The General Data Protection Regulation (GDPR) may have come into force in 2018 but 2019 was the dominating year for it. Last year, we saw companies put more effort into not only achieving GDPR compliance but into actively maintaining it. This is harder to do than it might seem — as just one mistake can result in a […]
07
Jan
Jan
We thought we would start 2020 by looking backwards. Specifically looking back at the biggest data breaches of 2019, seeing how many records were breached, getting a broad understanding of the nature of the attacks and then looking forward to seeing how we can learn lessons and protect our data assets better in the future. […]
23
Dec
Dec
Looking back to 2019 and forward to 2020 If our Principal Consultant, Richard Hollis, had his Google Location Services on this year (he hasn’t of course, he’s not that mad!) it would throw up an image similar to what it would look like if you gave a kitten a ball of wool and it started […]
18
Dec
Dec
In the following blog post, we are going to shine a spotlight on the general cyber threat landscape in the UK, examine the most prevalent forms of attack and look at the detrimental implications these attacks have on organisations. After reading this post, we hope you’ll be able to see where your company figures in […]
11
Dec
Dec
Have you heard about the French Paradox? No? Across the pond, our French neighbours enjoy a diet full of rich and cheesy saturated fats, whilst simultaneously experiencing relatively lower levels of coronary heart disease. This goes against conventional medical convention that suggests higher levels of saturated fats in a diet should result in higher rates […]
04
Dec
Dec
A security awareness programme can only be successful if employees retain information and skills to use in everyday work activities. Let’s be honest, we are all just one click away from a security breach. That is why we implement awareness training in the first place, right? To measure the success and effectiveness of your programme you’ll need to not only track the completion of computer-based training but staff’s behavioural change. And this […]
28
Nov
Nov
Social Engineering can be summed up as ‘hacking the human’. Traditional malicious hacking attacks a digital instance of an organisation (i.e. website, network or system) and attempts to gain unauthorised access or cause harm by exploiting a vulnerability. Social engineering instead focuses on a person and attempts to exploit human frailties by coercing or tricking […]
21
Nov
Nov
Employee error still reigns as the number one threat for data breaches even with modern day security solutions. The numbers don’t lie, with anywhere from 70 – 80% of all breaches being attributed to staff. Yet many organisations do not have a mature information & cyber security awareness programme in place. As we mentioned in […]
11
Nov
Nov
SPEAR PHISHING, WHALING, BUSINESS EMAIL COMPROMISE AND CEO FRAUD IS ON THE RISE AND COSTING COMPANIES BILLIONS Have you heard of the acronym: FUD? It stands for ‘Fear, Uncertainty & Doubt.’ Unfortunately, the Information Security industry has a bit of a bad rep for selling their services off the back of FUD: “Don’t want the […]
30
Oct
Oct
I noticed on the news the other day that there is (yet another) Terminator film out: Dark Fate, where Sarah Connor is back, now looking like a cross-between The Golden Girls meets Super Gran. …And of course, good old Arnie has come good with his famous promise: “I’ll be back” although perhaps it would be […]