In the past, security professionals relied on traditional perimeter security such as firewalls to prevent unwanted access to their data; however, this has become progressively irrelevant in today’s modern landscape due the adoption of cloud first strategies and flexible working approach which in turn has blurred the line as to where that perimeter actually exists.
The pandemic and cloud-first technologies have expedited this move to an extended perimeter which has driven cybersecurity professionals to prioritise a Zero-Trust strategy throughout many organisations.find out more
SOCs (Security Operations Centre) are cross-functional, which helps centralise operations carried out by different departments within an organisation. This means that they provide value to organisation stakeholders and help meet agendas.
SOC analysts play a critical role in taking responsibility for security incidents and assisting in communications on security incidents.Find out more
With over two decades of mitigating cyber risk across people, processes, and technology, Sapphire supports its customers through its expertise, quality, and skill by employing a progressive set of cybersecurity services from in-house and partner-provided solutions.Find out more
Increasing the scale of your cybersecurity is not easy. After all, cybersecurity is not just about prevention. With cyber-attacks part of our world, organisations must be prepared to respond effectively to threat actors. One such way of preparing and responding is through endpoint detection and response (EDR) and or Managed EDR solutions. Organisations use EDR […]Find out more
What is CRING ransomware? In April 2021, Sapphire’s threat intelligence resources identified a sophisticated ransomware campaign utilising the Cring malware and leveraging vulnerability (CVE-2018-13379), identified in 2019, affecting Fortinet VPN Servers. The cring ransomware attack allowed a threat actor to connect to the VPN appliance without authentication and download session files containing usernames and passwords […]Find out more
IT environments are becoming increasingly complex and sophisticated, and security teams are faced with the daunting task of keeping potential attackers from accessing their organisation’s environments. As a result, organisations are adopting increasingly complex cybersecurity solutions to combat this growing concern. One way to do this is by using the SOC visibility triad.Find out more
Ransomware remains one of the highest priority challenges for organisations of all sizes and across all sectors in 2022.
“Ransomware is the fastest-growing cybercrime for a reason,” says Steve Morgan, founder at Cybersecurity Ventures and editor-in-chief at Cybercrime Magazine. “It’s the proverbial get-rich-quick scheme in the minds of hackers.”Find out more
Most companies have moved away from traditional in-house on-premises hosted applications like file servers, mail servers and proxy servers for cloud-based services known as Software-as-a-Service (SaaS) applications. One of the most popular SaaS platforms I have come across is Microsoft 365 Exchange Online. The cloud-based mail platform is accessible from anywhere offers no end of features, constantly evolving to meet organisational needs. Microsoft integrates its security and mail filtering capabilities into this platform.Find out more
Is Your Security Policy Configured Correctly? Wouldn’t it be great if there was an in-built feature that checks your settings are aligned with security in mind? Your cyber security policy is not wide open to letting anyone in, something that offers peace of mind that everything is secure? Well, you’ll be pleased to know; there […]Find out more
Ransomware attacks are traditionally seen as being shared via phishing campaigns against specific targets to carry out maximum impact.
Therefore, attacks use several ways to distribute malicious software, such as drive-by downloads, USBs, and other portable devices.Find out more
In November 2021, we published a blog post about the virtues of ISO27001 certification, ‘ISO27001 Certification: Now is the Time to Consider the Benefits’. Now with the publication of the ISO27002 controls, the changes are a great step forward for many organisations, and the reasons are outlined below…Find out more
What is Log Management? Log management refers to real-time alerting, collecting, storing, putting together, and analysing data from differing programs and applications. The data is referred to as log data. Log data is a computer-generated file (or the data within the file) written to every time-specific event in a controlling application (or program). Going one […]Find out more