Dan Swinhoe

Editor

Dan Swinhoe is UK Editor of CSO Online. Previously he was Senior Staff Writer at IDG Connect.

The Data Protection Act 2018 explained: What UK CISOs need to know

The Data Protection Act 2018 explained: What UK CISOs need to know

The UK’s implementation of EU's GDPR shares the same core requirements but has key differences for certain kinds of data and processing.

COVID complicates ISO 27001 audits, creating risk for some UK companies

COVID complicates ISO 27001 audits, creating risk for some UK companies

COVID has made in-person ISO audits more difficult, so companies need to be aware of new rules around remote audits to continue to meet security standards.

Q&A: Modernizing security at Aston Martin

Q&A: Modernizing security at Aston Martin

A self-assessment of the company's security posture revealed a need to replace legacy tools with cloud-based, automated solutions.

What is the cost of a data breach?

What is the cost of a data breach?

Data breach costs can be ongoing for years, a new study finds. Here's the breakdown of costs and advice on how to minimize them.

Episode 3: Guiding CISOs through change planning for the new way of working

Episode 3: Guiding CISOs through change planning for the new way of working

Cisco’s CISO expert discusses how companies have been adapting to security challenges during the Coronavirus pandemic.

Episode 2: Reshaping the security strategy for our new way of working

Episode 2: Reshaping the security strategy for our new way of working

COVID-19 has affected organisations of all shapes and sizes. Find out how Brunel University adapted in the face of Coronavirus to secure its remote workforce and what it plans for the future. For more information, visit...

Episode 1: Preparing for the next phase in secure remote working

Episode 1: Preparing for the next phase in secure remote working

Companies scrambled to adopt work from home technologies and policies during the COVID-19 crisis. But will working remotely become a permanent fixture for organisations, how do they need to adapt those temporary measures to ensure...

What is a dictionary attack? And how you can easily stop them

What is a dictionary attack? And how you can easily stop them

A dictionary attack is a targeted form of brute force attack that runs through lists of common words, phrases, and leaked passwords to gain access to accounts.

What the end of Privacy Shield, Brexit mean for UK-US data flows

What the end of Privacy Shield, Brexit mean for UK-US data flows

The fall of US data agreement further complicates the post-Brexit data situation for many companies.

7 steps to securely shutting down business units

7 steps to securely shutting down business units

Closing down parts or all of a business involves more than just decommissioning IT assets. CISOs must lead a holistic effort to ensure data and access aren’t left exposed.

EU court invalidates Privacy Shield data transfer agreement

EU court invalidates Privacy Shield data transfer agreement

US companies receiving EU personal data under Privacy Shield will need to find a replacement legal mechanism, and the decision could affect data protection policies and procedures.

Groups promote Computer Misuse Act update to enable security research

Groups promote Computer Misuse Act update to enable security research

Some in the UK security industry are calling for an update to the CMA to allow them to conduct security research without threat of prosecution.

Protecting high-value research data from nation-state attackers

Protecting high-value research data from nation-state attackers

Recent nation-state campaigns to steal COVID-related research data underscores the threat to all research organizations. The best defense starts with knowing the enemy.

10 biggest cybersecurity M&A deals of 2019

10 biggest cybersecurity M&A deals of 2019

This past year has been a very active one for mergers and acquisitions in the cybersecurity industry as companies seek to expand their offerings. What will the 2020 M&A market be like?

Solar power shines light on security for the renewable energy industry

Solar power shines light on security for the renewable energy industry

Solar power plants have massive numbers of vulnerable internet-connected devices. It's recent focus on cybersecurity is awakening the rest of the renewable energy industry to the threat.

Brexit data protection decision uncertainty threatens UK-EU data flows

Brexit data protection decision uncertainty threatens UK-EU data flows

A no-deal Brexit scenario seems likely, and CISOs will need to adapt policies and procedures if the EU does not declare data protection adequacy for the UK.

Why wealth management firms are investing in their own cybersecurity

Why wealth management firms are investing in their own cybersecurity

Holding personal data on high net-worth individuals and conducting large financial transactions make wealth management an attack target, and management is starting to take it seriously.

Brute-force attacks explained, and why they are on the rise

Brute-force attacks explained, and why they are on the rise

The surge in remote work has rekindled interest in brute-force attacks, but a few simple steps can make your organization less of a target for them.

How to report cybercrime in the UK

How to report cybercrime in the UK

UK businesses are encouraged to contact Action Fraud if they are a victim of cybercrime, but they might also need to inform local authorities or regulators.

Protecting employee COVID-19 health data: What CISOs need to know

Protecting employee COVID-19 health data: What CISOs need to know

Most companies are tracking coronavirus-related health data of their employees, and this presents unique risks and security challenges for CISOs.

Load More