Please consider updating your browser. Some parts of the website may not function as intended.

Top challenges for the CISO in 2020

an image of a ciso talking to a member of staff

Being a CISO in today’s rapidly changing and evolving technological landscape is no easy task. Add to that the constant and increasing threat of attack by rapidly more sophisticated and devious malicious actors and you begin to understand the talk of sleepless nights, high attrition and incredibly high-stress rates attributed to the profession. Like fighting […]

Red Team Testing – not just a Penetration Test in a posh hat

Penetration Testing is not Red Team Testing

The term Red Team Testing has been around for a while, its origins are from the military, wherein simple terms, team A (the Blue Team) would be tasked with defending a specified zone and team B (the Red Team) would be tasked with attacking it. Thus, highlighting deficiencies in both the Blue Team and Red […]

No, it won’t automatically make you GDPR compliant, but it will help…

If you’re about to embark on the journey to ISO 27001, or if you’ve achieved the certification and are now in the process of maintaining it, then the new privacy information management extension to ISO 27001 could be something you may want to consider. It was purposefully developed to address and assist organisations in meeting […]

The business case for penetration testing – Preaching to the unconverted:

demonstrating statistics

How do you communicate ROI on Penetration Testing to gain buy-in? Did you get your car insurance renewal quote in recently? Chances are it’s gone up and chances are you are wondering whether it’s worth it. For non-tech savvy finance folk and to be fair, some tech-savvy non-finance folk, you can understand why they might […]

You sank my YouTube Channel!

‘Massive’ YouTube content creator hack confirmed – 23 million influencers and creators could be affected. If you, like me have memories of just three TV channels, recording the Top 40 on your cassette player and of course the board game Battleship then the phrase social media influencer may have you scratching your head, set your teeth on edge or something in-between.  It turns out […]

IoT Home “security” cameras: Are you having a laugh!?

IoT Home Security Cameras Amazon Ring

The Amazon Ring Tale “Update: 29/01/2020: so far, when yet more tales of woe (usually regarding the Amazon Ring) come in I have just been adding the stories in the comments section below the original article. However, when an actual Amazon engineer, usually known for their fierce loyalty, sticks their head above the parapet and effectively […]

The British Airways Data Breach “fine”

A fake news parody making fun of the clickbait around the BA and Marriott Group breach fines

Sometimes the truth grows wings and takes flight How UK media reported the ICO’s intention to fine BA & Marriott Hotels and a penetration tester’s view on what BA could of and should of done. Oh, and what’s happened so far with the fine that they actually did issue to Facebook On the 8th July, […]

Why Information Security Awareness Training is Important

a young male using the eRiskology Information Security Awareness elearning portal

Good information security awareness training can turn your workforce into the strongest line of defence instead of the ‘weakest link’.  Around 70 – 80% of all breaches can be attributed to the human element, yet companies often focus their resource of software-based security solutions. Where do we start? If you haven’t already found our post […]

ONE PRIVACY ‘CLUSTERZUCK’ AFTER ANOTHER.

A picture of Mark Zuckerberg with graffiti over it to look like a vampire. He has a bag of blood next to him what has the label "Personal Data"

If some weird decree came into force that dictated you could only write data privacy related blog posts about one company, then the company I would choose, hands down, every time would be Facebook. This time they’ve been caught out storing our passwords in plain text format and they’ve been doing it in the 100s […]

What’s the difference between Information Security and Cyber Security?

“Ah you want the Security Department, this is the Department of Security” I saw a headline the other day, the basic premise of which was suggesting that IT should take full responsibility for cyber security, removing the onus of it from users, thus allowing creatives to be more, well, creative. To be honest, I didn’t […]

Do NOT follow this link or you will be banned from the site!