A Consolidated View of Data Breaches in 2012 – Part 2

It seems that many of you found my previous post of interest, so as promised, here’s the second part. But first, let’s all have a look at this 2min 48s video: Security Threats by the Numbers from the Cisco 2013 Annual Security Report. Unsurprisingly, the Trustwave GSR highlights that e-commerce sites were the most targeted asset, accounting for 48% … Read more

A Consolidated View of Data Breaches in 2012 – Part 1

It’s that time of year again where we try to make sense of all the new research and statistics. Today, I give you the Trustwave 2013 Global Security Report which analyses 400 data breach investigations (compared to 300 in 2011) across 29 countries (compared to 18 in 2011). Unsurprisingly, 96% of the breaches involved the theft of customer … Read more

Wilful Blindness and Wishful Thinking…

Yesterday, an article on CBS Money Watch caught my eye: Businesses deluded about threat of cyber-attack. The article was a short introduction to a recent survey conducted by Deloitte. And isn’t it spooky that the same old things keep cropping up everywhere?… Unsurprisingly, the Deloitte report highlights that 88% of the businesses surveyed believe that they are not really … Read more

Failing Gracefully…

Sometimes, despite our best endeavours, things just don’t work out the way we planned… You know the feeling: you think you have it all under control, you think you’ve engaged with the right people, you have buy in from those who matter, the right culture is in place, you’re not struggling for investement and bang! … Read more

The Social Media Side of Incident Response…

In one of my February posts, I wrote about incident response and the importance of addressing the media in a timely manner. Whilst the draft NIST report SP 800-61 gives really good guidelines on the positive aspects of fully and effectively communicating important information to the public, I feel there is some mileage to be had by exploring the use of social media when tackling incident

UK NFA 2012 Annual Fraud Indicator: Another Use For It…

It is always difficult to secure information security investments and we all know that having real business metrics always helps. One useful method is to link infosec to fraud and in this post I’d like to examine this connection further. Lucky for me, the UK National Fraud Authority  released their 2012 Annual Fraud Indicator in … Read more

Connecting the Dots…

Eleanor Dallaway, editor of Infosecurity Magazine, talks to Neira Jones – head of payment security, Barclaycard – at Infosecurity Europe 2012 about what it takes to be a successful information security professional in 2012.

About Neira Jones

With more than 20 years Financial Services experience, Neira is currently Head of Payment Security at Barclaycard where she is responsible for security compliance of circa 100,000 customers & 3rd parties. She has received the Information Security Person of the Year Award in April 2012 from SC Magazine at the same time as her team scooped up the prestigious SC Magazine Award for Information Security Team of the Year for the 2nd year in a row.

Not content with this, February 2012 saw Barclaycard winning two awards at the Merchant Payments Ecosystem conference for “Data Security” & “Merchants” for successfully steering Barclaycard and its customers through the changes in payment security, and in particular with the PCI DSS (Payment Card Industry Data Security Standard). She is a member of the Infosecurity Europe Hall of Fame and has been on the PCI Security Standards Council Board of Advisors since 2009. 

Follow Neira on Twitter:@NeiraJones


1, 2, 3, 4, 5 Ways to a Successful Social Attack

In its recent Annual Fraud Indicator, the National Fraud Authority highlighted that mass marketing fraud against individuals cost the UK economy £3.5 billion in 2011, that is ten time more than the cost of plastic card fraud in the same year, or equivalent to the total fraud losses incurred by the financial services sector in … Read more

Just Spreading the Gospel…

I’ve been in financial services for more than 20 years, and in that time, I have been fortunate enough to experience a variety of interesting jobs, from directing large change programmes, launching new products/ services to managing process re-engineering consultancy teams. I am currently head of payment security at Barclaycard, where I oversee the security … Read more