Security & Resilience Dispatches

The application programming interface (API) has become integral to setting up functionality and flexibility. But they’re also potential attack vectors that need to be high on the security team’s radar. When it comes to ensuring the security of third-party APIs, following best practices is crucial to protect your systems, data, and users from potential vulnerabilities and threats. Here are five key practices to consider: Thoroughly evaluate third-party APIs: Before integrating Read more…

Leading Security Operations Centers (SOCs) typically adhere to the following principles: Proactive Threat Intelligence: Leading SOCs prioritize proactive threat intelligence gathering and analysis. They invest in tools, technologies, and resources to continuously monitor and analyze emerging threats, vulnerabilities, and attack techniques. By staying ahead of potential risks, they can develop effective mitigation strategies. Comprehensive Visibility: SOC leaders recognize the importance of comprehensive visibility across their network infrastructure, systems, and applications. Read more…

Proactive risk intelligence refers to the practice of identifying and assessing potential risks and threats to an organization’s objectives before they occur. It involves gathering information, analyzing data, and applying insights to anticipate and mitigate risks in a proactive manner. By adopting proactive risk intelligence, organizations can better prepare themselves for potential disruptions, make informed decisions, and enhance their overall risk management strategies. Here are some key aspects and benefits Read more…

Thanks to digital transformation, organisations are connecting more and more Extended Internet of Things (XIoT) devices to their corporate networks. XIoT is a term that encompasses all cyber-physical systems, from operational technology (OT) and Industrial Control Systems (ICS) to Internet of Things (IoT) devices, Industrial IoTs, and Internet of Medical Things (IoMT). One sector that has seen rapid growth in the number of XIoT devices is Critical National Infrastructure (CNI). Read more…

Cyber-physical systems (CPS) refer to the integration of physical components with computer-based systems, resulting in a network of interconnected devices, sensors, and actuators. These systems are extensively used in critical national infrastructure, such as power grids, transportation systems, healthcare facilities, and industrial control systems. While CPS offer numerous benefits, they also introduce new security challenges, some of which can have potentially catastrophic consequences for critical infrastructure. Here are a few Read more…

In the context of cybersecurity, APT stands for Advanced Persistent Threat. APT refers to a targeted and sophisticated cyber attack carried out by highly skilled and motivated threat actors, such as nation-states, organized criminal groups, or advanced hacking groups. Unlike typical cyber attacks that aim to exploit vulnerabilities opportunistically, APTs are characterized by their persistence, stealthiness, and long-term focus. APT actors employ a variety of techniques and strategies to gain Read more…

Security Post Orders and Standard Operating Procedures are of course critical to the smooth running of your guard force. Below is an example outline of what they might include. These can be adopted and adapted to suit the specific security environment in which your organization operates, after undertaking a thorough risk assessment. 1.  Introduction This document outlines the Security Post Order and Standard Operating Procedures (SPO/SOP). These procedures are designed Read more…