After a short discussion on twitter last week about phishing testing I thought I’d write a short piece on why I think it’s valuable and how we do it. You can read the twitter thread here – as you’ll see it started with the question...
So, what is it you do? I’m often asked by people outside the cyber security industry what is it, in fact, that I do. A reasonable question, and my usual answer is ‘stuff, for people’. Partly that is a hangover from the government days, and partly because consultancy is...
So you’re a start-up and you’re worried about security. Well, caring about cyber security is a good thing, and doing so right at the beginning means you can start right now and ensure you maintain the good practice as you grow. Retro-fitting good security is...
Ransomware is a particularly unpleasant, and very prevalent, form of cyber criminality. It’s called ransomware because you, the victim, are literally held to ransom. All files stored on your computer are encrypted, and the criminals will only provide the key to decrypt when you pay...
We see examples of failures in cyber security every day, frequently from organisations that should know better, such as this failure at the US Department of Defense: https://www.theregister.co.uk/2018/07/11/us_military_manual_dark_net_sale/ They should be doing a lot better. So what can a small or micro business do? TL;DR Secure the...
Security awareness training is a big topic, but something lots of organisations struggle with. While more or less everyone recognises that cyber security is not just a technical problem, and that good user behaviour is vital, actually deciding how to go about achieving this can...