Security News

Frustrated at lack of activity from the "Standard setting" UK Cyber Security Council, the government wants to pass new laws making it into the statutory regulator of the UK infosec trade. Government plans, quietly announced in a consultation document issued last week, include a formal register of infosec practitioners - meaning security specialists could be struck off or barred from working if they don't meet "Competence and ethical requirements."

Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling. Cs prevents cloud security risk and improves developer productivity.

AwareGO Human Risk Assessment for Enterprise measures employees' cybersecurity behavior. Pondurance Cyber Risk Assessments analyze and visualize potential cybersecurity gaps.

Here's a look at the most interesting products from the past week, featuring releases from Action1, Cloudflare, Code42, F5 Networks, NetQuest, Oxeye, SentinelOne and Tenable. The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle.

Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling. Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code.

An Imperva Snapshot assessment lets teams assess the status of their databases and the data stored, to identify non-compliance with privacy regulations as well as compliance requirements for cloud data stores. iStorage datAshur SD offers data storage solution to securely share and scale unlimited encrypted data.

The EU needs more cybersecurity graduates to plug the political bloc's shortage of skilled infosec bods, according to a report from the ENISA online security agency. In a new report titled "Addressing the EU Cybersecurity Skills Shortage and Gap Through Higher Education", academics Jason Nurse and Konstantinos Adamos, together with ENISA's Athanasios Grammatopoulos and Fabio Di Franco, said the European Union needs to get more students signing up for cybersecurity degrees.

Boxcryptor protects business data in Microsoft Teams with end-to-end encryption features. Via the personal app, there is the possibility to access encrypted data in the personal OneDrive.

Infosec must "Reclaim" the word crypto from people who trade in Bitcoins and other digital currencies, according to industry veteran Bruce Schneier - and it seems some Reg readers agree. "I have long been annoyed that the word 'crypto' has been co-opted by the blockchain people, and no longer refers to 'cryptography'," blogged Schneier in a classically brief post on Monday.

Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said. If an attack was successful, their router would fall under the attacker's control, allowing the crook to open up ports to access other devices on the local network, change the LAN's default DNS settings to redirect browsers to malicious sites, reconfigure the gateway, and cause other general mischief and irritation.