The global COVID-19 pandemic fundamentally transformed how we live, work and interact with one another. As organisations across the world re-architect how their workforces securely connect and communicate in the new work reality, it's never been more important to stay abreast of the fast-moving cyber threat landscape.

If you ask most people who work in our industry to describe the difference between HTTP and HTTPS, they might say the latter is the secure version. They may even go further and explain that HTTPS uses an SSL certificate to secure the connection between the user’s web-browser and the web-server hosting the web-page.

But surprisingly, many do not know the details of how an SSL certificate works; the reliance on third-party trust, and why we will soon be facing a wave of problems with root certificates expiring.

There are a few businesses which have been proven to thrive in the conditions we find ourselves in today; and telecommunications companies are one of them. Whether it be Zoom, Webex, GoToMeeting or any other provider of teleconferencing software, the demand for such solutions and services have soared, as large swathes of the population now adjust to new working from home requirements.

We live in unprecedented times. Despite there being a number of occasions in recorded history where ah a medical emergency has befallen humanity; there has never been so many of us and never has there been such disruption to our economically interconnected world.

Recent research carried out by Check Point white hats has exposed a vulnerability in the Philips Hue lighting system, which utilises the Zigbee wireless protocol, and could compromise both home and corporate networks.

If there is one thing which unites us all in the world of IT security, it is the desire to eliminate known vulnerabilities so that we can continually improve and build upon what we already know. But did you know that a standard deployment of Microsoft Windows Server 2016 RTM, contains over 800 pages of known vulnerable configuration settings, according to the CIS (Centre for Internet Security)?

Every few months or so, there is a breach penalty which stands out among others. In this instance, it is the Dixons Carphone, which has been the recipient of a £500,000 fine in response to exposing the details of 5.6 million payment cards.

Every so often there is a seismic change in the IT security industry that creates a new benchmark upon which everything is measured. One such case of late, is an area that has remained unchanged for the large part of two decades – B2B file transfer.

The festive season is nearly upon us; and while you might be dreaming about cookies of the sugary and Christmas themed type, European judges have other ideas. The other type of cookie – and most likely the more frequent – are those used on websites to store small amounts of information on our local endpoints to assist with functionality.

Picture a heist. Picture that heist involving a hundred million people or more. Picture how that may look; imagine how that might sound. You’d be forgiven for imagining simultaneous full-scale bank robberies with alarms blaring and guns blazing, but this isn’t what heists look like anymore. Heists are silent. Heists hit millions, even billions, at one time from one remote location.

As the use of cloud technology continues to thunder along, it has given rise to a number of new industries and opportunities for IT teams globally. One example of this is the use of cloud-based security solutions - hosted by a provider and usually sold on a flexible subscription license.

We have all heard of hacked baby monitors, transport ticket machines infected with ransomware and internet connected vehicles being hacked. But, what does this have to do with enterprise networks?

With the McKinsey Global Institute estimating that 127 new IoT devices are added to the internet every second; and Gemalto reporting that only 33% of IT teams believing they have control over IoT devices on their networks, it feels as though a storm is brewing.

After working in this industry for over a decade, you very quickly get used to “the next big thing”. Sometimes it is no more than a storm in a teacup which peaks the attention of marketers but nobody else; other times it goes on to define the next few years (sometimes longer) of IT strategy and discussion.

SECaaS seems to be in the latter category - and there are two reasons why I think that is the case.

When thinking about automation in our workplace IT networks, it is easy to get carried away and conjure up sinister Bladerunner-style robots who work in-place of humans, slowly replacing us one by one.

So here we are. At that juncture which we have all be expecting, where warning and preparation meet reality. The GDPR has delivered intention of its first astronomical penalty value, with British Airways in its cross-hairs, to the tune of £183 million.

After last years high-profile data breach, it was expected that British Airways would be made an example of; and what an example it is.

We are often told that security is a game of when, not if - data breaches and cyber attacks for a long time have not been a roll of the dice but instead, a ticking clock. Cybercrime is such a lucrative and somewhat untraceable activity that the cross-hairs do not discriminate.

For some, it might have felt like the GDPR was a little bit of an anti-climax. Relative hysteria in the build up to May 2018 has not led to the end of marketing departments, mass administration of fined companies or denial of service by DPIA's.

Instead, in the 12 months since its enforcement, all has been a little quiet.

Or has it?

In today's IT environments, you would be hard pushed to not find some element of cloud usage. Whether that be email, storage or virtual machine hosting and computational power, this is no more evident than the 2018 growth statistics for Microsoft's Office 365; sitting at between 2 and 3 million new accounts added each month.

If there is one topic which most channel partners are keen to address, then it is managed security services. Keen to be more than just peddlers of security software; and wanting to provide a wider service, channel partners are faced with a bountiful marketplace of small-to-medium sized businesses who desire high-grade solutions with lesser pricing and more flexibility.

What is it that you think of when reading or hearing the term "machine learning"? Chess playing robots? That gadget that cuts the grass of your lawn while you enjoy your new-found spare time? or the terminator relentless chasing Sarah Connor through a movie franchise and TV series?

From smart automated homes to WiFi enabled children's toys, this Christmas was a bounty for manufacturers of gadgets and gizmos offering internet connected functionality. Otherwise known as IoT or the Internet of Things.

But, what exactly is IoT and what concerns does it bring to companies and organisations who adopt such technology?

There is a very good chance that you have used multi-factor authentication (sometimes referred to as two-factor authentication) at some stage over the past few years, even if you are not familiar with the term.

By now I am sure you have seen and read enough IT security "predictions" for 2019. As cynical as it may seem, I often chuckle at the alignment of an author's predictions and the solutions and services that they sell. Coincidence? Or good marketing?

AI, ML, DL... we live in an age of jargon which is sometimes hard to keep up with. You probably have a general awareness of what artificial intelligence (AI) is or you may even have worked with an IT solution which professes to use AI in some manner.