Get in Touch Close Menu
ISO/IEC 27002: Revised Standard
17 February 2022

In November 2021, we published a blog post about the virtues of ISO27001 certification, ‘ISO27001 Certification: Now is the Time to Consider the Benefits’. Now with the publication of the ISO27002 controls, the changes are a great step forward for many organisations, and the reasons are outlined below…

find out more
Cyber essentials certification updates
2 February 2022

On January 24th 2022, the NCSC (National Cyber Security Centre) and IASME implemented an updated set of requirements for Cyber Essentials.  This update is the most significant overhaul of the scheme’s technical controls since it launched in 2014. The change comes in response to the cybersecurity challenges organisations have faced in the last seven years to ensure the […]

Find out more
ISO 27001 Certification: Now is the Time to Consider the Benefits
19 November 2021

ISO 27001 is a standard set out by the International Standards Organisation that helps your organisation to manage the security of your information assets (electronic/paper, reputational, applications, infrastructure, third parties, etc.). Additionally, the certification helps organisations formulate an Information Security Management System (ISMS) to mitigate the growing number of information and cyber attacks.

Find out more
What does the OWASP 10 mean?
18 November 2021

OWASP selected eight of the ten categories from contributed data and two categories from the Top 10 community survey at a high level. AppSec (Application security) researchers attempt to find new vulnerabilities and new ways to test for them. Because of the nature of the testing, it takes time to integrate these tests into tools and processes.

Find out more
Zero Trust: Agility in Authentication
3 November 2021

During the worst of the covid crisis, organisations implemented many security strategies to deal with the new way of working in the short term. Therefore, they executed them as one-off projects to cover all bases. However, after covid lockdowns, organisations have found a need for long-term strategies for cyber security.   

Find out more
What makes a Good Incident Response Team?
19 October 2021

A cybersecurity incident response team (also known as CSIRT) is a team of cybersecurity experts available to deal with an incident occurring in an organisation. The team can be either internal or external, this depends on the nature of the incident and whether the team is equipped to deal with it effectively.  

Find out more
What is Network Detection and Response (NDR)?
17 September 2021

Used by organisations to detect and prevent malicious activity in an organisation, Network Detection and Response describes a category of security solutions that are used to investigate and mitigate the risk of attackers. It is a progressive security solution providing a centralised machine-based analysis of network traffic and response solutions.

NDR solutions provide a single solution for visibility across on-prem, remote, and cloud environments.

Find out more
What is CREST Penetration Testing? 
13 September 2021

How can you ensure you have outsourced your penetration testing requirements to the right provider? 

Find out more
‘PrintNightmare’- July 2021
2 July 2021

On June 8th, 2021, Microsoft released their scheduled weekly security update; contained within this release was a patch for a Print Spooler service (spoolsv.exe) vulnerability CVE-2021-1675. The vulnerability had initially been deemed a low-risk Escalation of Privilege (EoP) exploit. However, Microsoft unexpectedly upgraded it to a high-risk Remote Code Execution vulnerability that would allow authenticated […]

Find out more
NOBELIUM Phishing Campaign | Sapphire
9 June 2021

On May 27th, the Microsoft Threat Intelligence Centre (MSTIC) announced that ‘NOBELIUM’, the threat actor behind the SolarWinds compromise, had instigated another attack in the form of a persistent and evolving phishing campaign. Conducted in increasingly complex stages, this campaign has been active since January 2021. This is since the MSTIC first became aware of the operation.

Find out more
What are Security Operations Centre Best Practices?
21 May 2021

Cyber-attacks and data breaches against organisations, companies, are an inevitable part of our digital world. Businesses and organisations of all sizes need to prioritise an emphasis on their ability to detect and respond to cybersecurity incidents quickly to maintain an effective security posture. So how can a business or organisation prevent or manage a worst-case […]

Find out more
HSE Conti Ransomware Attack
18 May 2021

In the early hours of May 14th it was revealed that a sophisticated ransomware attack had taken place against the IT systems of the Irish Health Service Executive (HSE). Information is still coming to light, but it is known that a human-operated, externally based threat group deployed a variant of the ‘Conti’ ransomware this ransomware […]

Find out more