Security & Resilience Dispatches

The corporate security industry can innovate in several ways to adapt to emerging threats and enhance its effectiveness. Like any sector, the core areas for innovative thinking may include personnel, equipment, facilities and training, to consultancy, intelligence, technology and software. Here are some potential areas for innovation: Advanced Technologies: Embrace and leverage advanced technologies to improve security measures. This includes adopting artificial intelligence (AI) and machine learning (ML) algorithms to Read more…

Generative AI refers to the subset of artificial intelligence that involves creating or generating content, such as text, images, or videos. While generative AI has many exciting applications, it also introduces potential security concerns. Here are some aspects to consider regarding the cybersecurity of generative AI: Data privacy: Generative AI models often require large amounts of data for training. Privacy concerns arise when sensitive or personally identifiable information is used Read more…

API security testing is an essential part of ensuring the integrity and protection of an API (Application Programming Interface). Here are some common methods and techniques used to test API security: Input Validation: Test the API for proper input validation to prevent common security vulnerabilities such as injection attacks (e.g., SQL injection, command injection). Verify that the API rejects or sanitizes invalid or malicious inputs. Authentication and Authorization: Test the Read more…

Cultural events such as music festivals can pose a significant security challenge. Several factors need to be considered to ensure the safety and well-being of attendees. Here are some key considerations: Threat Analysis: Assess potential threats specific to the event, such as terrorism, crowd-related incidents, theft, vandalism, and drug-related issues. Consider both external and internal threats. Venue Selection: Evaluate the suitability of the venue in terms of size, layout, accessibility, Read more…

Organisations are increasingly looking to technology as an enabler of their resilience programmes. Why? Because, by facilitating the aggregation of data across business continuity, (BC), operational resilience (OpRes), crisis management, risk and third-party teams, technology can solve many of the pain points faced, whilst improving the quality of best practice and change programmes overall. Technology enablement of their programmes is becoming a key priority. Companies are starting to understand the Read more…

The cyber kill chain, also known as the Lockheed Martin Cyber Kill Chain, is a concept and framework used in the field of cybersecurity to describe the stages of a cyber attack. It provides a systematic approach to understanding and countering the various steps involved in a typical cyber attack. The concept was initially developed by Lockheed Martin in 2011. The cyber kill chain consists of several stages or steps Read more…

Conducting a business impact analysis (BIA) is an important step in assessing the potential effects of disruptions on your business operations. It helps you identify critical processes, prioritize resources, and develop appropriate recovery strategies. Here’s a step-by-step guide to conducting a BIA: Define the scope: Determine the boundaries of your analysis. Identify the business units, departments, or processes that will be included in the assessment. Identify critical business objectives and Read more…

Proactive security intelligence involves the proactive identification, analysis, and response to potential security threats and risks. The components of proactive security intelligence typically include: Threat Intelligence: Gathering information about potential threats, including cyber threats, physical threats, insider threats, and emerging risks. This involves monitoring various sources such as threat feeds, security vendors, industry reports, and open-source intelligence. Vulnerability Management: Identifying and assessing vulnerabilities within an organization’s systems, networks, and applications. Read more…