Regulation

The rise of the Virtual CTO

Posted on

I’ve just found this piece from HFM about Virtual CTO’s. HFM-Tech-magazine IP Sentinel offer a range of virtual CTO (vCTO) services to Fund Managers to help them, amongst other things,  understand IT, mange their risk, assist in Investor Due Diligence, Manage SYSC8 KPI’s, help with regulatory visits. We have a framework of Policies & Procedures that […]

Hacking

If you want to know how to Hack here it is…

Posted on

Last year Hacking Team – who provide an industrial Hacking service to governments was hacked.  The hacker grabbed their email and source code and released it to the world.  Turns out that Hacking Team provided amongst other things covert surveillance software which was sold to some fairly illiberal regimes.  They also manufactured zero-day exploits. A good example […]

Uncategorised

How Secure Is your Data?

Posted on

I’ve written a paper about Information Security.  Here’s the introduction… And here’s a download Link Introduction Information is the life blood of your organisation, from product designs and business plans to client lists and sales data. It is common to carry insurance to protect the “business” itself but how much thought have you given to […]

Uncategorised

FCA – Do they notice IT at all?

Posted on

Looking at the FOI requests submitted to the FCA In August 2015 there was an interesting question about IT. “Please provide me with a list of fines (issued by the FCA to banks and other financial institutions over the past 7 years) relating to a failure in systems and controls of IT systems.  Please list […]

Uncategorised

EU data protection rules affect everyone, say legal experts

Posted on

The EU’s new data protection rules will impact every entity that holds or uses European personal data both inside and outside of Europe, according to legal experts Key changes to EU data protection introduced by the GDPR More rigorous requirements for obtaining consent for collecting personal data. Raising the age of consent for collecting an […]

Uncategorised

EU strikes deal on data protection rules

Posted on

The agreement is the biggest overhaul of European privacy laws in two decades. Notably, the agreement sets the maximum corporate fine for violating user privacy to four percent of a company’s worldwide revenue—significantly more than the marginal sums that companies like Facebook and Google have paid in the past. For a company like Facebook, the […]

Uncategorised

Outlook “letterbomb” exploit could auto-open attacks in e-mail

Posted on

Fixed by Microsoft’s latest patches, bug could be “enterprise killer,” says researcher. Haifei also suggested making registry setting changes with an “Office kill-bit” to block Flash content from automatically opening via OLE By blocking the CLSID D27CDB6E-AE6D-11cf-96B8-444553540000 with Windows Registry Editor: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\COM Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}]”Compatibility Flags”=dword:00000400 Changing this setting will prevent OLE-embedded Flash exploits within other Office […]