Metaluxo IT Security http://www.metaluxo.com Information Security at your reach Mon, 19 Nov 2012 18:48:20 +0000 en-US hourly 1 http://wordpress.org/?v=3.4.2 Startups at increasing risk of being hacked http://www.metaluxo.com/startups-at-increasing-risk-of-being-hacked/ http://www.metaluxo.com/startups-at-increasing-risk-of-being-hacked/#comments Thu, 08 Nov 2012 20:42:41 +0000 Κέρβερος http://www.metaluxo.com/?p=140
Read more ›
]]> London is a great place for startups. I am fortunate enough to live not too far from the Silicon Roundabout, where many tech startups are running and truly pushing the boundaries of technology. It’s a great space for create new things in Europe.

However, it seems that small businesses and startups are neglecting the IT security, not always for lack of resources but many times for lack of reliable information about what information security means for a small business and what consequences data breaches can bring. There is a report from the insurance company Hiscox which indicates that 1 in 10 small businesses are suffering from data breaches. The number might not seem big enough, after all 10% seems a rather low figure, however the statistics are quite concerning when we consider that the economy in the European Union is 99% driven by small and medium businesses.

Even when many good professional software developers are aware of OWASP Top 10 vulnerabilities, system security is not limited to this. SMBs need to be more aware that security is a process and not an objective. A penetration test is good in determining the immediate dangers that a particular application might face. However, this is only a small component of the bigger IT security strategy. We agree with the report of Hiscox that seeking for professional advice in IT security can save a company time and money in the long run and it is a money well invested.

After all, it is cheaper to start a security strategy when the company just starts than trying to implement it when the company is growing. However, this requires a change of the mindset of an entrepreneur, and not only of the technical people, but of the very founders of any company.

 

 

]]> http://www.metaluxo.com/startups-at-increasing-risk-of-being-hacked/feed/ 0 Zero-day exploit merchants http://www.metaluxo.com/zero-day-exploit-merchants/ http://www.metaluxo.com/zero-day-exploit-merchants/#comments Wed, 03 Oct 2012 11:11:55 +0000 Κέρβερος http://www.metaluxo.info/?p=14
Read more ›
]]> There is an interesting article in Tech Week Europe about merchants seeling zero-day exploits in the market. Professor Ross Anderson from University of Cambridge effectively compare the issue with selling burglary tools, which would be illegal in many countries.

 

However, going further of this debate, a more interesting question is that 50% of the people say that they do not even understand the question. This is a quite alarming rate. Of course, it cannot be expected that everybody understands what a zero-day exploit is, but considering Tech Week is oriented to IT people, the rate is quite alarming. This is probably one of the reasons why many small and medium businesses, which don’t have large budgets for IT are neglecting this part of IT security.

 

Probably it is time to raise our awareness in IT security, just like we keep raising our awareness in terrorism, telephone scams and similar awareness campaigns, before it’s too late. Although, it might be already too late, which is even more concerning.

 

 

]]> http://www.metaluxo.com/zero-day-exploit-merchants/feed/ 0