7 Key Benefits of Red Team Testing for Your Organisation

Red team testing

In an information or cyber security context, a Red Team is a group of ethical hackers that design and execute a series of coordinated technical and social engineering attacks on an organisation’s people, processes, and technology to simulate how an intruder could obtain unauthorised access to its systems or information assets. In simple terms, a […]

Cyber Security and Supply Chain Challenges in the Agrifood Sector

Guest Contributor: Benjamin Turner, Chief Operating Officer, Agrimetrics Shortly after Russia’s invasion of Ukraine, I advocated in a BBC news article and North American technology podcast The Feed that we should regard parts of the UK’s agriculture and agrifood system as critical national infrastructure. What does it mean to be critical national infrastructure, and why […]

Supply Chain Cyber Attacks & How to Prevent Them

“There has been a 742% average annual increase in software supply chain attacks over the past 3 years”[i] The above statistic might seem implausible, but supply chain cyber attacks have become a pressing issue for businesses as the reliance on technology and interconnected systems have grown. These attacks can compromise sensitive information, disrupt operations, and […]

The TIBER EU Framework: What It Is and the Benefit to Financial Institutions

Cyber threats are increasing exponentially year after year. To help organisations protect against these threats, the European Union (EU) has established the TIBER EU framework. It was developed because of concerns about how its member states were managing (or mismanaging) their national cyber security risks and from the clear need for a common framework to […]

ISO 27001 Penetration Testing Requirements – Risk Crew

ISO 27001 Penetration Testing

A common question that comes up when implementing ISO 27001 is: Should I include security penetration testing in my Information Security Management System (ISMS) programme to comply with the ISO 27001 standard and meet auditor expectations? The answer is both yes and no — depending on how you look at it. The standard does not […]

How a Ransomware Readiness Assessment Can Help Your Business Stay Safe

prepare for ransomware

Ransomware is a type of malware that encrypts files and then seeks payment in exchange for the encryption key.  A ransomware readiness assessment is an audit that businesses can undergo to determine their risk level for ransomware. The assessment will help you identify which areas of your organisation are at the highest risk for attack […]

ISO 27001 Compliance Checklist: The Documentation Required

Man with lots of documents on his desk

Documenting your information security management system (ISMS) for evidence of compliance with the ISO 27001:2022 standard can be confusing as it is not clear which documents are mandated and which are discretionary. Consequently, most of us overcompensate and produce far more paperwork than we need causing redundant and conflicting policies to confuse our stakeholders, staff […]

Risk Crew