ISO 27001 is a standard set out by the International Standards Organisation that helps your organisation to manage the security of your information assets (electronic/paper, reputational, applications, infrastructure, third parties, etc.).
Additionally, the certification helps organisations formulate an Information Security Management System (ISMS) to mitigate the growing number of information and cyber attacks.
find out more
The Open Web Application Security Project (OWASP), Top 10 list (maintained since 2003 and announced every few years), highlights the ten most critical security risks to web applications. It is recommended that organisations adopt the OWASP Top 10 to ensure their web applications are not exposed to any cyber risks. According to OWASP: Using the OWASP Top 10 […]
Find out moreSecurity awareness training helps organisations prevent and mitigate user risk. A security awareness program helps people understand the vital role they play in helping to combat cyberattacks – at work or at home. According to the Department for Digital, Culture, Media & Sport: “All businesses can benefit from understanding cyber threats and online fraud.” We spoke […]
Find out moreDuring the worst of the covid crisis, organisations implemented many security strategies to deal with the new way of working in the short term. Therefore, they executed them as one-off projects to cover all bases. However, after covid lockdowns, organisations have found a need for long-term strategies for cyber security.
Find out moreIn the world of cybersecurity, the more you know about threat actors, the better placed you are to counteract and manage cyber threats and attacks. But what is a threat actor? We can define a threat actor as a person, group, or entity performing a cyber-attack designed to impact an organisation negatively. In other words, someone who […]
Find out moreA cybersecurity incident response team (also known as CSIRT) is a team of cybersecurity experts available to deal with an incident occurring in an organisation. The team can be either internal or external, this depends on the nature of the incident and whether the team is equipped to deal with it effectively.
Find out moreIt’s an exciting concept and one that many people don’t grasp. All organisations today can potentially fall victim to a cyber-attack or cyber security outage, which can cause severe damage to its ability to operate and its infrastructure. It’s more than just cyber security awareness; it requires the whole workforce to know what the risk is and the processes that need to be followed to avoid this risk.
Find out moreDefining a clear strategy when establishing an organisation’s SOC helps to align business goals. Developing the strategy using an assessment is the best way to identify gas and potential vulnerabilities.
After this assessment, the team can create a clear, comprehensive set of processes, helping to guide the SOC team in operating, monitoring, detecting, responding and reporting as suggested above.
As a result of the fluid and ever-evolving threat landscape, this strategy will need reviewing periodically, helping to keep ahead of any new emerging risks and vulnerabilities.
Find out moreThere have been many participants in Cybersecurity Awareness Month, such as DHS Secretary Janet Napolitano back in 2009. In 2010 during the STOP. THINK. CONNECT campaign, former U.S. President Barack Obama used this phrase as a national cybersecurity education and awareness message.
Cybersecurity Awareness Month has also had many themes to help articulate the different aspects of cybersecurity, such as education, cybercrime, law enforcement, mobility, critical infrastructure for any organisation from small to large.
Find out moreWhile many threat and risk management solutions help organisations deal with low-level security events with automated responses, having an incident response plan, delivered by an experienced team will determine your success in responding to an attack.
Find out moreUsed by organisations to detect and prevent malicious activity in an organisation, Network Detection and Response describes a category of security solutions that are used to investigate and mitigate the risk of attackers. It is a progressive security solution providing a centralised machine-based analysis of network traffic and response solutions.
NDR solutions provide a single solution for visibility across on-prem, remote, and cloud environments.
Find out moreHow can you ensure you have outsourced your penetration testing requirements to the right provider?
Find out more
