Your Security & Resilience Blog

What are the Characteristics of APT – Advanced Persistent Threat?

In the context of cybersecurity, APT stands for Advanced Persistent Threat. APT refers to a targeted and sophisticated cyber attack carried out by highly skilled and motivated threat actors, such as nation-states, organized criminal groups, or advanced hacking groups. Unlike typical cyber attacks that aim to exploit vulnerabilities opportunistically, APTs are characterized by their persistence, stealthiness, and long-term focus. APT actors employ a variety of techniques and strategies to gain Read more…

By Marshal, ago

The Importance of Vetting Your Secure Transport Provider

Vetting your secure transport provider is crucial to ensuring the safety and reliability of transportation services. Here are some key reasons that supports the importance of vetting: Security Experience: Vetting allows you to assess the security knowledge of the transport provider. It enables you to evaluate their knowledge of security protocols, risk assessment, emergency response procedures, and defensive driving techniques. This ensures that the provider has the necessary skills and Read more…

By Marshal, ago

What to include in Security Post Orders and Standard Operating Procedures

Security Post Orders and Standard Operating Procedures are of course critical to the smooth running of your guard force. Below is an example outline of what they might include. These can be adopted and adapted to suit the specific security environment in which your organization operates, after undertaking a thorough risk assessment. 1.  Introduction This document outlines the Security Post Order and Standard Operating Procedures (SPO/SOP). These procedures are designed Read more…

By Marshal, ago

What are the principles and practices associated with “Secure by Design”?

With the increasing cyber threat that exists in the world, a new approach to combat it is essential. Teams must own the cyber security risk of their capabilities from concept to disposal and manage it effectively through the lifecycle of the capability. Secure by Design is an approach to cybersecurity that emphasizes building systems and software with security as a fundamental principle from the very beginning of the development process. Read more…

By Marshal, ago

A Travel Risk Management Plan for Higher Education Institutions

1. Introduction: Studying abroad provides valuable opportunities for students to gain international experience and expand their horizons. However, it is crucial for higher education institutions to prioritize the safety and security of their students during study abroad programs. A comprehensive travel risk management plan should be in place to identify potential risks, mitigate them effectively, and respond swiftly in case of emergencies. This plan aims to outline the key components Read more…

By Marshal, ago

What Does Cybersecurity-as-a-Service (CaaS) Entail?

Cybersecurity-as-a-Service (CaaS) refers to the outsourcing of cybersecurity services to a third-party provider, who delivers a range of security measures and solutions as a subscription-based service. CaaS allows organizations to leverage the expertise and resources of specialized cybersecurity providers to enhance their security posture without having to build and maintain an in-house security infrastructure. Here are some key aspects of Cybersecurity-as-a-Service: Security Monitoring and Threat Detection: CaaS providers typically offer Read more…

By Marshal, ago

What Types of Data Need to be Protected?

Various types of data need to be protected to ensure privacy, security, and compliance with regulations. Here are some common categories of data that require protection: Personal Identifiable Information (PII): This includes sensitive information that can identify an individual, such as names, addresses, Social Security numbers, passport numbers, driver’s license numbers, and financial account details. Financial Data: Financial information like bank account numbers, credit card details, transaction records, and investment Read more…

By Marshal, ago

What sort of attacks can be made against a Wi-Fi network?

There are several types of attacks that can target a Wi-Fi network. Here are some common ones, along with brief explanations and suggestions for mitigation: Rogue Access Points (APs): Attackers can set up rogue APs to mimic legitimate networks and trick users into connecting to them. Mitigation involves regularly scanning for unauthorized APs, implementing strong authentication mechanisms, and educating users about the risks of connecting to unknown networks. Eavesdropping: Attackers Read more…

By Marshal, ago

Employee Vetting and Screening Compliance Requirements in ISO 18788 / PSC.1

ISO 18788 and PSC.1 are international standards that provide guidelines for the establishment and implementation of management systems for private security companies (PSCs). These standards focus on ensuring that PSCs operate in a responsible, accountable, and professional manner while providing security services. Within ISO 18788 / PSC.1, employee vetting and screening compliance requirements play a crucial role in ensuring the integrity and reliability of the personnel employed by the PSC. Read more…

By Marshal, ago

What is Defence in Depth in the Context of Cyber Security?

Defense in depth, in the context of cybersecurity, refers to a comprehensive approach that involves deploying multiple layers of security controls and measures to protect computer systems, networks, and data. The concept is based on the principle that relying on a single security measure is insufficient to safeguard against sophisticated cyber threats, and a multi-layered defense strategy is required. The goal of defense in depth is to create a series Read more…

By Marshal, ago