Your Security & Resilience Blog

Some companies hired to provide security at conferences cannot undertaken even basic measures. Here are some rules and best practices to follow (in general – and all depends on the overarching risk assessment in view of the nature and size of the conference etc). 1. Identification and access control measures: This includes issuing identification badges to all attendees, staff, and vendors, and implementing access control measures such as checkpoints, turnstiles, Read more…

Marshal’s core purpose to provide strategic resourcing support to organistion operating in dynamic security environments. Underlying this is the objective of each organistion to defend their business value against unexpected disruption. Building robust business resilience is crucial for organizations to withstand disruptions and challenges while continuing to thrive. Here are some steps to help you develop a resilient business: Risk Assessment and Scenario Planning: Start by identifying potential risks that Read more…

Crisis management involves the strategic planning and response to unexpected and disruptive events that can potentially harm an organization’s reputation, operations, or stakeholders. Successful crisis management is crucial for minimizing damage and maintaining the organization’s resilience. Below are some key principles of crisis management: Preparedness: Being proactive and ready for potential crises is essential. This involves conducting risk assessments, scenario planning, and developing a comprehensive crisis management plan. Preparedness ensures Read more…

Due diligence and Due Care are two important concepts in security risk management that aim to reduce and manage potential risks. While they are related, they have distinct roles and functions. Let’s delve into the difference and overlap between the two: 1. Due Diligence: Due diligence refers to the process of conducting a comprehensive and proactive investigation or assessment before making a decision or taking action. In the context of Read more…

Duty of care is a legal concept that refers to the responsibility individuals or organizations have to act in a reasonable manner to prevent harm to others. It is a fundamental principle in various aspects of commerce and industry, emphasizing the need to exercise caution and take appropriate measures to protect the well-being of others who may be affected by their actions or decisions. In the Security and Risk Management Read more…

The corporate security industry can innovate in several ways to adapt to emerging threats and enhance its effectiveness. Like any sector, the core areas for innovative thinking may include personnel, equipment, facilities and training, to consultancy, intelligence, technology and software. Here are some potential areas for innovation: Advanced Technologies: Embrace and leverage advanced technologies to improve security measures. This includes adopting artificial intelligence (AI) and machine learning (ML) algorithms to Read more…

Generative AI refers to the subset of artificial intelligence that involves creating or generating content, such as text, images, or videos. While generative AI has many exciting applications, it also introduces potential security concerns. Here are some aspects to consider regarding the cybersecurity of generative AI: Data privacy: Generative AI models often require large amounts of data for training. Privacy concerns arise when sensitive or personally identifiable information is used Read more…

API security testing is an essential part of ensuring the integrity and protection of an API (Application Programming Interface). Here are some common methods and techniques used to test API security: Input Validation: Test the API for proper input validation to prevent common security vulnerabilities such as injection attacks (e.g., SQL injection, command injection). Verify that the API rejects or sanitizes invalid or malicious inputs. Authentication and Authorization: Test the Read more…