Our views and opinions, and the results of our analysis of the technology and cyber security scene
Web browsers and email are the dominant routes used by hackers, and they frequently use browser extensions because they are often overlooked by users. What should you be doing as an individual or as an organisation to prevent this?
Email was insecure by design, but additional standards have progressively improved that. However, our recent research has indicated that poor discipline at Microsoft and Google is putting all of that hard work at risk. As the dominant providers of email services to our businesses this puts all of us at risk.
Is human nature at fault for the weakness in our management of technology risk? How do we need to change our perspective as AI makes us more dependent?
Applying the principles of Secure by Design will reduce the security issues that get into operations, and save time and money.
What do Boeing and too many SaaS providers have in common? Both have a history of treating important safety/security features as something to up-sell. We would argue that a software vendor has a moral responsibility for the secure operation of their solution.
When you “Sign in” with Microsoft or Google you may be handing over far more than the responsibility for them to confirm your identity. Some apps seem to be asking for far more permission than they need, or than they should. While this may be bad for an individual, for a business this could have very wide commercial and legal implications.