Resources

Extrapolating current trends, hiring and training additional cyber-security personnel will never keep up with the growing volume of threats. The only alternative is to hire better trained and better-equipped professionals.  A sea-change could come from the evolution of new strategies based upon machine learning and AI in security…Read more

As the name implies, Fileless infections don’t entail files being written or downloaded and executed in the affected machine’s local disks. Instead, they are executed in the system’s memory, or reside in the system’s registry for persistence. In a typical fileless infection, payloads can be injected into the memory of an existing application/software, or by…Read more

It is very clear that there is still a great deal of work to do when it comes to combating the cyber risks introduced using smart devices, and this applies to both businesses and consumer households. Recent experiences with IoT have been a retrograde step within IoT risk management but we can…Read more

The cyber threat landscape is never static, as we’ve seen, there have already been shifts in the nature and focus of recent attacks. Predicting how it will change in future is difficult as there are likely to be developing threats that we are not currently aware of. That said, there are some areas of the threat landscape that…Read more

No two organisations will have the same security portfolio size, content or associated spend. Budget and product selection depend entirely upon your business assets, your services and their associated revenues. The business impact can be catastrophic if your service is not available or is compromised; we have all seen…Read more

Ensuring the reliable and safe performance of systems means carrying out assurance testing. This is about more than simply verifying that the software works. It’s also about implementing an organised process to understand what happens both when things go right and when there’s an error. It’s also about…Read more

Many aspects of the business world are interlinked by technology. But while this brings huge benefits in efficiency and convenience, it also poses the risk of falling victim to a cyber threat. Businesses are dependent on suppliers to deliver services, goods and systems. This can result in a complex supply chain which, in turn, makes it hard to ensure supply chain security because…Read more

DevOps efficiency brings with it reproducible and therefore auditable processes. Encouraging DevOps and SecOps to collaborate will bring improvement and alignment. We can ensure that our security requirements are embedded in the application and environment. As well as satisfying business sponsors, this provides…Read more

Preventing breaches is increasingly difficult, so there’s renewed interest in breach detection technology that identifies breaches after they occur and aims to minimise the impact and fix the problem. This relies on a mixture of analysis and intelligence. In the past, attackers have…Read more

When reviewing the SOC Architecture, the organisation will need solutions that will help build all four pillars of its breach detection stack to deliver an effective cyber defence capability. If there are serious issues, gaps, or inherited ‘tooling sprawl’ within an existing SOC Architecture then the need to…Read more

The rise of outsourcing and strategic business partnerships, together with the increased use of third parties to provide cloud-based data storage and applications, carry major security risks for organisations. Here we look at how risks arise, what kind of cybersecurity professionals an organisation should have on board, and how…Read more

Many organisations have embraced Agile as a development methodology. Its potential for innovation, continuous delivery and risk reduction is compelling. Also gaining traction is DevOps, combining the development and operations phases. However, both disciplines are…Read more