ISO 27001 Certification Cost ISO 27001 is an internationally recognised standard for information security management systems (ISMS). It provides a framework for organisations to establish, implement, maintain, and continually improve their information security practices. ISO 27001 outlines clear requirements for managing risks, safeguarding sensitive information, and ensuring data confidentiality, integrity, and availability within an organisation. […]
What are the Signs of a Social Engineering Attack and How Can you Prevent Them? Social engineering is the most significant risk in the cyber threat landscape today. Over 98%[1] of cyber attacks rely on social engineering target staff as the primary attack vector, but many of you already know that. What are the signs […]
It is estimated that six in ten SMEs that suffer a breach are likely to go out of business within six months. With COVID-19 having a huge impact on profitability this year, no business can easily recover financially from a cyber attack. Cyber security is essential to the business’s risk management programme regardless of size. […]
After 30th December 2020, the Brexit transition period will end. This has implications for the transfer of personally identifiable information (PII) out of the EU/EEA to the UK. To get around this the UK plans to reach an adequacy agreement with the EU so that things can continue pretty much as they are. By incorporating […]
This is a guest article written by Stewart Ruffles. The author’s views are entirely his own and do not necessarily reflect the views of Risk Crew. Enjoy! Technology is a must for many businesses — but it comes at a risk. The extent to which businesses rely on technology varies. Some may manage a modestly […]
Why should we collect metrics in a red team test? Metrics are a valuable way of measuring changes and improvements over time. A red team test is conducted to assess the controls and lack of controls in place to stop an attacker achieving certain goals. By using metrics during red team testing, you can observe […]
We’re proud to announce this new service. Risk Crew, the elite group of information security governance, risk & compliance experts, and the forerunners in the design & delivery of innovative & effective solutions, is proud to announce an addition to the GRC portfolio of services: SOC 2! What is SOC 2? SOC 2 is a […]
A successful penetration test requires good preparation with an airtight service-level contract between the customer and a supplier that helps both to achieve the ultimate goal: security. Listed in this post are some important items to include in the contract. These are by no means a full and comprehensive list but should serve to help […]
What is cyber security after COVID-19? We have now passed the stage of emergency policies and procedures being implemented, new technology being procured outside a normal tender and we have determined our businesses tasks that cannot be performed remotely since they require strict supervision. There were a few hiccups, lessons learned, but we are there […]
We have all seen how fast things can change in 2020 but the one thing that has not changed is the number of security breaches. In fact, the coronavirus increased the security threat landscape. One reason for this increase is due to the working from home (WFH) environment created more vulnerabilities and avenues for attacks. […]