Contents
Curbing modern cyberthreats
SAMIR DESAI

Understanding the complexities of operational technology security
ERIC ESCOBAR

A forensic method for investigating manipulated video recordings
ILKER KARA
CEREN KORKMAZ
ALIHAN KARATATAR
MURAT AYDOS

The perfect cyber storm – security budgets, skills shortages and automated attacks
PHIL ROBINSON

Contents
Why do we silo cyber security when criminals don't?
GUY GOLAN

Deciphering Conti and the need for effective SOCs
SCOTT GOODWIN

The psychological problem with ransomware
BEC MCKEOWN

The threats to Jupyter Notebook
ASSAF MORAG

Contents
Preventing ransomware – doing the impossible?
HENRY HARRISON

Securing the organisation by protecting the individual
KATIE PETRILLO

Minimising fraud in a post-Covid world
JAMES RICHARDSON

A new era of bank security challenges
MATT TENGWALL

Mind the gap between cyber security spend, budgets and awareness
ERIC BARNES

Contents
Slow down and frown to improve phishing detection
PATRICIA NEVIN
KAREN RENAUD
GEORGE FINNEY

The rise of phishing: what your staff needs to know
Andrew Weaver

The importance of security for the crypto industry
MARC WILCZEK

The changing role of the chief compliance officer
SIMON WINCHESTER

Waking up to the encryption advantage
JON FIELDING

Contents
Uncovering data relationships to tackle fraud
ALICIA FRAME

SASE and the future of IoT security
MARTIN GIESS

Using AI to combat fraud in the voice channel
AMIT GUPTA

Are cyber security breaches unavoidable?
PAUL O'ROURKE

The future of cyber security
DOMINIK SAMOCIUK

Contents
How to maintain control in a regulated environment
MAT CLOTHIER

The growing need for digital document attestation
MOHAMMED SAHIB

Passwords: The cyber security lesson that was never learned?
STEVEN FURNELL

The G-I of cyber security
KAREN RENAUD

Contents
Cyber security challenges in self-driving cars
AHMED REDHA MAHLOUS

Strategies for counteracting social engineering attacks
RUBIA FATIMA
AFFAN YASIN
LIN LIU
WANG JIANMIN

Why data belongs at the heart of the organisation
RAY PATHAK

Contents
HEAT-wave – defining a new era of cyberthreats
JONATHAN LEE

Ensuring cyber resilience in a digital world
DENNIS MATTOON

Can PCI DSS 4.0 reverse the decline in compliance?
PHIL ROBINSON

Verizon: Data Breach Investigations Report
STEVE MANSFIELD-DEVINE

Contents
Encrypted DNS: The good, the bad and the moot
GEORGIOS KAMBOURAKIS

How SMEs can prevent third-party vendor data breaches
OLIVER PINSON-ROXBURGH

Sophos: The State of Ransomware 2022
STEVE MANSFIELD-DEVINE

Cloud – buzzword or business plan?
PATRICK WRAGG

Contents
The who, what, why and when of data protection impact assessments
NIGEL JONES

RATs in the cloud: gaining access to container environments
ASSAF MORAG

Securing the API economy
TRAVIS SPENCER

The age of holistic consolidation and automation of cyber security
TIM WALLEN

Cyber Security Breaches Survey 2022
STEVE MANSFIELD-DEVINE

How government bodies can lead the field on data management and privacy
JON FIELDING

Contents
Assessing cyber security consumer support from technology retailers
BIAR KOSHNAW
STEVEN FURNELL

Identifying the changing faces of international fraudsters
SAM RANIERI

How tech hiring is changing
GRAHAM HUNTER

Electronic-signatures – elegant solution or operational risk?
JASON PUGH

Is the GDPR a ticking time bomb for companies?
MUNDEEP NAYYAR

Contents
TXOne Networks: 2021 Cyber security Report

Preparing for data reclaim requests from online shopping
GAL RINGEL

Building successful software security initiatives
JACOB EWERS

Managing a remote workforce's IT
SCOTT DAVIDSON

The emergence of data governance as a service
MICHAEL QUEENAN

Why we need more women in cyber security
ANDREA BABBS

The modern CISO: where marketing meets security
ALICE SHORT
ROLAND CARANDANG

Contents
Security should shift left too
BERNARD MONTEL

Better security through diversity – a personal perspective
LEILA IRANMANESH

Identity verification in a post-pandemic world
ROBERT PRIGGE

Life after Emotet – the lessons learned
GEORGE GLASS

Embracing security transformation with MDR
MARTIN RILEY

Securing the blockchain for fintech companies
MARIO GALATOVIC

Contents
NEWS
Supply chain attack on Kaseya compromises hundreds of firms 1
EC to launch joint cyber unit 3

FEATURES
Cyber security: what are we talking about? 6
Read the digital fingerprints: log analysis for digital forensics and security 11
The hardware destruction issue 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Supply chain attack on Kaseya compromises hundreds of firms 1
EC to launch joint cyber unit 3

FEATURES
Cyber security: what are we talking about? 6
Read the digital fingerprints: log analysis for digital forensics and security 11
The hardware destruction issue 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Supply chain attack on Kaseya compromises hundreds of firms 1
EC to launch joint cyber unit 3

FEATURES
Cyber security: what are we talking about? 6
Read the digital fingerprints: log analysis for digital forensics and security 11
The hardware destruction issue 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Supply chain attack on Kaseya compromises hundreds of firms 1
EC to launch joint cyber unit 3

FEATURES
Cyber security: what are we talking about? 6
Read the digital fingerprints: log analysis for digital forensics and security 11
The hardware destruction issue 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Supply chain attack on Kaseya compromises hundreds of firms 1
EC to launch joint cyber unit 3

FEATURES
Cyber security: what are we talking about? 6
Read the digital fingerprints: log analysis for digital forensics and security 11
The hardware destruction issue 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Attack on meat-packing firm provokes White House response 1
Fraud money intercepted 3

FEATURES
Trustworthy digital infrastructure for identity systems: why should privacy matter to security engineers? 6
Learning from learning: detecting account takeovers by identifying forgetful users 11
Deconstructing the SolarWinds breach 17

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Ransomware taskforce launched while attackers score successes against major targets 1
Emotet deleted 3

FEATURES
The practical difference between known and unknown threats 6
SIM boxing – why mobile regulators need to act now 9
How to prepare for the onslaught of phishing email attacks 12
Insider attacks: human-factors attacks and mitigation 14
Are we losing the fight against cybercrime? 18

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
UK Government lays out plans for cyber dominance 1
Acer hit by record ransom 3

FEATURES
What is DOM XSS and why should you care? 6
Governance: the key driver for data-driven innovation 10
Prioritising risk for better efficiency and collaboration 13
Moving from employee compliance to employee success in the cyber security domain 16

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Hundreds of thousands of organisations at risk from Exchange bugs 1
Supply chain attack hits airlines 2

FEATURES
Can’t find that perfect gift? Blame the bots 6
Defending against insider threats with network security’s eighth layer 8
How a humanities background provides real value in cyber security 13
Maximising protection in an era of remote working 16
Cyberthreats are going mobile and it’s time to take action 18

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Infamous Emotet botnet taken down by law enforcement 1
Fraud reaches epidemic levels 3

FEATURES
Achieving GDPR compliance post-Privacy Shield 6
Securing the remote workforce in the new normal 8
Why effective testing is essential to keep pace with advancing threats 12
The rise of MSP & CSP vulnerabilities: storehouses for secure data 15

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
Fraudsters rob banks of millions via emulated mobile devices 1
North Korea attacks Covid-19 research bodies 3

FEATURES
Keep the dark web close and your cyber security tighter 6
Simplifying security: how to navigate the integration challenge 8
Europe’s ambition for digital sovereignty must not undermine the Internet’s values 11
Cyber incident response and planning: a flexible approach 14

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20

Contents
NEWS
More attacks on Covid-19 vaccine suppliers and supply chain 1
Card cloning fuels fraud spree 3

FEATURES
Understanding the full cost of cyber security breaches 6
The pandemic, the acceleration of digital transformation and the impact on cyber security 13
Is the service desk the weakest link in IT security? 15
Credential stuffing: new tools and stolen data drive continued attacks 18

REGULARS
Editorial 2
Report analysis 4
News in brief 5
The Sandbox 20
Calendar 20