Home Tags Bournemouth

Tag: Bournemouth

As the last summer bank holiday approaches, millions of Brits will be bracing themselves for traffic jams as they make their way to the beach.

But, should they be prepared for a cash jam too? As seaside hotspots swell with holidaymakers the danger is t...
Part of broader investigation into alleged data theft Three men are due to appear at the Old Bailey charged with various offences linked to an investigation into the mega TalkTalk hack a year ago. The investigation was launched in October 2015 by the Met's Falcon Cyber Crime Unit following the hack in which 157,000 of its customers' personal details were accessed. On Tuesday, 15 November, a 17-year-old boy pleaded guilty at Norwich Youth Court to seven offences under the Computer Misuse Act of 1990. The boy was arrested in Norwich on 3 November last year and subsequently charged. He is due to be sentenced at Norwich Youth Court on 13 December. The offences were all linked to the unauthorised access in October 2015 to data and programs on various organisations' websites including TalkTalk and Merit Badges as well as universities in Cambridge, Manchester, Sheffield, and Bournemouth. As part of the wider investigation, detectives have also arrested three other individuals. Daniel Kelley, of Llanelli, Wales, was charged on 26 September with various blackmail, cyber-crime and fraud offences, and is due to appear at the Old Bailey on Friday, 18 November. Matthew Hanley and Conner Douglas Allsopp, both from Tamworth, were charged on 26 September with cyber crime and fraud offences and are due to appear at the Old Bailey on Monday, 21 November. The investigation into the alleged data theft from the TalkTalk website is a joint investigation led by the Met's Cyber Crime Unit with support from Police Service Northern Ireland, Southern Wales Regional Organised Crime Unit, the National Crime Agency, and CERT UK (now the National Cyber Security Centre). ® Sponsored: Customer Identity and Access Management
When, back in 2012, the Information Commissioner’s Office (ICO) reprimanded NHS Bournemouth and Poole for passing on the data of 3,700 patients to the Enhanced Care Service without first consulting the individuals concerned, it sparked a major rethink in the way security operated across the NHS in neighbouring Hampshire. Serving a population of 1.3 million, Southern Health NHS Foundation Trust is responsible, wholly or in part, for 14 community hospitals across Hampshire. Earlier this month, as part of a complete overhaul of its existing IT security strategy, Southern went live with security information and event management (SIEM) and content security technology from Trustwave. Anthony Guethert, head of IT architecture and design at Southern takes up the story: “We went through Trustwave for most of the software choices we made.

The vertical stack integrates nicely – we found it’s best in breed – and it offers very good support and competitive pricing, so that combination was excellent for us.” Guethert added that Trustwave “knew what they were talking about”, and offered “excellent service and support, and the range of the products vertically integrated nicely”. Specifically, Southern Health has deployed Trustwave’s Webmarshal and Mailmarshal products, which filter bandwidth and manage traffic levels through web and email servers, and Trustwave SIEM to collect, analyse and assess security events proactively for rapid identification, prioritisation and response. The Trust has also implemented McAfee Safeboot, while Good Technology takes care of mobile device management and SecurEnvoy provides two-factor authentication. As well as a desire to keep in the ICO’s good books, a big driver behind the security overhaul was to make it simpler for staff to communicate with colleagues in a safe way. “The key was security, and having the staff use equipment in the past that was not encrypted or had a very difficult way of connecting back to the corporate resources was at the forefront of our minds,” said Guethert. “The more difficult it was for people to use the technology, the less security we had and the more risk we had,” he added. “So once we’d got encrypted laptops out there, with a nice secure connection back in, we wanted to make sure that the technology was accessible and easy to use, and that users were following corporate policies when out in the field. That’s all managed and monitored now.” The Good Practice Guide 13 from cyber security consultancy CYSEC forms the basis of the Trust’s security policies. “GBG13 guidelines were important for us to meet,” said Guethert. “When building the infrastructure we had the opportunity to do it properly, and we wanted the security model to reflect best practice in the process of doing that. “So one of the key things was to understand the marketplace, understand the requirements, and understand the level the Trust needed to reach and maintain, and implement and achieve those levels with minimal total cost of ownership. We didn’t want to put systems in that increased the cost or burden over time.” As well as hugely increased security, Guethert is enthusiastic about the Trust’s new ability “to share data for the first time, and share a global address list. None of that was possible before – all the suppliers had separate systems, separate data, and email systems. So no stuff could work across them.” Guethert blames historical NHS IT systems that were “a very complex environment that grew organically [over years]” for creating a system that led to so many security gaffs. “The CEO and board [of Southern] were fantastic, because they realised strategically that this was crippling the business and there was a real need to bring it together into a single organisation.” @PeterGothard