Nader Henein

In our first year of operation our advanced cyber assurance practice now ranks in the top 10% of all global cybersecurity providers.

Whenever I walk into an electronics store, I am surprised at the sheer number of devices that are prefixed by the word “smart,” which seem to be doubling at an alarming rate. Televisions, egg crates, thermostats, light bulbs, refrigerators—pretty much anything with a power supply seems to have achieved sentience overnight.

After nearly a decade of work, the EU finally passed the General Data Protection Regulation (GDPR) in April. While it doesn’t take effect until May of 2018, smart businesses are starting to look now at how the sweeping new data-privacy mandate will affect them so they’re ready when the risk of heavy fines kicks in.

More than 100 member companies along with the CSA research team jointly worked to develop the 60-page guidance report which provides a comprehensive overview of the mobile security landscape. The report is broken out into three principal sections:

ADVISORS, evangelists or consultants. Companies have long tried to repackage the way they deliver their message on security so that it doesn’t sound like a sales pitch.

But the simple fact is there is no reason why you should gamble the security and future of your organization on the promises of an employee tasked with portraying their product in the best possible light.

Many aspects of the BlackBerry solution have been built around manageability. With the advent of ‘Bring Your Own Device’ (BYOD) in the enterprise, the need to manage two personas on the same device has become evident. On one hand, enterprise data and applications need to remain secure and separate from personal content. On the other hand, a litany of consumer apps, emails and personal details must remain private from all, including the enterprise.

With the increasing number of mobile devices and operating systems on offer, many administrators and SMEs in large companies have been overwhelmed by employee and executive requests to support the latest gadget. With mounting pressure to enable business productivity on personal devices, a less than diligent approach to security may be taken, where, provided that a list of check boxes is ticked, products are integrated into the corporate infrastructure. Every security professional knows that the… Show more

With the increasing number of mobile devices and operating systems on offer, many administrators and SMEs in large companies have been overwhelmed by employee and executive requests to support the latest gadget. With mounting pressure to enable business productivity on personal devices, a less than diligent approach to security may be taken, where, provided that a list of check boxes is ticked, products are integrated into the corporate infrastructure. Every security professional knows that the devil is most definitely in the details. Show less

This document was produced jointly with the OWASP mobile security project. It is also published as an ENISA deliverable in accordance with our work programme 2011. It is written for developers of smartphone apps as a guide to developing secure apps. It may however also be of interest to project managers of smartphone development projects.

The booming smartphone industry has a special way of delivering software to end-users: appstores. Popular appstores have hundreds of thousands of apps for anything from online banking to mosquito repellent, and the most popular stores (Apple Appstore, Google Android market) claim billions of app downloads. But appstores have not escaped the attention of cyber attackers. Over the course of 2011 numerous malicious apps were found, across a variety of smartphone models. Using malicious apps… Show more

The booming smartphone industry has a special way of delivering software to end-users: appstores. Popular appstores have hundreds of thousands of apps for anything from online banking to mosquito repellent, and the most popular stores (Apple Appstore, Google Android market) claim billions of app downloads. But appstores have not escaped the attention of cyber attackers. Over the course of 2011 numerous malicious apps were found, across a variety of smartphone models. Using malicious apps, attackers can easily tap into the vast amount of private data processed on smartphones such as confidential business emails, location data, phone calls, SMS messages and so on. Starting from a threat model for appstores, this paper identifies five lines of defence that must be in place to address malware in appstores: app review, reputation, kill-switches, device security and jails. Show less