Security
Subscribe to this community
Trickbot analysis and mitigation
Overview We analysed Trickbot during a forensics case and extracted a dropper executable on to a laptop in our malware lab for secondary dynamic analysis, monitoring it in the controlled environment. Trickbot, classified as a Troj...
Monero mining trends and electricity con...
Cryptocurrencies are gaining traction and attention for their unrestricted, low-cost...
Incident Response Triage
Incident Response Triage – identifying, scoping and containing an incident When a security incident occurs, having a defined response and series of steps can help focus efforts on handling the incident in a consistent manner. This response will need to include communications, analysis, containment, eradication, and recovery of systems. This article is an ...
GDPR: What's your justification?
[Updated Oct.19 to add EDPB on Necessary for Contract and ICO on Consent][Updated Sep.18 to repair links broken by the demise of the Article 29 WP website][Updated Oct.17 to include an example where multiple justifications are appropriate]One of the key steps in preparing for the General Data Protection Regulation is to know why you are processing each set of personal data, and...
Free Text and Data Protection
Collections of free text – whether in database fields, documents or email archives – present a challenge both for operations and under data protection law. They may contain personal data but it's hard to find: whether y...
What's the data protection difference be...
[UPDATE] a slightly revised version of this post formed our response to the ICO consultati...
IP Addresses, Privacy and the GDPR
It's well-known that the General Data Protection Regulation says that IP addresses should be treated as personal data because they can be used to single out individuals for different treatment, even if not to actually identify them...
Centralisation of logging using WEF
What I find in my daily incident response work with different sites is the need to promote the importance of logging: namely centralised log collection. It cannot be understated how logs prove invaluable in a security incident. T...
Incident Response Triage – Final steps
Incident Response Triage - Eradication, Recovery and Lessons Learned This is part two of a two-part blog set covering an overview of the Incident Response life-cycle. In response to an incident, the next life-cyc...
Incident Statistics for May 2020
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activit...
GDPR: Attendance Monitoring
A question recently arose about monitoring students' attendance at lectures and tutori...
This blog
I am now blogging on the Cyber Security blog on Jisc Involve.If you are looking for content that was here, I have reposted still relevent posts on that blog....
Choose the right metaphor
I've been reading a fascinating paper by Julia Slupska – "War, Health and Ecosystem: Generative Metaphors in Cybersecurity Governance" – that looks at how the metaphors we choose for Internet (in)security limi...
Business Email Compromise (BEC) group ta...
We have observed a regional threat, targeting and attacking the UK academic sector. We hav...
AI and Ethics: GDPR and beyond
The EU High-Level Expert Group's (HLEG) draft Ethics Guidelines for Trustworthy AI con...
Federated Access Management and the GDPR
[this article is based on the draft text published by the European Council on 28th January...
GDPR: Backups, Archives and the Right to...
I was recently asked how the GDPR's Right to Erasure would affect backups and archives...
Jisc Cyber Security Update January 2016
High profile security breaches: Recent months have seen a number of breaches and issues with several large companies’ online security, resulting in authorised accesses to and theft of personal data:The theft of 21,000 unique bank...
DPIA - Security Operations Centre
Delighted to report that our first Data Protection Impact Assessment, for the Janet Security Operations Centre, is now publiushed athttp://repository.jisc.ac.uk/6847/1/Jisc_security_operations_centre_-_data_protection_impact_assessment...
Janet and the Internet of Things
Organisations connecting to Janet are required to implement three policies: the Eligibilit...
Latest activity
I am now blogging on the Cyber Security blog on Jisc Involve.
If you are looking for...
** Please be advised that the Jisc Community site is due to be decommissioned shortly.
This will mean that this group will no longer...
The Community group for the Jisc Assent Service launched on 25 March 2015
Jisc, as the service operator, will post things on here relevant to the service but...
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education...
These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education...
** Please be advised that the Jisc Community site is due to be decommissioned shortly.
This will mean that this group will no longer...
You may be aware of the launch by the government of CISP - the Cyber Security Information Sharing Partnership.
It's a web based environment in which various...
** Please be advised that the Jisc Community site is due to be decommissioned shortly.
This will mean that this group will no longer...
JiscCommunity has been this blog's home for eight years, but I'm now moving over to JiscInform. That has many nice features, notably that it works really well on...
