The FullProxy Report November 2024
Hello there, and welcome back to this late autumn issue of the FullProxy newsletter! This month we'll round up news from across the world of cyber security, share some key insights and thoughts from our senior team, plus detail more on AppViewX's certificate management solutions ahead of Google's expected 90 Day policy implementation. We're happy to have you back!
What does Apple's 45-day limit mean for you?
Last month we reported on the news that Apple's certificate lifecycles are aiming to be limited to just 45 days by 2027. Following this, our CTO Chris Templeton, took to the blog to share his insights.?
This gradual implementation over the next three years represents a significant shift in certificate management, challenging businesses to rethink their approach to digital asset protection and security infrastructure.
The move promises substantial security benefits, including more frequent cryptographic updates, reduced exposure to compromised certificates, and enhanced domain ownership verification. For UK businesses, this change isn't just a technical challenge but an opportunity to modernise certificate management processes, with automation and proactive monitoring becoming critical strategies for maintaining robust digital security in an increasingly complex cyber landscape.
?Pre-Christmas Grocery Woes: Major Supply Chain Hit With Cyber Attack
In a stark reminder of digital vulnerability, Blue Yonder, a crucial logistics software provider, suffered a significant ransomware attack on November 21st, exposing the fragility of global supply chains. The cyber incident immediately impacted major retailers like Morrisons and Sainsbury's, with some stores experiencing up to a 70% reduction in fresh produce availability, while Starbucks faced disruptions in staff scheduling.
The attack's strategic timing, just before the critical year-end period, highlights the increasing sophistication of cyber threats targeting business-critical infrastructure. While some companies like Hema and Jumbo in the Netherlands managed to mitigate disruptions through emergency procedures, the incident underscores the urgent need for robust risk management, backup systems, and continuous preparedness in an increasingly interconnected digital ecosystem.
Australia Introduces Groundbreaking Cyber Law
Australia has taken a groundbreaking step in cyber security with its new Cyber Security Act, which introduces mandatory ransomware payment reporting and a voluntary cyber incident reporting framework. Businesses with a turnover above AUD $3 million will now be required to report ransomware payments to the Department of Home Affairs within 72 hours, facing potential civil penalties of AUD $93,900 for non-compliance.
The legislation goes beyond just reporting, establishing a comprehensive approach to national cyber resilience. It includes creating a National Cyber Security Coordinator, enforcing IoT device security standards, and establishing a Cyber Incident Review Board. This landmark act signals Australia's commitment to protecting critical infrastructure and positioning itself as a leader in cyber security, urging organisations to proactively review and update their incident response plans
Expert Opinion
Make sure you're fully prepared this Black Friday and Cyber Monday - Ewan Ferguson
As Black Friday and Cyber Monday approach, UK businesses face a critical digital challenge. This golden quarter represents a make-or-break period for retailers, where digital infrastructure can determine whether a business soars or stumbles.
领英推荐
?
Surviving and thriving during these peak shopping seasons requires a strategic approach to digital resilience. From robust load balancing and secure transaction management to comprehensive cyber security measures, businesses must transform potential vulnerabilities into competitive advantages. The key is not just to survive the traffic surge, but to leverage technology as a strategic asset that provides seamless customer experiences and protects against digital threats.
FullProxy News
Spreading the word on the tech event circuit
DIGIT Expo
November has been a busy month for us. On the 21st, we attended DIGIT Expo, Scotland's premiere tech conference. We were lucky enough to sponsor the event alongside our partners, AppViewX, to give an important talk on the importance of certificate management with Google's 90-day limit looming.
The talk was expertly delivered by AppViewX 's CSO, Muralidharan Palanisamy and our very own Tom Barratt and truly connected with the audience in attendance, who were all to aware of the IT nightmare that is expired certificates.?
Futurescot Digital Scotland
A few days later, we were on the move to Futurescot 's Digital Scotland event with our friends at Fortinet. Here, our CEO Ewan Ferguson took to the stage with Fortinet 's David Nicoll to discuss the importance of adopting a Zero Trust mindset.?
The masterclass was attended by professionals from across the public sector, and shared expert insight and actionable advice on how to get started with Zero Trust adoption.?
We are now a certified G-Cloud 14 supplier!
We're delighted to announce our successful application to the UK Government's latest G-Cloud framework, allowing us to provide key cloud security solutions across the UK's public sector. As a Crown Commercial Service Supplier, this achievement reflects our commitment to delivering secure, reliable solutions that meet the rigorous standards required for government and public sector operations.
With the service now officially launched, you can find FullProxy on the G-Cloud marketplace today!