper. "Our research found
that almost 40% serious email data breach
incidents were caused by tired and stressed
employees."
With some 70% of IT leaders believing
that sensitive data is at greater risk when
employees are working remotely, heightened
insider risk will be an issue for organisations
in the long term, he comments. "If 2020
has taught us anything, it's the importance
of securing the individuals within our
organisation's human layer, so they can work
effectively and productively - particularly
when using email.
“With a combination of the intelligent
technology and robust security training,
organisations can keep their data safe, even
in this period of heightened insider risk,"
Pepper concludes.
One of the biggest vulnerabilities that has
presented itself since the increase in remote
working patterns is the advancement of
social engineering tactics," comments
Steve Mulhearn, director of enhanced
technologies, Fortinet. "Unscrupulous actors
are leveraging important contextual
information about users, including daily
routines, habits, or financial information and
the chaos of email is the easiest place to slip
by unnoticed."
The most common security breach
experienced by UK businesses in 2020
according to GOV UK , were phishing
attacks, with 86% of businesses falling
foul of fraudulent emails and redirects to
fraudulent websites, he adds. "To combat
this risk, CISOs must educate their employees
about common attacks that could appear
in the form of phishing, spear phishing,
smishing or various other tech support
scams." The simple tap of the shoulder in
offices of old has drifted away, and now
employees are left to the confinement of the
four walls of their home office and inbox,
rues Mulhearn. "However, the home office
should remain purely an extension of the
corporate security policy, and employee and
company cyber behaviour should stay the
same. One way of implementing this is
through a Zero Trust Network Access (ZTNA)
model and ensuring flexibility is increased
without the increase in risk. If malware is
installed, then isolation and data access
restriction to remediate is critical, and
Endpoint Detection and Response (EDR)
systems play a crucial part in this process."
He emphasises that, through cyber
awareness training and instilling the correct
habits, such as email best practice, you can
create a culture of security, relieving pressure
on the security team and allowing a 'human
firewall' to be built around the business. "If
the awareness of threats is combined with
habit, every individual within the business will
be able to take greater care of their own
cyber brick within the wall."
Tony Pepper, Egress CEO: Misdirected
emails are a revolving door for data
breaches.
Dean Coclin, DigiCert: VPN use will
expand as organisations see the security
benefit.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
27

iometrics
CHANGE IS ON THE CARDS
EVER WONDERED WHETHER WORKPLACE SECURITY, NO MATTER WHERE YOU ARE,
MIGHT BE POSSIBLE? PERHAPS BIOMETRICS COULD OFFER A WAY FORWARD
regulated and more susceptible to attack."
To minimise crime and financial losses,
enterprises need more control over who can
access their buildings, or offices - wherever
they might be - and access to their servers
and digital data, she advises.
"With biometrics gathering momentum
beyond smartphones, it can offer more
secure and convenient authentication across
the workplace that could be at the office, at
home or even at a café."
WHY BIOMETRICS?
Biometric access cards can be thought of
as a modern-day key that combines access
with a multiuse, such as an ID badge.
Each access card is linked to one specific
cardholder, who registers their fingerprint
on the card. When entering a building or
office, or logging into any system, the card's
biometrics must match the person using
the card, ensuring that only authorised
employees gain access.
Traditional security measures no longer
align with modern needs. Passwords,
for example, are easily hacked and
carry the risk of serious data breaches.
Moreover, employees have to remember
an array of different codes across devices
and accounts, leading not only to reuse
and frustration, but costing enterprise IT
department millions a month in resetting
forgotten passwords.
Unsurprisingly, then, the demand for more
secure and seamless access methods has
been rising. One 2019 Gartner study
predicted that 60% of large and global
enterprises, along with 90% of mid-size
enterprises, will implement passwordless
authentication methods in over half of use
cases by 2022.
"This year has put even more pressure on
the need for increased workplace security,
as well as convenience for the employees,"
says Maria Pihlström at Fingerprints.
"Although flexible working was already
a growing trend, it has accelerated
significantly in the light of the pandemic
and remote working mandates, increasing
the average cost of a workplace data breach
by $137,000*. In addition, employees
have started working more flexible hours
on-premises, making building access less
"Since unique biological traits are
extremely difficult to steal and spoof,
biometric access cards are more secure
than traditional access cards and fobs
that require PINs, or no additional
authentication," states Pihlström.
"Compared to existing solutions, the
technology is also more convenient.
You can't forget your fingerprint, after all,
not to mention there's the possibility to
streamline authentication across the
workplace. And if it gets lost or stolen,
no one else can use it. There's no need to
tap or touch a shared PIN pad or reader
either, as the card is contactless.
"These benefits are often far simpler to
28
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

iometrics
realise than many enterprises imagine.
Biometric cards can be integrated into
existing infrastructure across offices,
enabling improved workplace security that
is convenient for both employers and their
employees. And because the biometric data
is stored and processed on the card, privacy
is guaranteed for employees, while
organisations don't have the cost,
complexity and compliance headaches
associated with managing biometric
databases," she points out.
ADDING SECURITY AND CONVENIENCE
Use cases for biometric access cards are
numerous. "Besides unlocking doors, the
cards can also be used for any other new or
existing authentication access point across
the workplace, such as logging into work
computers or digital files, accessing time
and attendance systems, and resetting
alarm systems. The benefits of increased
and more convenient security reach far
beyond keeping burglars out." From
preventing industry espionage to managing
personnel in vital industries, she offers three
examples where biometric access cards can
add security where it matters.
"In healthcare, whether for certain
wards, drugs cabinets or operation rooms,
protected access is crucial. Moreover, with
two-factor authentication already in place
for many access points or to review patient
data, traditional methods can add time
pressure to often busy workdays.
Combining security and convenience,
biometric cards can strengthen access
control systems, while removing a point of
friction for many healthcare professionals.
The UK's NHS is just one example that's
recently announced it's investing £40 million
in implementing biometrics to remedy staff
stress and frustration with the legacy IT
system access process.**
In a pharmacy setting, biometric access
cards can also ensure that only qualified
employees have access to certain
medications. "Similarly, it can conveniently
unlock the issuance of medicine in digital
systems for permitted staff and allow them
- and only them - to review and update
the personal health information of their
patients," she adds.
KEEPING CORPORATE SECRETS
Corporations and enterprises hold many
highly sensitive files that, if stolen or
otherwise compromised, could damage
the company or individuals. From legal
offices to accountancy firms, biometric
access cards could not only keep offices
highly secure, but also lock devices and
certain files on a company's system. "By
locking digital files with biometrics, only
employees working on a particular project
would have access to the information,
ensuring that confidential information is
no longer at the mercy of easily hacked
passwords. And when files do disappear
or fall into the wrong hands, a meticulous
record showing who last had access to the
office or information can facilitate a
smoother investigation of the data
breach."
Labs and R&D departments are often
subject to industry espionage. In this type
of workplace, biometric access cards can
ensure sensitive information stays under
lock and (digital) key. "But ideas are not the
only thing kept safe by the cards. Because
labs can contain dangerous materials,
substances and machinery, controlled
access is even more important. Biometrics
can enable more controlled and secure
access, ensuring hazardous premises are
only accessible to trained and authorised
personnel. Research departments are
also often sensitive and sterile test
environments, and require meticulous
logs of who has entered an area or
operated a machine. Biometric security
systems can reduce errors in attendance
logging, creating more predictable test
environments and, ultimately, facilitating
more accurate test results."
Maria Pihlström, Fingerprints: remote
working has made building access less
regulated and more susceptible to attack.
Hacked and forgotten passwords cost IT
departments millions a year, while lost keys
and forgotten passwords are a number one
frustration for many employees. Biometric
access cards can provide a more convenient
and secure authentication solution for both
physical and logical access control, offering
a solution to security breaches and the need
to remember multiple strong passwords.
"But the technology can go beyond just
cost savings for IT teams and reducing daily
annoyances," Pihlström points out. "By
offering improved security in high-stake
industries, biometrics can ensure that
medication is authorised by the right
person, compromising information is kept
confidential, and inventors keep control
of their intellectual property. In this way,
biometric access cards bring a whole new
dimension to worriless workdays, unlocking
a modern workplace security system that
adds convenient security where it truly
matters," she concludes.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
29

cyber refocus
CYBER STRATEGY HITS CRITICAL POINT
CYBER SECURITY HAS NEVER HAD MORE RELEVANCE, WHEN SET AGAINST A BURGEONING BACKDROP
OF CHALLENGES THAT WILL UNDOUBTEDLY CONTINUE TO VEX ORGANISATIONS IN THE YEAR AHEAD
Daisy McCartney, PwC: security teams
need a mix of soft and technical skills,
coupled with business knowledge.
The increasing sophistication of cyber
criminals, coupled with the rapid shift
to digital technologies brought about
by the coronavirus (COVID-19) pandemic,
has emphasised cyber security's importance
for both individual organisations and
wider society. Amidst this backdrop, the
professional services network firm PwC has
launched its latest insights into what's
changing and what's next in cyber security.
The findings are based on a survey of 3,249
business and technology executives from
around the world, including 265 in the UK.
An overwhelming 96% of UK respondents
said that they will shift their cyber security
strategy, due to COVID-19, with half now
saying they are more likely to consider
cyber security in every business decision. In
addition, a third of UK respondents (34%)
plan to accelerate their digitalisation plans,
on account of COVID-19.
When asked what they saw as being the
most likely cyber events to impact their
industry over the next 12 months, 58% of
UK respondents cited an attack on cloud
services, followed by a disruptionware
attack on critical business services (52%)
and a ransomware attack (50%).
At a global level, PwC's research showed
that the strategic focus on cyber security
will lead to a more prominent role for the
chief information security officer (CISO).
Two-fifths (43%) of global respondents
agree that there will be more frequent
interactions between the CISO and CEO
or board, but this falls to 34% in the UK.
This shows that more needs to be done to
elevate cyber security conversations to UK
boardrooms, says PwC, and this could be
achieved by better aligning cyber risk to
business strategy.
LOW CONFIDENCE
The research found that a majority of
organisations lack confidence in their cyber
spend. Just 38% of UK respondents are very
confident their cyber budget is allocated to
the most significant cyber risks, compared
to 44% globally. Similarly, only 36% of UK
respondents are very confident that they
are getting the best return on their cyber
spend versus 42% globally. Despite this lack
of confidence, 56% of UK respondents are
planning to increase their cyber budgets in
2021.
Richard Horne, cyber security chair, PwC,
comments: "It's surprising that so many
organisations lack confidence in their cyber
security spend. It shows businesses need
to improve their understanding of cyber
threats and the vulnerabilities they exploit,
while changing the way they think about
cyber risk, so it becomes an intrinsic part of
every business decision."
When asked whether they would be
expanding their cyber security teams in
2020, 42% of UK respondents said they
plan to increase their headcount, compared
to 51% globally. However, the research also
found that more than a fifth (22%) of UK
organisations are planning to decrease the
size of their cyber security team, compared
to 16% globally.
New hires in the UK are expected to
possess more than just technical
knowledge. When asked which cyber
30
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

cyber refocus
security skills were most in demand, UK
respondents cited security intelligence
(46%) and the ability to work with cloud
solutions (40%) as the most important
skills for new employees, closely followed
by communication (38%), project
management (38%) and analytical skills
(37%). This reflects the evolution of the
industry, states PwC, with cyber teams now
required to work collaboratively with the
rest of the business to develop a strategic,
analytical approach to cyber security.
Daisy McCartney, cyber security culture
and behaviour lead at PwC, argues that, as
cyber security becomes a strategic priority,
organisations should be hiring talent from
more diverse backgrounds. "Security teams
need a mix of soft and technical skills,
coupled with business knowledge - this
helps improve collaboration with senior
leaders and ensures that cyber security
decisions support the organisation's
strategic goals."
SPOTTED AND BLOCKED
Meanwhile, cyber attacks may soon be
spotted and blocked before they even have
a chance to wreak havoc in organisations'
operations, according to cyber security firm
BlackDice, which is developing the machine
learning and predictive analytics designed
to forecast and protect against cyber
attacks, following a £100,000 grant from
Innovate UK, the UK's innovation agency's
Sustainable Innovation Fund. The objective
is to help all UK sectors rebuild after the
effects of COVID-19. BlackDice applied for
the grant on 1 September 2020 and will
use the funding to develop machine
learning in predictive analytics, allowing the
technology to forecast cyber-attacks before
they happen. Telecom operators will have
the ability to watch attack scenarios to
help them understand external activity,
which is a key indicator of the internet and
behaviour data from BlackDice's device
network.
Innovate UK will be investing up to £191
million to fund single and collaborative
research and development projects through
its Sustainable Innovation Fund over the
next two years. The programme will fund
1,103 projects, 1,189 businesses, with a
total of more than £130 million in support
for the UK.
"These funds feed directly into BlackDice's
2021 plans for software development," says
Paul Hague, CEO of BlackDice. "The funds
will help to provide state-of-the-art
preventive vaccine technology, which
helps to protect devices and networks
from the rising threat of cyber-attacks.
2020 has been a challenging year for
telecommunication operators, and this
grant shows the importance of cyber
security solutions and how they can keep
customers' data safe from harm."
Richard Horne, PwC: surprising so many
organisations lack confidence in their
cyber security spend.
Paul Hague, BlackDice: aim is to protect
devices and networks from rising threat
of cyber-attacks.
COVID-19 DRIVES NEW THINKING
In a wide-ranging PwC survey of UK executives, 96% say they have shifted their
cyber security strategy, due to COVID-19:
34% state that they are accelerating digitisation
Only 38% are very confident their cyber budget is allocated to the most
significant cyber risks
42% plan to increase cyber team headcount.
However, the UK responses lag somewhere behind global findings in a number of
key areas, states PwC, such as the importance of the CISO role, return on cyber
spend and headcount.
www.computingsecurity.co.uk @CSMagAndAwards
March 2021 computing security
31

2020 CS Awards
Computing Security Awards 2020
EXCELLENCE SHINES THROUGH
It may not have been possible to gather together in the usual way to celebrate the 2020 Computing Security Awards, but even the virus
couldn't prevent them from going ahead.
Remote they might have been, with master of ceremonies Chris Cowdrey and editor Brian Wall (both dressed in full regalia!) revealing
the winners by video link, but the tingle of excitement as the top performers were announced across the various categories was still
unmistakable.
And although it wasn't possible on this occasion to actually see the bottles of champagne being opened as the celebrations began, you
could still almost hear the corks being popped, as victorious company upon company, individual after individual, showed exactly why our
industry is right at the top of its game.
To see who won what - and to soak up the atmosphere of what was, despite everything, still a truly gala occasion - check out all of the
victors and runners-up on the following pages. And to see the awards ceremony itself in full, go to: https://youtu.be/bLmvHafBiLg
32
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

2020 CS Awards
Email Security Solution of the Year
WINNER: Libraesva - Email Security Gateway
RUNNER-UP: VIPRE Security - VIPRE Email Security ATP
"We would like to thank not only our staff who have dedicated their time to making Libraesva the best solution on the market, but also
our partners and customers across the globe who continue to work closely alongside us and voted for Libraesva in the awards! We have
ambitious plans for 2021 and we cannot wait to share these with you throughout the year." - Paolo Frizzi, CEO Libraesva.
Anti-Malware Solution of the Year
WINNER: VIPRE Security - VIPRE Endpoint Security
RUNNER-UP: Malwarebytes - Malwarebytes
"We believe very strongly in our Endpoint Security Cloud service and the powerful protection it provides against modern-day threats. But
to be voted Anti-Malware Solution of the year means that our customers and partners love it as much as we do. It is such fantastic
feedback and proof of the quality of the product – thank you so much to everyone who voted!" - Yvonne Conway, Marketing Manager
UK and Ireland
Incident Response & Investigation Security Service Provider of the Year
WINNER: AT&T Cybersecurity
RUNNER-UP: Cyjax
“With every second counting after a cyberattack, quick action to investigate and remediate an incident is critical for minimising impact.
In these stressful situations, organisations need a trusted advisor to help guide them to successful containment and recovery. We are
honoured to be receiving recognition from Computing Security Magazine for our Incident Response and Forensics Service.” - Bindu
Sundaresan, Director, AT&T Cybersecurity
Network Security Solution of the Year
WINNER: Neustar - UltraThreat Feeds
RUNNER-UP: Endace - Endace Probe
We are very proud to have won three separate awards at these prestigious Computing Security Awards. Demonstrating the depth and
value of our security offerings, Neustar was recognised with awards in three different categories:
Network Security Solution of the Year: Neustar UltraThreat Feeds Web Application Firewall of the Year: Neustar UltraWAF
One to Watch Security Product: Neustar UltraGeoPoint
We are honoured to have earned these three awards from such a respected and important publication.
For more information, contact security@team.neustar, or call us at 1-855-898-0036 in the US and +44 1784 448444 in the UK.
www.computingsecurity.co.uk March 2021 computing security
@CSMagAndAwards
33

2020 CS Awards
Encryption Solution of the Year
WINNER: Cryptshare AG - Cryptshare
RUNNER-UP: Egress - Egress Intelligent Email Security
"Competitions such as this are important, as they help to blow the smoke of often false vendor claims away and expose the deeper
reality of the value of a few well-engineered products above a mass of ‘me too’ products. We were delighted to win this award and can
I thank the many customers who voted for us. We spend huge efforts to understand the issues in the market, and design and build the
best software to solve those problems. We are growing fast by direct customer references and, in the end, anybody can try our software,
prove the value for themselves and, in due course, gain the confidence of great security at a fair cost. Don't be shy, try Cryptshare soon
and make it part of your recovery plans!" - Cryptshare CEO Mark Forrest
Advanced Persistent Threat (APT) Solution of the Year
WINNER: Heimdal Security - Thor Foresight RUNNER-UP: SonicWall - RTDMI (Real Time Deep Memory Inspection)
Through its traffic filtering capability, Heimdal stops ransomware attacks at all stages: before, during and after the attack. Heimdal
combines automatic software updates with powerful Traffic Scanning for effective security against exploits kits. Using its unique
intelligence, Heimdal blocks malicious connections that try to harvest and steal your confidential financial information.
DLP Solution of the Year
WINNER: Kingston Technology Group Co LLP - DTVP30
RUNNER-UP: CoSoSys - Endpoint Protector
"We are honoured to be awarded with the DLP Solution of the Year. Our DT Vault Privacy 3.0 provides an affordable business-grade
security USB drive with 256-bit AES hardware-based encryption that protects data and enforces complex password protection to prevent
unauthorised access. The drive locks down and reformats after 10 intrusion attempts, so it is an ideal solution in this new working-fromhome
environment to prevent data loss wherever you are working from."
Compliance Award - Security
WINNER: Metacompliance
RUNNER-UP: ADISA
"We were thrilled to win the Compliance Security Award at the Network Computing Security Awards 2020. It's testament to the strength
of our innovative products and our unique ability to offer Cyber Security and privacy solutions from a unified platform. Thank you so
much to everyone that took the time to vote for us." - Robert O'Brien, CEO MetaCompliance.
AI and Machine learning-based Security Solution of the Year
WINNER: SonicWall - RTDMI (Real Time Deep Memory Inspection)
RUNNER-UP: VIPRE - Email Security Attachment Threat Protection
"SonicWall was honoured to be named the winner in the ‘AI and Machine Learning-based Security Solution of the Year’ Award at the
Computing Security Awards for its patent-pending Real-Time Deep Memory Inspection (RTDMI). RTDMI technology enables SonicWall
Capture Advanced Threat Protection (ATP) to catch more malware faster than behaviour-based sandboxing methods, with a lower false
positive rate." - Will Benton, Regional Sales Director North EMEA, SonicWall
Identity and Access Management Solution of the Year
WINNER: SecurEnvoy - SecurEnvoy SecureIdentity IAM
RUNNER-UP: My1Login - My1Login Enterprise IAM
"SecurEnvoy is delighted to have won Identity and Access Management Solution of the Year. For almost 20 years, we have been a leader
in designing innovative security solutions and to be recognised for this by our customers shows we have continued to be a point of trust
and expertise. A huge thank you to all who voted, and to the incredible SecurEnvoy team. - Adam Bruce, Chief Revenue Officer/CRO
34
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

2020 CS Awards
Anti Phishing Solution of the Year
WINNER: Libraesva - Email Security Gateway
RUNNER-UP: Metacompliance - MetaPhish
"We would like to thank not only our staff who have dedicated their time to making Libraesva the best solution on the market, but also
our partners and customers across the globe who continue to work closely alongside us and voted for Libraesva in the awards! We have
ambitious plans for 2021 and we cannot wait to share these with you throughout the year." - Paolo Frizzi, CEO Libraesva.
Secure Data & Asset Disposal Company of the Year
WINNER: Computer Disposals Limited
RUNNER-UP: Sims Lifecycle Services
“Winning this award for ‘Secure Data & Asset Disposal Company of the Year’ is a fantastic accolade for CDL. It’s been a tough year for all
businesses across the UK, but to be recognised as the industry leaders in this field is a real compliment to the dedication the staff have
shown in getting us where we are today. “ - Ben Griffin, Sales and Marketing Director, Computer Disposals Ltd
Cloud-Delivered Security Solution of the Year
WINNER: Edgescan - Edgescan
RUNNER-UP: SonicWall - NSv Series
"We are delighted to have been awarded ‘Cloud-Delivered Security Solution of the Year’ 2020, our first time winning this award. This
award stands to the hard work our team has put into creating and delivering an award-winning vulnerability management platform that
is delivered on the cloud. - Eoin Keary CEO
New Cloud-Delivered Security Solution of the Year
WINNER: Check Point - CloudGuard
RUNNER-UP: Redsift - OnDMARC
"It's particularly gratifying to receive the Computing Security award, as it is voted for by partners and end users in the IT and cybersecurity
communities. Cloud security is challenging and the biggest challenge is unifying security across multiple clouds, as analysts agree
that over 80% of organisations use two or more cloud providers. Check Point CloudGuard solves this problem, giving organisations the
most advanced and agile cloud-native security, together with holistic visibility and automated management, and enforcement of security
policies across their cloud estates." - Andy Wright, regional director for Northern Europe at Check Point Software Technologies
Mobile Security Solution of the Year
WINNER: Wandera - Wandera Security Suite
RUNNER-UP: Lookout - Lookout
"Now, more than ever, it's clear that secure remote access is imperative for organisations across industries. Being recognised in the
Computing Security Awards is a testament to the work we have done in modernising secure remote access, so our customers have the
technology they need to seamlessly and securely keep their employees connected, no matter where they are and what device they are
using. We're looking forward to meeting the challenges of 2021 head on, as we work to make a secure and productive borderless
enterprise easily attainable." - Eldar Tuvey, CEO and Founder of Wandera
Penetration Testing Solution of the Year
WINNER: Edgescan - Edgescan
RUNNER-UP: Redscan - Redscan Penetration Testing
"We are delighted to have been awarded Pen Testing Solutions of the year 2020 for a second year in a row. It highlights the amount of
work and time we put into our pen test solutions and to our team that delivers the results." - Rahim Jina COO
www.computingsecurity.co.uk March 2021 computing security
@CSMagAndAwards
35

2020 CS Awards
Remote Monitoring Security Solution of the Year
WINNER: Wallix - Wallix Bastion
RUNNER-UP: Redscan - ThreatDetect
"With the win of the ‘Remote Monitoring Security Solution of the Year’ award for the WALLIX Bastion by Computing Security Magazine,
WALLIX confirmed another market recognition as European specialist in Identity and Access Security Solutions. WALLIX's unified
solutions portfolio enables companies to detect and be resilient to cyberattacks. They also ensure compliance with regulatory
requirements regarding access to IT infrastructures and critical data. More than 1,200 organisations from the public and private sectors
have chosen WALLIX to secure their digital transformation. To find out how WALLIX can help you regain control of your data anytime,
anywhere, visit www.wallix.com."
New Security Software Solution of the Year
WINNER: Rohde & Schwarz Cybersecurity - R&S Trusted VPN Client
RUNNER-UP: SecurEnvoy - SecurEnvoy Data Discovery Essentials
R&S®Trusted VPN Client wins category "New Security Software Solution of the Year"
R&S®Trusted VPN Client is a software-based VPN client enabling users to work in a secure and encrypted mobile environment while complying
with the high security requirements of federal authorities. The solution protects the network communication of a client platform (Windows laptop
or tablet) with a government or corporate network over an untrusted network such as the internet. The Federal Office for Information Security has
granted approval up to classification level VS-NfD (RESTRICTED), NATO RESTRICTED and EU RESTRICTED for the new, software-only R&S®Trusted
VPN Client. - Daniel Heck, Vice President Marketing, Rohde & Schwarz Cybersecurity
Security Education and Training Provider of the Year
WINNER: KnowBe4
RUNNER-UP: Metacompliance
"Winning several industry-recognised awards in the UK is a great honor for our organisation. One of our main goals is to provide
always fresh security awareness training content and simulated phishing templates to keep up with the evolving cybersecurity threat
landscape. Being recognised in this awards programmes in the UK as training provider of the year speaks volumes to the quality of
our training.” - Malik, security awareness advocate - KnowBe4
Web Application Firewall of the Year
WINNER: Neustar - Neustar Ultra WAF
RUNNER-UP: F5 Networks - Silverline WAF
"We are very proud to have won three separate awards at the prestigious Computing Security Awards. Demonstrating the depth and
value of our security offerings, Neustar was recognised with awards in three different categories:
Network Security Solution of the Year: Neustar UltraThreat Feeds Web Application Firewall of the Year: Neustar UltraWAF
One to Watch Security Product: Neustar UltraGeoPoint
We are honoured to have earned these three awards from such a respected and important publication."
For more information, contact security@team.neustar, or call us at 1-855-898-0036 in the US and +44 1784 448444 in the UK.
Threat Intelligence Award
WINNER: Cyjax
RUNNER-UP: Webroot
"Cyjax is delighted to receive this award. In 2020, we had to innovate to reach our existing users and potential customers. We made much of
our high-quality research available to the public and not-for-profit organisations focused on protecting our digital economy. We appreciate the
votes of support from the information security community and our customers in the Finance, Pharmaceuticals and Public Services sectors who
believe threat intelligence is a key component in protecting against the ravages of cybercrime. We would like to thank you once again for this
award and wish all your readers a prosperous 2021." - Kevin McMahon, Cyjax CEO and Founder
Security Reseller of the Year
WINNER: Brookcourt Solutions
RUNNER-UP: NGS
"We are absolutely thrilled to have been recognised as ‘Security Reseller of the Year’. We strive to deliver innovative and effective cyber
security solutions to our customers, and to have won this prestigious award shows that we implement the right partnerships and
approach to meet customer needs, even during challenging times."
36
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

2020 CS Awards
Security Distributor of the Year
WINNER: Nuvias
RUNNER-UP: Brigantia Partners
The Nuvias Group is the fast-growing European next-generation distributor, with a broad range of innovative services and solutions
designed to secure customer success, and accelerate partner and vendor growth. In collaboration with leading technology suppliers, we
specialise in providing security, agility and manageability for clients, networks and cloud technology solutions through an ecosystem of
highly skilled channel partners.
Enterprise Security Solution of the Year
WINNER: Rohde & Schwarz Cybersecurity - R&S Trusted Gate
RUNNER-UP: F5 Networks - Silverline WAF
R&S®Trusted Gate wins category ‘Enterprise Security Solution of the Year’.
"R&S®Trusted Gate is a Cloud Data Protection Gateway which uses a data-centric approach to let you keep full control of your data on
any kind of infrastructure. It can be deployed on-premises, in the cloud or in hybrid mode. As a server-based solution, there is no need
for additional software on the client side." - Daniel Heck, Vice President Marketing, Rohde & Schwarz Cybersecurity
SME Security Solution of the Year
WINNER: Redscan - ThreatDetect
RUNNER-UP: Titania - PAWS
"It’s always pleasing to receive industry recognition, but it’s particularly satisfying when it is the votes of our customers and partners that
helped us secure an award. To win an award for a fifth successive year is a proud moment for the team, especially in such a challenging
year. We’re committed to maintaining our high standards and protecting organisations through these difficult times by improving our
services year-on-year." - Simon Monahan, Redscan Director of Product Marketing.
Contribution to CyberSecurity Award - Person
WINNER: David Calder of Adarma
RUNNER-UP: Stu Sjouwerman of KnowBe4
"I’m very proud, thankful and humbled to have received the Computing Security ‘Contribution to CyberSecurity - Person’ Award. I’ve
been lucky enough to work in the security industry since the late nineties and I still love it today.
We formed Adarma to make the world a safer place for our customers - and, in turn, safer for their customers. We wanted to help
create the next generation of security leaders, and to build a sustainable and ethical business. This gives me energy every day.
I’m incredibly touched to win the award for doing what I love. Thank you to everyone. - David Calder, Chief Product Officer
Customer Service Award - Security
WINNER: Titania Ltd
RUNNER-UP: Brookcourt Solutions
"We were thrilled to be crowned the winner of the Customer Service Award. In a year where concerns around Cyber Security have come
to the forefront, due to remote working becoming the norm, increased online spending and threats to the healthcare sector, we
appreciate how vital our software is to organisations worldwide. Our team has proactively continued to support our customers during
this challenging time, helping them to accurately identify vulnerabilities to their organisation and improve cyber hygiene to ensure
essential business operations can continue." - Kirsty Fisher, Chief Financial Officer, Titania.
Security Service Provider of the Year
WINNER: Brookcourt Solutions
RUNNER-UP: AT&T Cybersecurity
"We truly believe in giving a consistently excellent service to our customers and it is crucial to our company values. Winning this
significant award that links to service is an achievement we are extremely proud of. Thank you to all our customers that voted for us."
www.computingsecurity.co.uk March 2021 computing security
@CSMagAndAwards
37

2020 CS Awards
Security Project of the Year - Public Sector
WINNER: Egress and Haringey Council
"We're delighted to win this award with our customer, London Borough of Haringey. At Egress, we pride ourselves on delivering
maximum value for all our customers - particularly when helping them to drive business efficiency while keeping highly sensitive data
safe. It is brilliant to see the industry recognising the fantastic work carried out between the London Borough of Haringey and Egress to
support digital communication and an entirely new way of operating during the COVID-19 pandemic." - Mark Lendon, SVP of Sales
at Egress
Security Project of the Year - Private Sector
WINNER: KnowBe4 and SIG PLC
"Winning several industry-recognised awards in the UK is a great honor for our organisation. One of our main goals is to provide
always fresh security awareness training content and simulated phishing templates to keep up with the evolving cybersecurity threat
landscape. Being recognised in this awards programmes in the UK as training provider of the year speaks volumes to the quality of
our training." - Malik, security awareness advocate - KnowBe4
Editor's Choice
WINNER: Hornet Security - 365 Total Protection
"Hornetsecurity is honoured and delighted to receive the Computing Security Award for our 365 Total Protection service. It confirms
to us once again that our service addresses the needs of Microsoft 365 users for additional security in the best possible way. We would
like to thank the Computing Security team for the transparent and uncomplicated review process!" - Yvonne Bernard – Head of Product
Management
One to Watch Security - Company
WINNER: ADISA
RUNNER-UP: Orange Cyber Defense
"ADISA is delighted to have been awarded the ‘One to WatchSecurity - Company’ Computer Security Magazine award. Despite being 10
years’ old, we have been extremely busy in the last 18 months and look forward to announcing some exciting news about work being
concluded with the UK Information Commissioner’s Office and the MoD. Check out our You Tube channel called ADISA Media Centre to
be kept up to date on this news." - Stve Mellings CEO ADISA
One to Watch Security - Product
WINNER: Neustar - UltraGeoPoint
RUNNER-UP: GeoLang - Data Discovery and DLP
"We are very proud to have won three separate awards at the prestigious Computing Security Awards. Demonstrating the depth and
value of our security offerings, Neustar was recognised with awards in three different categories:
Network Security Solution of the Year: Neustar UltraThreat Feeds Web Application Firewall of the Year: Neustar UltraWAF
One to Watch Security Product: Neustar UltraGeoPoint
We are honoured to have earned these three awards from such a respected and important publication."
For more information, contact security@team.neustar, or call us at 1-855-898-0036 in the US and +44 1784 448444 in the UK.
Security Company of the Year
WINNER: Brookcourt Solutions
RUNNER-UP: KnowBe4
"It's a huge honour to have won this prestigious award for the second year running. As a company, we are committed to being a trusted
and reliable partner for our customers, so to be recognised for this award is a huge achievement for us. Thank you to all who took the
time to vote."
38
computing security March 2021 @CSMagAndAwards www.computingsecurity.co.uk

Pragmatic and experienced
risk management professionals
Xcina Consulting provides high quality business and technology risk assurance and
advisory services, which only comes from years of experience in our clients’ shoes.
We help to ensure an organisation’s key risks are appropriately managed; its processes
and controls are robust and fit for purpose; it remains compliant with legislation
and regulation and wherever feasible it leverages industry standards as part of
good practice.
Accredited by the Payment Card Industry’s Security Standards Council as a Qualified
Security Assessor (QSA) company and a British Standards Institution (BSI) platinum
member for the provision of services related to ISO27001 (Information Security) and
ISO22301 (Business Continuity).
All our consultants have 10+ years minimum experience and have held senior level
positions.
Our services can be customised to your needs.
• Business Continuity and Crisis Management
• Data Protection
• Financial Processes & Procedures
• Information Security / Cyber Security
• IT & OT Security
• Payment Card Industry
• Project & Change
• Risk Management
• Control Assurance (ISAE3402 / SSAE18)
• Due Diligence
• Governance
• Internal Audit
• Operational Processes & Procedures
• Process Management
• Regulatory Compliance (finance services)
• Third Party Management
020 3985 8467
www.xcinaconsulting.com
info@xcinaconsulting.com

There’s a difference between
feeling secure & knowing
you're secure.
Information Security Advice
Penetration Testing
Adversary Simulation
www.pentest.co.uk