Category: Cyber & Information Security

With ever-changing threats and regulations, and in a challenging skills short market, clients need to build an effective security department that can positively influence security matters across all their departments without hindering their day to day operations or agile delivery. …Read more

In this edition of Cyber Smart Consulting CISO Insights we ask Alan Jenkins (CISM, CISMP,CSP) on his view of some common security concerns. CISO-in-Residence at Cylon Labs. 30+ years experience in all facets of security, particularly cyber and enterprise security…Read more

The meteoric growth in cloud use and the increasing numbers of Internet of Things devices means that businesses are coping with larger volumes of data than ever before. One of the technologies to which enterprises are increasingly turning to cope with this problem is…Read more

The InfoSec Consulting Series #32 By Jay Pope   What’s the most important aspect of an API strategy? Designing for commercial success? Delivering the most productive developer experience? Security? Clearly, they are all important. Security, however, is the one area…Read more

How can Master Data Management (MDM) and microservices coexist? Agile thinking tells us that microservices must be developed by autonomous teams, with the authority to choose the most appropriate data store. Meanwhile, MDM practitioners and tools are trying to reconcile multiple copies of data, to unravel discrepancies. As architects and developers…Read more

As with any cloud service, there are security implications to its use, with new and evolved threats constantly emerging. Securing AWS workloads is therefore vital if you are relying on it for your business. In this article we look at some AWS security best practices that you should be following…Read more

There are essentially four steps to building an application security strategy. The first is to convince senior management that it’s essential and to get the whole of the organisation committed. The second is to ensure that development teams have the required level of security skills which may mean investment in training and recruitment. Thirdly…Read more

In some organisations there’s a perception that Cloud Transformation Programs can do away with security and be led by business stakeholders with a cursory security light touch that ticks their box. This attitude creates a disproportionate imbalance between the business and security. It is often characterised by…Read more

There are different types of phishing awareness training tools, with various levels of sophistication. The most basic will simply allow you to compose an email and provide an address. More advanced tools allow you to run several different campaigns at the same time and will…Read more

Understanding the types of data that hackers deem as valuable is a perpetual challenge but one that must be undertaken to understand pharma cyber security. The pharmaceutical industry is a prime target for hackers/cybercriminals, who may look to steal…Read more

Intellectual Property protection is now a crucial aspect of your organisation’s cyber security. Initially, it can be hard to understand what IP is. It is possible to be prosecuted for theft for taking one of the following categories of IP…Read more

It doesn’t matter how difficult the password might be to guess – if a security breach on one site occurs, all accounts created with the same password become vulnerable. The obvious solution for easy password management might be to go for…Read more